From 8e15eb683c0af5a736449c86a4aef89efdb3120d Mon Sep 17 00:00:00 2001
From: hwdsl2 <hwdsl2@users.noreply.github.com>
Date: Wed, 23 May 2018 01:39:53 -0500
Subject: [PATCH] Cleanup

---
 extras/vpnupgrade.sh        |  8 +++----
 extras/vpnupgrade_centos.sh |  8 +++----
 vpnsetup.sh                 | 42 +++++++++++++++++--------------------
 vpnsetup_centos.sh          | 27 +++++++++++-------------
 4 files changed, 39 insertions(+), 46 deletions(-)

diff --git a/extras/vpnupgrade.sh b/extras/vpnupgrade.sh
index 274256c8a1..b7165d7468 100644
--- a/extras/vpnupgrade.sh
+++ b/extras/vpnupgrade.sh
@@ -118,7 +118,7 @@ esac
 
 # Create and change to working dir
 mkdir -p /opt/src
-cd /opt/src || exiterr "Cannot enter /opt/src."
+cd /opt/src || exit 1
 
 # Update package index and install Wget
 export DEBIAN_FRONTEND=noninteractive
@@ -136,11 +136,11 @@ swan_file="libreswan-$SWAN_VER.tar.gz"
 swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
 swan_url2="https://download.libreswan.org/$swan_file"
 if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
-  exiterr "Cannot download Libreswan source."
+  exit 1
 fi
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 tar xzf "$swan_file" && /bin/rm -f "$swan_file"
-cd "libreswan-$SWAN_VER" || exiterr "Cannot enter Libreswan source dir."
+cd "libreswan-$SWAN_VER" || exit 1
 sed -i '/docker-targets\.mk/d' Makefile
 cat > Makefile.inc.local <<'EOF'
 WERROR_CFLAGS =
@@ -154,7 +154,7 @@ NPROCS="$(grep -c ^processor /proc/cpuinfo)"
 make "-j$((NPROCS+1))" -s base && make -s install-base
 
 # Verify the install and clean up
-cd /opt/src || exiterr "Cannot enter /opt/src."
+cd /opt/src || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
   exiterr "Libreswan $SWAN_VER failed to build."
diff --git a/extras/vpnupgrade_centos.sh b/extras/vpnupgrade_centos.sh
index 61d9d39cbd..727051ebc3 100644
--- a/extras/vpnupgrade_centos.sh
+++ b/extras/vpnupgrade_centos.sh
@@ -109,7 +109,7 @@ esac
 
 # Create and change to working dir
 mkdir -p /opt/src
-cd /opt/src || exiterr "Cannot enter /opt/src."
+cd /opt/src || exit 1
 
 # Install Wget
 yum -y install wget || exiterr2
@@ -138,11 +138,11 @@ swan_file="libreswan-$SWAN_VER.tar.gz"
 swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
 swan_url2="https://download.libreswan.org/$swan_file"
 if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
-  exiterr "Cannot download Libreswan source."
+  exit 1
 fi
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 tar xzf "$swan_file" && /bin/rm -f "$swan_file"
-cd "libreswan-$SWAN_VER" || exiterr "Cannot enter Libreswan source dir."
+cd "libreswan-$SWAN_VER" || exit 1
 sed -i '/docker-targets\.mk/d' Makefile
 cat > Makefile.inc.local <<'EOF'
 WERROR_CFLAGS =
@@ -153,7 +153,7 @@ NPROCS="$(grep -c ^processor /proc/cpuinfo)"
 make "-j$((NPROCS+1))" -s base && make -s install-base
 
 # Verify the install and clean up
-cd /opt/src || exiterr "Cannot enter /opt/src."
+cd /opt/src || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
   exiterr "Libreswan $SWAN_VER failed to build."
diff --git a/vpnsetup.sh b/vpnsetup.sh
index b8d4867f28..2339dddcfb 100755
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@@ -73,8 +73,8 @@ net_iface=${VPN_NET_IFACE:-'eth0'}
 def_iface="$(route 2>/dev/null | grep '^default' | grep -o '[^ ]*$')"
 [ -z "$def_iface" ] && def_iface="$(ip -4 route list 0/0 2>/dev/null | grep -Po '(?<=dev )(\S+)')"
 
