Add fix iptables help to debug script (1/2)

This commit is contained in:
Kaladin Light 2016-12-11 13:36:14 -05:00
parent 6b406ffb27
commit 22b5bfef68
7 changed files with 37 additions and 10 deletions

View file

@ -384,7 +384,8 @@ installScripts() {
$SUDO cp /etc/.pivpn/scripts/removeOVPN.sh /opt/pivpn/removeOVPN.sh
$SUDO cp /etc/.pivpn/scripts/uninstall.sh /opt/pivpn/uninstall.sh
$SUDO cp /etc/.pivpn/scripts/pivpnDebug.sh /opt/pivpn/pivpnDebug.sh
$SUDO chmod 0755 /opt/pivpn/{makeOVPN,clientStat,listOVPN,removeOVPN,uninstall,pivpnDebug}.sh
$SUDO cp /etc/.pivpn/scripts/fix_iptables.sh /opt/pivpn/fix_iptables.sh
$SUDO chmod 0755 /opt/pivpn/{makeOVPN,clientStat,listOVPN,removeOVPN,uninstall,pivpnDebug,fix_iptables}.sh
$SUDO cp /etc/.pivpn/pivpn /usr/local/bin/pivpn
$SUDO chmod 0755 /usr/local/bin/pivpn
$SUDO cp /etc/.pivpn/scripts/bash-completion /etc/bash_completion.d/pivpn

21
pivpn
View file

@ -27,12 +27,31 @@ function listOVPNFunc {
}
function debugFunc {
noUFW=$(cat /etc/pivpn/noUFW)
echo "::: Generating Debug Output"
$SUDO /opt/pivpn/pivpnDebug.sh | tee /tmp/debug.txt
$SUDO . /opt/pivpn/pivpnDebug.sh | tee /tmp/debug.txt
echo "::: "
echo "::: Debug output completed above."
echo "::: Copy saved to /tmp/debug.txt"
echo "::: "
if [[ ${noUFW} -eq 1 ]]; then
IPTABLES_FIX=`iptables -t nat -L -n -v | grep -c 'MASQUERADE.*10.8.0.0\/24'`
iptables -t nat -L -n -v | grep -q 'MASQUERADE.*10.8.0.0\/24'
if [ $? = 0 ]; then
echo Good, rule exists
else
echo in rule does not exist area
IPTABLES_FIX=2
fi
if [[ ${IPTABLES_FIX} -gt 1 ]]; then
echo "::: We detected some potential issues with your iptables."
read -p "::: Would you like us to try to fix this? [y/n]: " -n 1 -r
echo
if [[ ${REPLY} =~ ^[Yy]$ ]]; then
$SUDO /opt/pivpn/fix_iptables.sh
fi
fi
fi
exit 1
}

5
scripts/fix_iptables.sh Normal file
View file

@ -0,0 +1,5 @@
#!/usr/bin/env bash
# PiVPN: Fix iptables script
# called by pivpnDebug.sh
echo "I don't exist yet..."

View file

@ -17,7 +17,7 @@ function keynoPASS() {
#Build the client key
expect << EOF
set timeout -1
spawn ./easyrsa build-client-full "$NAME" nopass
spawn ./easyrsa build-client-full "${NAME}" nopass
expect eof
EOF
@ -59,7 +59,7 @@ function keyPASS() {
expect << EOF
set timeout -1
spawn ./easyrsa build-client-full "$NAME"
spawn ./easyrsa build-client-full "${NAME}"
expect "Enter PEM pass phrase" { send "${PASSWD}\r" }
expect "Verifying - Enter PEM pass phrase" { send "${PASSWD}\r" }
expect eof

View file

@ -14,6 +14,8 @@ for filename in /etc/pivpn/*; do
done
printf ":::\t\t\t\t\t:::\n:: /etc/openvpn/easy-rsa/pki/Default.txt ::\n:::\t\t\t\t\t:::\n"
cat /etc/openvpn/easy-rsa/pki/Default.txt
printf ":::\t\t\t\t\t:::\n::\tOutput of iptables\t\t ::\n:::\t\t\t\t\t:::\n"
iptables -t nat -L -n -v
if [[ ${noUFW} -eq 1 ]]; then
printf ":::\t\t\t\t\t:::\n::\tOutput of iptables\t\t ::\n:::\t\t\t\t\t:::\n"
iptables -t nat -L -n -v
fi
printf ":::\t\t\t\t\t:::\n::\tDebug Output Complete\t\t ::\n:::\t\t\t\t\t:::\n"

View file

@ -17,9 +17,9 @@ printf " ::\e[4m Certificate List \e[0m:: \n"
i=0
while read -r line || [ -n "$line" ]; do
STATUS=$(echo "$line" | awk '{print $1}')
if [[ "$STATUS" = "V" ]]; then
if [[ "${STATUS}" = "V" ]]; then
NAME=$(echo "$line" | sed -e 's:.*/CN=::')
CERTS[$i]=$NAME
CERTS[$i]=${NAME}
if [ "$i" != 0 ]; then
# Prevent printing "server" certificate
printf " %s\n" "$NAME"
@ -73,6 +73,6 @@ printf "::: Removing certs and client configuration for this profile.\n"
rm -rf "pki/reqs/${NAME}.req"
rm -rf "pki/private/${NAME}.key"
rm -rf "pki/issued/${NAME}.crt"
rm -rf "/home/$INSTALL_USER/ovpns/${NAME}.ovpn"
rm -rf "/home/${INSTALL_USER}/ovpns/${NAME}.ovpn"
cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem
printf "::: Completed!\n"

View file

@ -123,7 +123,7 @@ function askreboot() {
printf "It is \e[1mstrongly\e[0m recommended to reboot after un-installation.\n"
read -p "Would you like to reboot now? [y/n]: " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
if [[ ${REPLY} =~ ^[Yy]$ ]]; then
printf "\nRebooting system...\n"
sleep 3
shutdown -r now