/feature/add_tcp_option

Adding a correct tcp option
This commit is contained in:
Stephen KINGER 2016-09-27 14:24:14 +02:00
parent 8f09ee9afd
commit a7c9a35352

39
auto_install/install.sh Normal file → Executable file
View file

@ -475,6 +475,34 @@ update_repo() {
echo " done!" echo " done!"
} }
setCustomProto() {
# Turn the available interfaces into an array so it can be used with a whiptail dialog
protoArray=()
protoArray+=("udp" "available" "ON")
protoArray+=("tcp" "available" "OFF")
# Find out how many interfaces are available to choose from
chooseProtoCmd=(whiptail --separate-output --radiolist "Choose A Protocol" $r $c 2)
echo "${chooseProtoCmd[@]}" "${protoArray[@]}"
chooseProtoOptions=$("${chooseProtoCmd[@]}" "${protoArray[@]}" 2>&1 >/dev/tty)
if [[ $? = 0 ]]; then
for desiredProto in $chooseProtoOptions
do
pivpnProto=$desiredProto
echo "::: Using protocol: $pivpnProto"
echo "${pivpnProto}" > /tmp/pivpnPROTO
done
else
echo "::: Cancel selected, exiting...."
exit 1
fi
# write out the PROTO
PROTO=$pivpnProto
$SUDO cp /tmp/pivpnPROTO /etc/pivpn/INSTALL_PROTO
}
setCustomPort() { setCustomPort() {
until [[ $PORTNumCorrect = True ]] until [[ $PORTNumCorrect = True ]]
do do
@ -735,6 +763,10 @@ confOpenVPN() {
$SUDO sed -i "s/1194/${PORT}/g" /etc/openvpn/server.conf $SUDO sed -i "s/1194/${PORT}/g" /etc/openvpn/server.conf
fi fi
if [ $PROTO != "udp" ]; then
$SUDO sed -i "s/proto udp/proto tcp/g" /etc/openvpn/server.conf
fi
# write out server certs to conf file # write out server certs to conf file
$SUDO sed -i "s/\(key \/etc\/openvpn\/easy-rsa\/keys\/\).*/\1${SERVER_NAME}.key/" /etc/openvpn/server.conf $SUDO sed -i "s/\(key \/etc\/openvpn\/easy-rsa\/keys\/\).*/\1${SERVER_NAME}.key/" /etc/openvpn/server.conf
$SUDO sed -i "s/\(cert \/etc\/openvpn\/easy-rsa\/keys\/\).*/\1${SERVER_NAME}.crt/" /etc/openvpn/server.conf $SUDO sed -i "s/\(cert \/etc\/openvpn\/easy-rsa\/keys\/\).*/\1${SERVER_NAME}.crt/" /etc/openvpn/server.conf
@ -783,7 +815,7 @@ confNetwork() {
$SUDO sed -i 's/IPv4dev/'$IPv4dev'/' /tmp/ufw_add.txt $SUDO sed -i 's/IPv4dev/'$IPv4dev'/' /tmp/ufw_add.txt
$SUDO sed -i "s/\(DEFAULT_FORWARD_POLICY=\).*/\1\"ACCEPT\"/" /etc/default/ufw $SUDO sed -i "s/\(DEFAULT_FORWARD_POLICY=\).*/\1\"ACCEPT\"/" /etc/default/ufw
$SUDO sed -i -e '/delete these required/r /tmp/ufw_add.txt' -e//N /etc/ufw/before.rules $SUDO sed -i -e '/delete these required/r /tmp/ufw_add.txt' -e//N /etc/ufw/before.rules
$SUDO ufw allow ${PORT}/udp $SUDO ufw allow ${PORT}/${PROTO}
$SUDO ufw allow from 10.8.0.0/24 $SUDO ufw allow from 10.8.0.0/24
$SUDO ufw reload $SUDO ufw reload
echo "::: UFW configuration completed." echo "::: UFW configuration completed."
@ -854,6 +886,10 @@ confOVPN() {
$SUDO sed -i -e "s/1194/${PORT}/g" /etc/openvpn/easy-rsa/keys/Default.txt $SUDO sed -i -e "s/1194/${PORT}/g" /etc/openvpn/easy-rsa/keys/Default.txt
fi fi
if [ $PROTO != "udp" ]; then
$SUDO sed -i -e "s/proto udp/proto tcp/g" /etc/openvpn/easy-rsa/keys/Default.txt
fi
# verify server name to strengthen security # verify server name to strengthen security
$SUDO sed -i "s/SRVRNAME/${SERVER_NAME}/" /etc/openvpn/easy-rsa/keys/Default.txt $SUDO sed -i "s/SRVRNAME/${SERVER_NAME}/" /etc/openvpn/easy-rsa/keys/Default.txt
@ -868,6 +904,7 @@ installPiVPN() {
$SUDO mkdir -p /etc/pivpn/ $SUDO mkdir -p /etc/pivpn/
getGitFiles getGitFiles
installScripts installScripts
setCustomProto
setCustomPort setCustomPort
confOpenVPN confOpenVPN
confNetwork confNetwork