From 779a86f93398928f5798a2e438943908c7f59a8f Mon Sep 17 00:00:00 2001
From: hwdsl2 <hwdsl2@users.noreply.github.com>
Date: Fri, 13 Aug 2021 02:11:31 -0500
Subject: [PATCH] Cleanup

---
 extras/quickstart.sh | 15 ++++++++++++---
 vpnsetup_amzn.sh     |  8 ++------
 vpnsetup_centos.sh   |  7 ++-----
 vpnsetup_ubuntu.sh   |  7 ++-----
 4 files changed, 18 insertions(+), 19 deletions(-)
 mode change 100644 => 100755 extras/quickstart.sh

diff --git a/extras/quickstart.sh b/extras/quickstart.sh
old mode 100644
new mode 100755
index 8b33824..d8c7fd2
--- a/extras/quickstart.sh
+++ b/extras/quickstart.sh
@@ -98,6 +98,14 @@ check_iface() {
   fi
 }
 
+check_iptables() {
+  if [ "$os_type" = "ubuntu" ] || [ "$os_type" = "debian" ] || [ "$os_type" = "raspbian" ]; then
+    if [ -x /sbin/iptables ] && ! iptables -nL INPUT >/dev/null 2>&1; then
+      exiterr "IPTables check failed. Reboot and re-run this script."
+    fi
+  fi
+}
+
 install_wget() {
   if [ "$os_type" = "ubuntu" ] || [ "$os_type" = "debian" ] || [ "$os_type" = "raspbian" ]; then
     export DEBIAN_FRONTEND=noninteractive
@@ -119,7 +127,7 @@ install_wget() {
 
 get_setup_url() {
   base_url="https://github.com/hwdsl2/setup-ipsec-vpn/raw/master"
-  sh_file="vpnsetup.sh"
+  sh_file="vpnsetup_ubuntu.sh"
   if [ "$os_type" = "centos" ] || [ "$os_type" = "rhel" ] || [ "$os_type" = "rocky" ] || [ "$os_type" = "alma" ]; then
     sh_file="vpnsetup_centos.sh"
   elif [ "$os_type" = "amzn" ]; then
@@ -133,8 +141,8 @@ run_setup() {
   get_setup_url
   TMPDIR=$(mktemp -d /tmp/vpnsetup.XXXXX 2>/dev/null)
   if [ -d "$TMPDIR" ]; then
-    if ( set -x; wget -t 3 -T 30 -q -O "$TMPDIR/vpn.sh" "$setup_url"; ); then
-      if ( set -x; /bin/sh "$TMPDIR/vpn.sh"; ); then
+    if ( set -x; wget -t 3 -T 30 -q -O "$TMPDIR/vpn.sh" "$setup_url" ); then
+      if /bin/sh "$TMPDIR/vpn.sh"; then
         if [ -s /opt/src/ikev2.sh ] && [ ! -f /etc/ipsec.d/ikev2.conf ]; then
           sleep 1
           /bin/bash /opt/src/ikev2.sh --auto || status=1
@@ -158,6 +166,7 @@ quickstart() {
   check_vz
   check_os
   check_iface
+  check_iptables
   install_wget
   get_setup_url
   run_setup
diff --git a/vpnsetup_amzn.sh b/vpnsetup_amzn.sh
index 788a43c..2cd92f1 100755
--- a/vpnsetup_amzn.sh
+++ b/vpnsetup_amzn.sh
@@ -50,10 +50,7 @@ vpnsetup() {
 
 os_arch=$(uname -m | tr -dc 'A-Za-z0-9_-')
 if ! grep -qs "Amazon Linux release 2" /etc/system-release; then
-  echo "Error: This script only supports Amazon Linux 2." >&2
-  echo "For Ubuntu/Debian, use https://git.io/vpnsetup" >&2
-  echo "For CentOS/RHEL, use https://git.io/vpnsetup-centos" >&2
-  exit 1
+  exiterr "This script only supports Amazon Linux 2."
 fi
 
 if [ "$(id -u)" != 0 ]; then
@@ -123,11 +120,10 @@ bigecho "Installing packages required for setup..."
 
 bigecho "Trying to auto discover IP of this server..."
 
-# In case auto IP discovery fails, enter server's public IP here.
 public_ip=${VPN_PUBLIC_IP:-''}
 check_ip "$public_ip" || public_ip=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short)
 check_ip "$public_ip" || public_ip=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com)
-check_ip "$public_ip" || exiterr "Cannot detect this server's public IP. Edit the script and manually enter it."
+check_ip "$public_ip" || exiterr "Cannot detect this server's public IP. Define it as variable 'VPN_PUBLIC_IP' and re-run this script."
 
 bigecho "Adding the EPEL repository..."
 
diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh
index 6cedecd..fcd2876 100755
--- a/vpnsetup_centos.sh
+++ b/vpnsetup_centos.sh
@@ -63,9 +63,7 @@ elif grep -qs "release 8" "$rh_file"; then
   grep -qi rocky "$rh_file" && os_type=rocky
   grep -qi alma "$rh_file" && os_type=alma
 else
-  echo "Error: This script only supports CentOS/RHEL 7 and 8." >&2
-  echo "For Ubuntu/Debian, use https://git.io/vpnsetup" >&2
-  exit 1
+  exiterr "This script only supports CentOS/RHEL 7 and 8."
 fi
 
 if [ -f /proc/user_beancounters ]; then
@@ -139,11 +137,10 @@ bigecho "Installing packages required for setup..."
 
 bigecho "Trying to auto discover IP of this server..."
 
-# In case auto IP discovery fails, enter server's public IP here.
 public_ip=${VPN_PUBLIC_IP:-''}
 check_ip "$public_ip" || public_ip=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short)
 check_ip "$public_ip" || public_ip=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com)
-check_ip "$public_ip" || exiterr "Cannot detect this server's public IP. Edit the script and manually enter it."
+check_ip "$public_ip" || exiterr "Cannot detect this server's public IP. Define it as variable 'VPN_PUBLIC_IP' and re-run this script."
 
 bigecho "Adding the EPEL repository..."
 
diff --git a/vpnsetup_ubuntu.sh b/vpnsetup_ubuntu.sh
index a21f559..c829a54 100755
--- a/vpnsetup_ubuntu.sh
+++ b/vpnsetup_ubuntu.sh
@@ -63,9 +63,7 @@ case $os_type in
     os_type=raspbian
     ;;
   *)
-    echo "Error: This script only supports Ubuntu and Debian." >&2
-    echo "For CentOS/RHEL, use https://git.io/vpnsetup-centos" >&2
-    exit 1
+    exiterr "This script only supports Ubuntu and Debian."
     ;;
 esac
 
@@ -171,11 +169,10 @@ export DEBIAN_FRONTEND=noninteractive
 
 bigecho "Trying to auto discover IP of this server..."
 
-# In case auto IP discovery fails, enter server's public IP here.
 public_ip=${VPN_PUBLIC_IP:-''}
 check_ip "$public_ip" || public_ip=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short)
 check_ip "$public_ip" || public_ip=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com)
-check_ip "$public_ip" || exiterr "Cannot detect this server's public IP. Edit the script and manually enter it."
+check_ip "$public_ip" || exiterr "Cannot detect this server's public IP. Define it as variable 'VPN_PUBLIC_IP' and re-run this script."
 
 bigecho "Installing packages required for the VPN..."