Pi-hole/pivpn
Pi-hole/pivpn
1
0
Fork 0
mirror of https://github.com/pivpn/pivpn.git synced 2024-12-18 19:00:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fixed missing protocol variable

Browse source
This commit is contained in:
Orazio 2019-11-07 18:12:06 +01:00
parent 84f90b00a4
commit 6bd0beeb94
2 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
auto_install/install.sh
View file

@ -522,6 +522,7 @@ askWhichVPN(){
if (whiptail --backtitle "Setup PiVPN" --title "Installation mode" --yesno "WireGuard is a new kind of VPN that provides near-istantaneous connection speed, high performance, modern cryptography.\n\nIt's the recommended choise expecially if you use mobile devices where WireGuard is easier on battery than OpenVPN.\n\nOpenVPN is still available if you need the traditional, flexible, trusted VPN protocol. Or if you need features like TCP and custom search domain.\n\nChoose 'Yes' to use WireGuard of 'No' to use OpenVPN." ${r} ${c}); if (whiptail --backtitle "Setup PiVPN" --title "Installation mode" --yesno "WireGuard is a new kind of VPN that provides near-istantaneous connection speed, high performance, modern cryptography.\n\nIt's the recommended choise expecially if you use mobile devices where WireGuard is easier on battery than OpenVPN.\n\nOpenVPN is still available if you need the traditional, flexible, trusted VPN protocol. Or if you need features like TCP and custom search domain.\n\nChoose 'Yes' to use WireGuard of 'No' to use OpenVPN." ${r} ${c});
then then
VPN="WireGuard" VPN="WireGuard"
pivpnPROTO="udp"
pivpnDEV="wg0" pivpnDEV="wg0"
pivpnNET="10.6.0.0/24" pivpnNET="10.6.0.0/24"
else else
@ -831,7 +832,6 @@ askClientDNS(){
exit 1 exit 1
fi fi
echo "USING_PIHOLE=${USING_PIHOLE}" >> /tmp/setupVars.conf
echo "pivpnDNS1=${pivpnDNS1}" >> /tmp/setupVars.conf echo "pivpnDNS1=${pivpnDNS1}" >> /tmp/setupVars.conf
echo "pivpnDNS2=${pivpnDNS2}" >> /tmp/setupVars.conf echo "pivpnDNS2=${pivpnDNS2}" >> /tmp/setupVars.conf
} }
@ -1093,7 +1093,7 @@ confNetwork(){
echo "::: Adding UFW rules..." echo "::: Adding UFW rules..."
$SUDO sed "/delete these required/i *nat\n:POSTROUTING ACCEPT [0:0]\n-I POSTROUTING -s $pivpnNET -o $IPv4dev -j MASQUERADE\nCOMMIT\n" -i /etc/ufw/before.rules $SUDO sed "/delete these required/i *nat\n:POSTROUTING ACCEPT [0:0]\n-I POSTROUTING -s $pivpnNET -o $IPv4dev -j MASQUERADE\nCOMMIT\n" -i /etc/ufw/before.rules
# Insert rules at the beginning of the chain (in case there are other rules that may drop the traffic) # Insert rules at the beginning of the chain (in case there are other rules that may drop the traffic)
$SUDO ufw insert 1 allow "$PORT"/"$PROTO" >/dev/null $SUDO ufw insert 1 allow "$pivpnPORT"/"$pivpnPROTO" >/dev/null
$SUDO ufw route insert 1 allow in on "$pivpnDEV" from "$pivpnNET" out on "$IPv4dev" to any >/dev/null $SUDO ufw route insert 1 allow in on "$pivpnDEV" from "$pivpnNET" out on "$IPv4dev" to any >/dev/null
$SUDO ufw reload >/dev/null $SUDO ufw reload >/dev/null
@ -1126,7 +1126,7 @@ confNetwork(){
# chain (using -I). # chain (using -I).
if [ "$INPUT_RULES_COUNT" -ne 0 ] || [ "$INPUT_POLICY" != "ACCEPT" ]; then if [ "$INPUT_RULES_COUNT" -ne 0 ] || [ "$INPUT_POLICY" != "ACCEPT" ]; then
$SUDO iptables -I INPUT 1 -i "$IPv4dev" -p "$PROTO" --dport "$PORT" -j ACCEPT $SUDO iptables -I INPUT 1 -i "$IPv4dev" -p "$pivpnPROTO" --dport "$pivpnPORT" -j ACCEPT
INPUT_CHAIN_EDITED=1 INPUT_CHAIN_EDITED=1
else else
INPUT_CHAIN_EDITED=0 INPUT_CHAIN_EDITED=0

7
scripts/uninstall.sh
View file

@ -56,6 +56,7 @@ removeAll(){
if [ "$VPN" = "WireGuard" ]; then if [ "$VPN" = "WireGuard" ]; then
pivpnDEV="wg0" pivpnDEV="wg0"
pivpnNET="10.6.0.0/24" pivpnNET="10.6.0.0/24"
pivpnPROTO="udp"
elif [ "$VPN" = "OpenVPN" ]; then elif [ "$VPN" = "OpenVPN" ]; then
pivpnDEV="tun0" pivpnDEV="tun0"
pivpnNET="10.8.0.0/24" pivpnNET="10.8.0.0/24"
@ -63,15 +64,15 @@ removeAll(){
if [ "$USING_UFW" -eq 1 ]; then if [ "$USING_UFW" -eq 1 ]; then
ufw delete allow "${pivpnPORT}"/udp > /dev/null ufw delete allow "${pivpnPORT}"/"${pivpnPROTO}" > /dev/null
ufw route delete allow in on "$pivpnDEV" from "$pivpnNET" out on "${IPv4dev}" to any > /dev/null ufw route delete allow in on "$pivpnDEV" from "$pivpnNET" out on "${IPv4dev}" to any > /dev/null
sed -z "s/*nat\n:POSTROUTING ACCEPT \[0:0\]\n-I POSTROUTING -s 10.6.0.0\/24 -o ${IPv4dev} -j MASQUERADE\nCOMMIT\n\n//" -i /etc/ufw/before.rules sed -z "s/*nat\n:POSTROUTING ACCEPT \[0:0\]\n-I POSTROUTING -s ${pivpnNET}\/24 -o ${IPv4dev} -j MASQUERADE\nCOMMIT\n\n//" -i /etc/ufw/before.rules
ufw reload &> /dev/null ufw reload &> /dev/null
elif [ "$USING_UFW" -eq 0 ]; then elif [ "$USING_UFW" -eq 0 ]; then
if [ "$INPUT_CHAIN_EDITED" -eq 1 ]; then if [ "$INPUT_CHAIN_EDITED" -eq 1 ]; then
iptables -D INPUT -i "${IPv4dev}" -p udp --dport "${pivpnPORT}" -j ACCEPT iptables -D INPUT -i "${IPv4dev}" -p "${pivpnPROTO}" --dport "${pivpnPORT}" -j ACCEPT
fi fi
if [ "$FORWARD_CHAIN_EDITED" -eq 1 ]; then if [ "$FORWARD_CHAIN_EDITED" -eq 1 ]; then