From a5a1f4adb151abfce5fd7db70071de04f5dca3b0 Mon Sep 17 00:00:00 2001
From: hwdsl2 <hwdsl2@users.noreply.github.com>
Date: Sun, 3 Jan 2021 14:05:13 -0600
Subject: [PATCH] Cleanup
---
extras/vpnupgrade.sh | 10 +++++-----
extras/vpnupgrade_amzn.sh | 4 ++--
extras/vpnupgrade_centos.sh | 16 +++++++--------
vpnsetup.sh | 35 +++++++++++++++------------------
vpnsetup_amzn.sh | 27 ++++++++++++-------------
vpnsetup_centos.sh | 39 +++++++++++++++++--------------------
6 files changed, 61 insertions(+), 70 deletions(-)
diff --git a/extras/vpnupgrade.sh b/extras/vpnupgrade.sh
index c86fbbc..36a65f5 100644
--- a/extras/vpnupgrade.sh
+++ b/extras/vpnupgrade.sh
@@ -45,8 +45,8 @@ case $os_type in
;;
esac
-debian_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9')
-if [ "$debian_ver" = "8" ] || [ "$debian_ver" = "jessiesid" ]; then
+os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9')
+if [ "$os_ver" = "8" ] || [ "$os_ver" = "jessiesid" ]; then
exiterr "Debian 8 or Ubuntu < 16.04 is not supported."
fi
@@ -84,14 +84,14 @@ EOF
fi
swan_ver_cur=4.1
-swan_ver_url="https://dl.ls20.com/v1/$os_type/$debian_ver/swanverupg?arch=$os_arch&ver=$swan_ver_cur&ver2=$SWAN_VER"
+swan_ver_url="https://dl.ls20.com/v1/$os_type/$os_ver/swanverupg?arch=$os_arch&ver=$swan_ver_cur&ver2=$SWAN_VER"
swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url")
if ! printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$'; then
swan_ver_latest=$swan_ver_cur
fi
if [ "$swan_ver_cur" != "$swan_ver_latest" ]; then
- echo "Note: A newer version of this script is available, which can install Libreswan $swan_ver_latest."
- echo "To download and run the latest version:"
+ echo "Note: A newer version of Libreswan ($swan_ver_latest) is available."
+ echo "To update to the new version, exit the script and run:"
echo " wget https://git.io/vpnupgrade -O vpnupgrade.sh"
echo " sudo sh vpnupgrade.sh"
echo
diff --git a/extras/vpnupgrade_amzn.sh b/extras/vpnupgrade_amzn.sh
index ea73162..d0c2ea6 100644
--- a/extras/vpnupgrade_amzn.sh
+++ b/extras/vpnupgrade_amzn.sh
@@ -69,8 +69,8 @@ if ! printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9
swan_ver_latest=$swan_ver_cur
fi
if [ "$swan_ver_cur" != "$swan_ver_latest" ]; then
- echo "Note: A newer version of this script is available, which can install Libreswan $swan_ver_latest."
- echo "To download and run the latest version:"
+ echo "Note: A newer version of Libreswan ($swan_ver_latest) is available."
+ echo "To update to the new version, exit the script and run:"
echo " wget https://git.io/vpnupgrade-amzn -O vpnupgrade.sh"
echo " sudo sh vpnupgrade.sh"
echo
diff --git a/extras/vpnupgrade_centos.sh b/extras/vpnupgrade_centos.sh
index 7abe411..71e394c 100644
--- a/extras/vpnupgrade_centos.sh
+++ b/extras/vpnupgrade_centos.sh
@@ -25,6 +25,12 @@ exiterr2() { exiterr "'yum install' failed."; }
vpnupgrade() {
+os_type=centos
+os_arch=$(uname -m | tr -dc 'A-Za-z0-9_-')
+if grep -qs "Red Hat" /etc/redhat-release; then
+ os_type=rhel
+fi
+
if grep -qs "release 7" /etc/redhat-release; then
os_ver=7
elif grep -qs "release 8" /etc/redhat-release; then
@@ -35,12 +41,6 @@ else
exit 1
fi
-os_type=centos
-os_arch=$(uname -m | tr -dc 'A-Za-z0-9_-')
-if grep -qs "Red Hat" /etc/redhat-release; then
- os_type=rhel
-fi
-
if [ -f /proc/user_beancounters ]; then
exiterr "OpenVZ VPS is not supported."
fi
@@ -81,8 +81,8 @@ if ! printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9
swan_ver_latest=$swan_ver_cur
fi
if [ "$swan_ver_cur" != "$swan_ver_latest" ]; then
- echo "Note: A newer version of this script is available, which can install Libreswan $swan_ver_latest."