-def_iface_state=$(cat "/sys/class/net/$def_iface/operstate" 2>/dev/null)
-if [ -n "$def_iface_state" ] && [ "$def_iface_state" != "down" ]; then
+def_state=$(cat "/sys/class/net/$def_iface/operstate" 2>/dev/null)
+if [ -n "$def_state" ] && [ "$def_state" != "down" ]; then
   if ! uname -m | grep -qi '^arm'; then
     case "$def_iface" in
       wl*)
@@ -85,13 +85,13 @@ if [ -n "$def_iface_state" ] && [ "$def_iface_state" != "down" ]; then
   net_iface="$def_iface"
 fi
 
-net_iface_state=$(cat "/sys/class/net/$net_iface/operstate" 2>/dev/null)
-if [ -z "$net_iface_state" ] || [ "$net_iface_state" = "down" ] || [ "$net_iface" = "lo" ]; then
+net_state=$(cat "/sys/class/net/$net_iface/operstate" 2>/dev/null)
+if [ -z "$net_state" ] || [ "$net_state" = "down" ] || [ "$net_iface" = "lo" ]; then
   printf "Error: Network interface '%s' is not available.\n" "$net_iface" >&2
   if [ -z "$VPN_NET_IFACE" ]; then
 cat 1>&2 <<EOF
-Unable to detect the default network interface. Manually re-run this script with:
-  sudo VPN_NET_IFACE="your_default_interface_name" sh "$0"
+Could not detect the default network interface. Re-run this script with:
+  sudo VPN_NET_IFACE="default_interface_name" sh "$0"
 EOF
   fi
   exit 1
@@ -126,12 +126,13 @@ bigecho "VPN setup in progress... Please be patient."
 
 # Create and change to working dir
 mkdir -p /opt/src
-cd /opt/src || exiterr "Cannot enter /opt/src."
+cd /opt/src || exit 1
 
 count=0
-while fuser /var/lib/apt/lists/lock /var/lib/dpkg/lock >/dev/null 2>&1 \
-  || lsof /var/lib/apt/lists/lock >/dev/null 2>&1 \
-  || lsof /var/lib/dpkg/lock >/dev/null 2>&1; do
+APT_LK=/var/lib/apt/lists/lock
+PKG_LK=/var/lib/dpkg/lock
+while fuser "$APT_LK" "$PKG_LK" >/dev/null 2>&1 \
+  || lsof "$APT_LK" >/dev/null 2>&1 || lsof "$PKG_LK" >/dev/null 2>&1; do
   [ "$count" = "0" ] && bigecho "Waiting for apt to be available..."
   [ "$count" -ge "60" ] && exiterr "Could not get apt/dpkg lock."
   count=$((count+1))
@@ -159,10 +160,8 @@ EOF
 # In case auto IP discovery fails, enter server's public IP here.
 PUBLIC_IP=${VPN_PUBLIC_IP:-''}
 
-# Try to auto discover IP of this server
 [ -z "$PUBLIC_IP" ] && PUBLIC_IP=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short)
 
-# Check IP for correct format
 check_ip "$PUBLIC_IP" || PUBLIC_IP=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com)
 check_ip "$PUBLIC_IP" || exiterr "Cannot detect this server's public IP. Edit the script and manually enter it."
 
