Improve subnet check

- Improve check for custom VPN subnets. Ref: 95d9fc4
2024-06-15 18:34:28 +02:00 · 2022-05-16 21:43:56 -05:00 · 2022-05-16 21:43:56 -05:00 · a0f2345c3b
commit a0f2345c3b
parent 1dd7835107
4 changed files with 24 additions and 16 deletions
--- a/vpnsetup_alpine.sh
+++ b/vpnsetup_alpine.sh
@ -147,10 +147,12 @@ check_client_name() {
 }

 check_subnets() {
-  if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \
-    || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then
-    if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
-      echo "Error: You may only specify custom subnets during initial VPN install." >&2
+  if [ -s /etc/ipsec.conf ] && grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
+    L2TP_NET=${VPN_L2TP_NET:-'192.168.42.0/24'}
+    XAUTH_NET=${VPN_XAUTH_NET:-'192.168.43.0/24'}
+    if ! grep -q "$L2TP_NET" /etc/ipsec.conf \
+      || ! grep -q "$XAUTH_NET" /etc/ipsec.conf; then
+      echo "Error: The custom VPN subnets specified do not match initial install." >&2
      echo "       See Advanced usage -> Customize VPN subnets for more information." >&2
      exit 1
    fi
--- a/vpnsetup_amzn.sh
+++ b/vpnsetup_amzn.sh
@ -129,10 +129,12 @@ check_client_name() {
 }

 check_subnets() {
-  if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \
-    || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then
-    if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
-      echo "Error: You may only specify custom subnets during initial VPN install." >&2
+  if [ -s /etc/ipsec.conf ] && grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
+    L2TP_NET=${VPN_L2TP_NET:-'192.168.42.0/24'}
+    XAUTH_NET=${VPN_XAUTH_NET:-'192.168.43.0/24'}
+    if ! grep -q "$L2TP_NET" /etc/ipsec.conf \
+      || ! grep -q "$XAUTH_NET" /etc/ipsec.conf; then
+      echo "Error: The custom VPN subnets specified do not match initial install." >&2
      echo "       See Advanced usage -> Customize VPN subnets for more information." >&2
      exit 1
    fi
--- a/vpnsetup_centos.sh
+++ b/vpnsetup_centos.sh
@ -168,10 +168,12 @@ check_client_name() {
 }

 check_subnets() {
-  if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \
-    || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then
-    if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
-      echo "Error: You may only specify custom subnets during initial VPN install." >&2
+  if [ -s /etc/ipsec.conf ] && grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
+    L2TP_NET=${VPN_L2TP_NET:-'192.168.42.0/24'}
+    XAUTH_NET=${VPN_XAUTH_NET:-'192.168.43.0/24'}
+    if ! grep -q "$L2TP_NET" /etc/ipsec.conf \
+      || ! grep -q "$XAUTH_NET" /etc/ipsec.conf; then
+      echo "Error: The custom VPN subnets specified do not match initial install." >&2
      echo "       See Advanced usage -> Customize VPN subnets for more information." >&2
      exit 1
    fi
--- a/vpnsetup_ubuntu.sh
+++ b/vpnsetup_ubuntu.sh
@ -166,10 +166,12 @@ check_client_name() {
 }

 check_subnets() {
-  if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \
-    || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then
-    if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
-      echo "Error: You may only specify custom subnets during initial VPN install." >&2
+  if [ -s /etc/ipsec.conf ] && grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
+    L2TP_NET=${VPN_L2TP_NET:-'192.168.42.0/24'}
+    XAUTH_NET=${VPN_XAUTH_NET:-'192.168.43.0/24'}
+    if ! grep -q "$L2TP_NET" /etc/ipsec.conf \
+      || ! grep -q "$XAUTH_NET" /etc/ipsec.conf; then
+      echo "Error: The custom VPN subnets specified do not match initial install." >&2
      echo "       See Advanced usage -> Customize VPN subnets for more information." >&2
      exit 1
    fi