- echo "To download and run the latest version:"
+ echo "Note: A newer version of Libreswan ($swan_ver_latest) is available."
+ echo "To update to the new version, exit the script and run:"
echo " wget https://git.io/vpnupgrade-centos -O vpnupgrade.sh"
echo " sudo sh vpnupgrade.sh"
echo
diff --git a/vpnsetup.sh b/vpnsetup.sh
index a9b2fad..e4cf447 100755
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@@ -68,11 +68,11 @@ case $os_type in
;;
esac
-debian_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9')
-if [ "$debian_ver" = "8" ] || [ "$debian_ver" = "jessiesid" ]; then
+os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9')
+if [ "$os_ver" = "8" ] || [ "$os_ver" = "jessiesid" ]; then
exiterr "Debian 8 or Ubuntu < 16.04 is not supported."
fi
-if [ "$debian_ver" = "10" ] && [ ! -e /dev/ppp ]; then
+if [ "$os_ver" = "10" ] && [ ! -e /dev/ppp ]; then
exiterr "/dev/ppp is missing. Debian 10 users, see: https://git.io/vpndebian10"
fi
@@ -150,7 +150,7 @@ PKG_LK=/var/lib/dpkg/lock
while fuser "$APT_LK" "$PKG_LK" >/dev/null 2>&1 \
|| lsof "$APT_LK" >/dev/null 2>&1 || lsof "$PKG_LK" >/dev/null 2>&1; do
[ "$count" = "0" ] && bigecho "Waiting for apt to be available..."
- [ "$count" -ge "60" ] && exiterr "Could not get apt/dpkg lock."
+ [ "$count" -ge "100" ] && exiterr "Could not get apt/dpkg lock."
count=$((count+1))
printf '%s' '.'
sleep 3
@@ -198,11 +198,6 @@ SWAN_VER=4.1
swan_file="libreswan-$SWAN_VER.tar.gz"
swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
swan_url2="https://download.libreswan.org/$swan_file"
-swan_ver_url="https://dl.ls20.com/v1/$os_type/$debian_ver/swanver?arch=$os_arch&ver=$SWAN_VER"
-swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url")
-if ! printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$'; then
- swan_ver_latest=$SWAN_VER
-fi
if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
exit 1
fi
@@ -260,7 +255,6 @@ version 2.0
config setup
virtual-private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!$L2TP_NET,%v4:!$XAUTH_NET
- protostack=netkey
interfaces=%defaultroute
uniqueids=no
@@ -514,6 +508,18 @@ service fail2ban restart 2>/dev/null
service ipsec restart 2>/dev/null
service xl2tpd restart 2>/dev/null
+swan_ver_url="https://dl.ls20.com/v1/$os_type/$os_ver/swanver?arch=$os_arch&ver=$SWAN_VER"
+swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url")
+if printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$' \
+ && [ "$SWAN_VER" != "$swan_ver_latest" ]; then
+cat <<EOF
+
+Note: A newer version of Libreswan ($swan_ver_latest) is available. To update, run:
+ wget https://git.io/vpnupgrade -O vpnupgrade.sh
+ sudo sh vpnupgrade.sh
+EOF
+fi
+
cat <<EOF
================================================
@@ -537,15 +543,6 @@ IKEv2 guide: https://git.io/ikev2
EOF
-if [ "$SWAN_VER" != "$swan_ver_latest" ]; then
-cat <<EOF
-Note: A newer Libreswan version $swan_ver_latest is available. To upgrade:
- wget https://git.io/vpnupgrade -O vpnupgrade.sh
- sudo sh vpnupgrade.sh
-
-EOF
-fi
-
}
## Defer setup until we have the complete script
diff --git a/vpnsetup_amzn.sh b/vpnsetup_amzn.sh
index 8c0883d..56eebad 100644
--- a/vpnsetup_amzn.sh
+++ b/vpnsetup_amzn.sh
@@ -159,11 +159,6 @@ SWAN_VER=4.1
swan_file="libreswan-$SWAN_VER.tar.gz"
swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
swan_url2="https://download.libreswan.org/$swan_file"
-swan_ver_url="https://dl.ls20.com/v1/amzn/2/swanver?arch=$os_arch&ver=$SWAN_VER"
-swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url")
-if ! printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$'; then
- swan_ver_latest=$SWAN_VER
-fi