@@ -181,13 +180,12 @@ case "$(uname -r)" in
     l2tp_url2="https://mirrors.kernel.org/ubuntu/pool/universe/x/xl2tpd/xl2tpd_$L2TP_VER.orig.tar.gz"
     apt-get -yq install libpcap0.8-dev || exiterr2
     if ! { wget -t 3 -T 30 -nv -O "$l2tp_file" "$l2tp_url1" || wget -t 3 -T 30 -nv -O "$l2tp_file" "$l2tp_url2"; }; then
-      exiterr "Cannot download xl2tpd source."
+      exit 1
     fi
     /bin/rm -rf "/opt/src/xl2tpd-$L2TP_VER"
     tar xzf "$l2tp_file" && /bin/rm -f "$l2tp_file"
-    cd "xl2tpd-$L2TP_VER" || exiterr "Cannot enter xl2tpd source dir."
-    make -s 2>/dev/null && PREFIX=/usr make -s install
-    cd /opt/src || exiterr "Cannot enter /opt/src."
+    cd "xl2tpd-$L2TP_VER" && make -s 2>/dev/null && PREFIX=/usr make -s install
+    cd /opt/src || exit 1
     /bin/rm -rf "/opt/src/xl2tpd-$L2TP_VER"
     ;;
 esac
@@ -203,11 +201,11 @@ swan_file="libreswan-$SWAN_VER.tar.gz"
 swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
 swan_url2="https://download.libreswan.org/$swan_file"
 if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
-  exiterr "Cannot download Libreswan source."
+  exit 1
 fi
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 tar xzf "$swan_file" && /bin/rm -f "$swan_file"
-cd "libreswan-$SWAN_VER" || exiterr "Cannot enter Libreswan source dir."
+cd "libreswan-$SWAN_VER" || exit 1
 sed -i '/docker-targets\.mk/d' Makefile
 cat > Makefile.inc.local <<'EOF'
 WERROR_CFLAGS =
@@ -220,8 +218,7 @@ NPROCS="$(grep -c ^processor /proc/cpuinfo)"
 [ -z "$NPROCS" ] && NPROCS=1
 make "-j$((NPROCS+1))" -s base && make -s install-base
 
-# Verify the install and clean up
-cd /opt/src || exiterr "Cannot enter /opt/src."
+cd /opt/src || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
   exiterr "Libreswan $SWAN_VER failed to build."
@@ -237,7 +234,7 @@ XAUTH_POOL=${VPN_XAUTH_POOL:-'192.168.43.10-192.168.43.250'}
 DNS_SRV1=${VPN_DNS_SRV1:-'8.8.8.8'}
 DNS_SRV2=${VPN_DNS_SRV2:-'8.8.4.4'}
 
-# Create IPsec (Libreswan) config
+# Create IPsec config
 conf_bk "/etc/ipsec.conf"
 cat > /etc/ipsec.conf <<EOF
 version 2.0
@@ -387,7 +384,7 @@ fi
 
 bigecho "Updating IPTables rules..."
 
-# Check if IPTables rules need updating
+# Check if rules need updating
 ipt_flag=0
 IPT_FILE="/etc/iptables.rules"
 if ! grep -qs "hwdsl2 VPN script" "$IPT_FILE" \
@@ -421,7 +418,6 @@ if [ "$ipt_flag" = "1" ]; then
   echo "# Modified by hwdsl2 VPN script" > "$IPT_FILE"
   iptables-save >> "$IPT_FILE"
 
-  # Update rules for iptables-persistent
   IPT_FILE2="/etc/iptables/rules.v4"
   if [ -f "$IPT_FILE2" ]; then
     conf_bk "$IPT_FILE2"
diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh
index 1923142ef2..91c35f4489 100755
--- a/vpnsetup_centos.sh
+++ b/vpnsetup_centos.sh
@@ -72,8 +72,8 @@ net_iface=${VPN_NET_IFACE:-'eth0'}
 def_iface="$(route 2>/dev/null | grep '^default' | grep -o '[^ ]*$')"
 [ -z "$def_iface" ] && def_iface="$(ip -4 route list 0/0 2>/dev/null | grep -Po '(?<=dev )(\S+)')"
 
-def_iface_state=$(cat "/sys/class/net/$def_iface/operstate" 2>/dev/null)
-if [ -n "$def_iface_state" ] && [ "$def_iface_state" != "down" ]; then
+def_state=$(cat "/sys/class/net/$def_iface/operstate" 2>/dev/null)
+if [ -n "$def_state" ] && [ "$def_state" != "down" ]; then
   case "$def_iface" in
     wl*)
       exiterr "Wireless interface '$def_iface' detected. DO NOT run this script on your PC or Mac!"
@@ -82,13 +82,13 @@ if [ -n "$def_iface_state" ] && [ "$def_iface_state" != "down" ]; then
   net_iface="$def_iface"
 fi
 
