From 6bd0beeb94af608c5d71aaf4c663cb9a568f248b Mon Sep 17 00:00:00 2001 From: Orazio Date: Thu, 7 Nov 2019 18:12:06 +0100 Subject: [PATCH] Fixed missing protocol variable --- auto_install/install.sh | 6 +++--- scripts/uninstall.sh | 7 ++++--- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/auto_install/install.sh b/auto_install/install.sh index 7d00f54..b9087cc 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -522,6 +522,7 @@ askWhichVPN(){ if (whiptail --backtitle "Setup PiVPN" --title "Installation mode" --yesno "WireGuard is a new kind of VPN that provides near-istantaneous connection speed, high performance, modern cryptography.\n\nIt's the recommended choise expecially if you use mobile devices where WireGuard is easier on battery than OpenVPN.\n\nOpenVPN is still available if you need the traditional, flexible, trusted VPN protocol. Or if you need features like TCP and custom search domain.\n\nChoose 'Yes' to use WireGuard of 'No' to use OpenVPN." ${r} ${c}); then VPN="WireGuard" + pivpnPROTO="udp" pivpnDEV="wg0" pivpnNET="10.6.0.0/24" else @@ -831,7 +832,6 @@ askClientDNS(){ exit 1 fi - echo "USING_PIHOLE=${USING_PIHOLE}" >> /tmp/setupVars.conf echo "pivpnDNS1=${pivpnDNS1}" >> /tmp/setupVars.conf echo "pivpnDNS2=${pivpnDNS2}" >> /tmp/setupVars.conf } @@ -1093,7 +1093,7 @@ confNetwork(){ echo "::: Adding UFW rules..." $SUDO sed "/delete these required/i *nat\n:POSTROUTING ACCEPT [0:0]\n-I POSTROUTING -s $pivpnNET -o $IPv4dev -j MASQUERADE\nCOMMIT\n" -i /etc/ufw/before.rules # Insert rules at the beginning of the chain (in case there are other rules that may drop the traffic) - $SUDO ufw insert 1 allow "$PORT"/"$PROTO" >/dev/null + $SUDO ufw insert 1 allow "$pivpnPORT"/"$pivpnPROTO" >/dev/null $SUDO ufw route insert 1 allow in on "$pivpnDEV" from "$pivpnNET" out on "$IPv4dev" to any >/dev/null $SUDO ufw reload >/dev/null @@ -1126,7 +1126,7 @@ confNetwork(){ # chain (using -I). if [ "$INPUT_RULES_COUNT" -ne 0 ] || [ "$INPUT_POLICY" != "ACCEPT" ]; then - $SUDO iptables -I INPUT 1 -i "$IPv4dev" -p "$PROTO" --dport "$PORT" -j ACCEPT + $SUDO iptables -I INPUT 1 -i "$IPv4dev" -p "$pivpnPROTO" --dport "$pivpnPORT" -j ACCEPT INPUT_CHAIN_EDITED=1 else INPUT_CHAIN_EDITED=0 diff --git a/scripts/uninstall.sh b/scripts/uninstall.sh index d5fc1a6..7027c65 100755 --- a/scripts/uninstall.sh +++ b/scripts/uninstall.sh @@ -56,6 +56,7 @@ removeAll(){ if [ "$VPN" = "WireGuard" ]; then pivpnDEV="wg0" pivpnNET="10.6.0.0/24" + pivpnPROTO="udp" elif [ "$VPN" = "OpenVPN" ]; then pivpnDEV="tun0" pivpnNET="10.8.0.0/24" @@ -63,15 +64,15 @@ removeAll(){ if [ "$USING_UFW" -eq 1 ]; then - ufw delete allow "${pivpnPORT}"/udp > /dev/null + ufw delete allow "${pivpnPORT}"/"${pivpnPROTO}" > /dev/null ufw route delete allow in on "$pivpnDEV" from "$pivpnNET" out on "${IPv4dev}" to any > /dev/null - sed -z "s/*nat\n:POSTROUTING ACCEPT \[0:0\]\n-I POSTROUTING -s 10.6.0.0\/24 -o ${IPv4dev} -j MASQUERADE\nCOMMIT\n\n//" -i /etc/ufw/before.rules + sed -z "s/*nat\n:POSTROUTING ACCEPT \[0:0\]\n-I POSTROUTING -s ${pivpnNET}\/24 -o ${IPv4dev} -j MASQUERADE\nCOMMIT\n\n//" -i /etc/ufw/before.rules ufw reload &> /dev/null elif [ "$USING_UFW" -eq 0 ]; then if [ "$INPUT_CHAIN_EDITED" -eq 1 ]; then - iptables -D INPUT -i "${IPv4dev}" -p udp --dport "${pivpnPORT}" -j ACCEPT + iptables -D INPUT -i "${IPv4dev}" -p "${pivpnPROTO}" --dport "${pivpnPORT}" -j ACCEPT fi if [ "$FORWARD_CHAIN_EDITED" -eq 1 ]; then