if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
exit 1
fi
@@ -210,7 +205,6 @@ version 2.0
config setup
virtual-private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!$L2TP_NET,%v4:!$XAUTH_NET
- protostack=netkey
interfaces=%defaultroute
uniqueids=no
@@ -432,6 +426,18 @@ service fail2ban restart 2>/dev/null
service ipsec restart 2>/dev/null
service xl2tpd restart 2>/dev/null
+swan_ver_url="https://dl.ls20.com/v1/amzn/2/swanver?arch=$os_arch&ver=$SWAN_VER"
+swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url")
+if printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$' \
+ && [ "$SWAN_VER" != "$swan_ver_latest" ]; then
+cat <<EOF
+
+Note: A newer version of Libreswan ($swan_ver_latest) is available. To update, run:
+ wget https://git.io/vpnupgrade-amzn -O vpnupgrade.sh
+ sudo sh vpnupgrade.sh
+EOF
+fi
+
cat <<EOF
================================================
@@ -455,15 +461,6 @@ IKEv2 guide: https://git.io/ikev2
EOF
-if [ "$SWAN_VER" != "$swan_ver_latest" ]; then
-cat <<EOF
-Note: A newer Libreswan version $swan_ver_latest is available. To upgrade:
- wget https://git.io/vpnupgrade-amzn -O vpnupgrade.sh
- sudo sh vpnupgrade.sh
-
-EOF
-fi
-
}
## Defer setup until we have the complete script
diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh
index e75aa18..31b8fc8 100755
--- a/vpnsetup_centos.sh
+++ b/vpnsetup_centos.sh
@@ -48,6 +48,12 @@ check_ip() {
vpnsetup() {
+os_type=centos
+os_arch=$(uname -m | tr -dc 'A-Za-z0-9_-')
+if grep -qs "Red Hat" /etc/redhat-release; then
+ os_type=rhel
+fi
+
if grep -qs "release 7" /etc/redhat-release; then
os_ver=7
elif grep -qs "release 8" /etc/redhat-release; then
@@ -58,12 +64,6 @@ else
exit 1
fi
-os_type=centos
-os_arch=$(uname -m | tr -dc 'A-Za-z0-9_-')
-if grep -qs "Red Hat" /etc/redhat-release; then
- os_type=rhel
-fi
-
if [ -f /proc/user_beancounters ]; then
exiterr "OpenVZ VPS is not supported."
fi
@@ -190,11 +190,6 @@ SWAN_VER=4.1
swan_file="libreswan-$SWAN_VER.tar.gz"
swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
swan_url2="https://download.libreswan.org/$swan_file"
-swan_ver_url="https://dl.ls20.com/v1/$os_type/$os_ver/swanver?arch=$os_arch&ver=$SWAN_VER"
-swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url")
-if ! printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$'; then
- swan_ver_latest=$SWAN_VER
-fi
if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
exit 1
fi
@@ -241,7 +236,6 @@ version 2.0
config setup
virtual-private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!$L2TP_NET,%v4:!$XAUTH_NET
- protostack=netkey
interfaces=%defaultroute
uniqueids=no
@@ -500,6 +494,18 @@ service fail2ban restart 2>/dev/null
service ipsec restart 2>/dev/null
service xl2tpd restart 2>/dev/null
+swan_ver_url="https://dl.ls20.com/v1/$os_type/$os_ver/swanver?arch=$os_arch&ver=$SWAN_VER"
+swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url")
+if printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9])\.([0-9]|[1-9][0-9])$' \
+ && [ "$SWAN_VER" != "$swan_ver_latest" ]; then
+cat <<EOF
+
+Note: A newer version of Libreswan ($swan_ver_latest) is available. To update, run:
+ wget https://git.io/vpnupgrade-centos -O vpnupgrade.sh
+ sudo sh vpnupgrade.sh
+EOF
+fi
+
cat <<EOF
================================================
@@ -523,15 +529,6 @@ IKEv2 guide: https://git.io/ikev2
EOF
-if [ "$SWAN_VER" != "$swan_ver_latest" ]; then
-cat <<EOF
-Note: A newer Libreswan version $swan_ver_latest is available. To upgrade:
- wget https://git.io/vpnupgrade-centos -O vpnupgrade.sh
- sudo sh vpnupgrade.sh
-
-EOF
-fi
-
}
## Defer setup until we have the complete script