-net_iface_state=$(cat "/sys/class/net/$net_iface/operstate" 2>/dev/null)
-if [ -z "$net_iface_state" ] || [ "$net_iface_state" = "down" ] || [ "$net_iface" = "lo" ]; then
+net_state=$(cat "/sys/class/net/$net_iface/operstate" 2>/dev/null)
+if [ -z "$net_state" ] || [ "$net_state" = "down" ] || [ "$net_iface" = "lo" ]; then
   printf "Error: Network interface '%s' is not available.\n" "$net_iface" >&2
   if [ -z "$VPN_NET_IFACE" ]; then
 cat 1>&2 <<EOF
-Unable to detect the default network interface. Manually re-run this script with:
-  sudo VPN_NET_IFACE="your_default_interface_name" sh "$0"
+Could not detect the default network interface. Re-run this script with:
+  sudo VPN_NET_IFACE="default_interface_name" sh "$0"
 EOF
   fi
   exit 1
@@ -123,7 +123,7 @@ bigecho "VPN setup in progress... Please be patient."
 
 # Create and change to working dir
 mkdir -p /opt/src
-cd /opt/src || exiterr "Cannot enter /opt/src."
+cd /opt/src || exit 1
 
 bigecho "Installing packages required for setup..."
 
@@ -140,10 +140,8 @@ EOF
 # In case auto IP discovery fails, enter server's public IP here.
 PUBLIC_IP=${VPN_PUBLIC_IP:-''}
 
-# Try to auto discover IP of this server
 [ -z "$PUBLIC_IP" ] && PUBLIC_IP=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short)
 
-# Check IP for correct format
 check_ip "$PUBLIC_IP" || PUBLIC_IP=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com)
 check_ip "$PUBLIC_IP" || exiterr "Cannot detect this server's public IP. Edit the script and manually enter it."
 
@@ -179,11 +177,11 @@ swan_file="libreswan-$SWAN_VER.tar.gz"
 swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
 swan_url2="https://download.libreswan.org/$swan_file"
 if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
-  exiterr "Cannot download Libreswan source."
+  exit 1
 fi
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 tar xzf "$swan_file" && /bin/rm -f "$swan_file"
-cd "libreswan-$SWAN_VER" || exiterr "Cannot enter Libreswan source dir."
+cd "libreswan-$SWAN_VER" || exit 1
 sed -i '/docker-targets\.mk/d' Makefile
 cat > Makefile.inc.local <<'EOF'
 WERROR_CFLAGS =
@@ -193,8 +191,7 @@ NPROCS="$(grep -c ^processor /proc/cpuinfo)"
 [ -z "$NPROCS" ] && NPROCS=1
 make "-j$((NPROCS+1))" -s base && make -s install-base
 
-# Verify the install and clean up
-cd /opt/src || exiterr "Cannot enter /opt/src."
+cd /opt/src || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
   exiterr "Libreswan $SWAN_VER failed to build."
@@ -210,7 +207,7 @@ XAUTH_POOL=${VPN_XAUTH_POOL:-'192.168.43.10-192.168.43.250'}
 DNS_SRV1=${VPN_DNS_SRV1:-'8.8.8.8'}
 DNS_SRV2=${VPN_DNS_SRV2:-'8.8.4.4'}
 
-# Create IPsec (Libreswan) config
+# Create IPsec config
 conf_bk "/etc/ipsec.conf"
 cat > /etc/ipsec.conf <<EOF
 version 2.0
@@ -360,7 +357,7 @@ fi
 
 bigecho "Updating IPTables rules..."
 
-# Check if IPTables rules need updating
+# Check if rules need updating
 ipt_flag=0
 IPT_FILE="/etc/sysconfig/iptables"
 if ! grep -qs "hwdsl2 VPN script" "$IPT_FILE" \