From a0f2345c3b7e2a459a7de6ba3e0b789ac63a2eb4 Mon Sep 17 00:00:00 2001 From: hwdsl2 Date: Mon, 16 May 2022 21:43:56 -0500 Subject: [PATCH] Improve subnet check - Improve check for custom VPN subnets. Ref: 95d9fc4 --- vpnsetup_alpine.sh | 10 ++++++---- vpnsetup_amzn.sh | 10 ++++++---- vpnsetup_centos.sh | 10 ++++++---- vpnsetup_ubuntu.sh | 10 ++++++---- 4 files changed, 24 insertions(+), 16 deletions(-) diff --git a/vpnsetup_alpine.sh b/vpnsetup_alpine.sh index afd5b7e..e931aa3 100755 --- a/vpnsetup_alpine.sh +++ b/vpnsetup_alpine.sh @@ -147,10 +147,12 @@ check_client_name() { } check_subnets() { - if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \ - || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then - if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then - echo "Error: You may only specify custom subnets during initial VPN install." >&2 + if [ -s /etc/ipsec.conf ] && grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then + L2TP_NET=${VPN_L2TP_NET:-'192.168.42.0/24'} + XAUTH_NET=${VPN_XAUTH_NET:-'192.168.43.0/24'} + if ! grep -q "$L2TP_NET" /etc/ipsec.conf \ + || ! grep -q "$XAUTH_NET" /etc/ipsec.conf; then + echo "Error: The custom VPN subnets specified do not match initial install." >&2 echo " See Advanced usage -> Customize VPN subnets for more information." >&2 exit 1 fi diff --git a/vpnsetup_amzn.sh b/vpnsetup_amzn.sh index dce1c94..e9079b8 100755 --- a/vpnsetup_amzn.sh +++ b/vpnsetup_amzn.sh @@ -129,10 +129,12 @@ check_client_name() { } check_subnets() { - if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \ - || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then - if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then - echo "Error: You may only specify custom subnets during initial VPN install." >&2 + if [ -s /etc/ipsec.conf ] && grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then + L2TP_NET=${VPN_L2TP_NET:-'192.168.42.0/24'} + XAUTH_NET=${VPN_XAUTH_NET:-'192.168.43.0/24'} + if ! grep -q "$L2TP_NET" /etc/ipsec.conf \ + || ! grep -q "$XAUTH_NET" /etc/ipsec.conf; then + echo "Error: The custom VPN subnets specified do not match initial install." >&2 echo " See Advanced usage -> Customize VPN subnets for more information." >&2 exit 1 fi diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh index 8fb2003..5d7439e 100755 --- a/vpnsetup_centos.sh +++ b/vpnsetup_centos.sh @@ -168,10 +168,12 @@ check_client_name() { } check_subnets() { - if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \ - || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then - if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then - echo "Error: You may only specify custom subnets during initial VPN install." >&2 + if [ -s /etc/ipsec.conf ] && grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then + L2TP_NET=${VPN_L2TP_NET:-'192.168.42.0/24'} + XAUTH_NET=${VPN_XAUTH_NET:-'192.168.43.0/24'} + if ! grep -q "$L2TP_NET" /etc/ipsec.conf \ + || ! grep -q "$XAUTH_NET" /etc/ipsec.conf; then + echo "Error: The custom VPN subnets specified do not match initial install." >&2 echo " See Advanced usage -> Customize VPN subnets for more information." >&2 exit 1 fi diff --git a/vpnsetup_ubuntu.sh b/vpnsetup_ubuntu.sh index 65eb64c..50b3e45 100755 --- a/vpnsetup_ubuntu.sh +++ b/vpnsetup_ubuntu.sh @@ -166,10 +166,12 @@ check_client_name() { } check_subnets() { - if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \ - || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then - if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then - echo "Error: You may only specify custom subnets during initial VPN install." >&2 + if [ -s /etc/ipsec.conf ] && grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then + L2TP_NET=${VPN_L2TP_NET:-'192.168.42.0/24'} + XAUTH_NET=${VPN_XAUTH_NET:-'192.168.43.0/24'} + if ! grep -q "$L2TP_NET" /etc/ipsec.conf \ + || ! grep -q "$XAUTH_NET" /etc/ipsec.conf; then + echo "Error: The custom VPN subnets specified do not match initial install." >&2 echo " See Advanced usage -> Customize VPN subnets for more information." >&2 exit 1 fi