tests: Clean-up client + conf_options
Clean-up the mess that was here. It's less error prone, shorter and easier to read.
This commit is contained in:
Kyle Manna
@@ -1,13 +1,42 @@
|
||||
#!/bin/bash
|
||||
|
||||
SERV_IP=$(ip -4 -o addr show scope global | awk '{print $4}' | sed -e 's:/.*::' | head -n1)
|
||||
SERVER_CONF="/etc/openvpn/openvpn.conf"
|
||||
TEST1_OVPN="/etc/openvpn/test1.ovpn"
|
||||
|
||||
# Function to fail
|
||||
abort() { cat <<< "$@" 1>&2; exit 1; }
|
||||
|
||||
# Check a config (haystack) for a given line (needle) exit with error if not
|
||||
# found.
|
||||
test_config() {
|
||||
|
||||
local needle="${2}"
|
||||
local file="${1}"
|
||||
|
||||
busybox grep -q "${needle}" "${file}"
|
||||
if [ $? -ne 0 ]; then
|
||||
abort "==> Config match not found: ${needle}"
|
||||
fi
|
||||
}
|
||||
|
||||
# Check a config (haystack) for absence of given line (needle) exit with error
|
||||
# if found.
|
||||
test_not_config() {
|
||||
|
||||
local needle="${2}"
|
||||
local file="${1}"
|
||||
|
||||
busybox grep -vq "${needle}" "${file}"
|
||||
if [ $? -ne 0 ]; then
|
||||
abort "==> Config match found: ${needle}"
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
#
|
||||
# Generate openvpn.config file
|
||||
#
|
||||
SERV_IP=$(ip -4 -o addr show scope global | awk '{print $4}' | sed -e 's:/.*::' | head -n1)
|
||||
|
||||
ovpn_genconfig \
|
||||
-u udp://$SERV_IP \
|
||||
@@ -18,23 +47,38 @@ EASYRSA_BATCH=1 EASYRSA_REQ_CN="Travis-CI Test CA" ovpn_initpki nopass
|
||||
|
||||
easyrsa build-client-full test1 nopass 2>/dev/null
|
||||
|
||||
TEST1_OVPN="/etc/openvpn/test1.ovpn"
|
||||
ovpn_getclient test1 > "${TEST1_OVPN}"
|
||||
|
||||
# Check a config (haystack) for a given line (needle) exit with error if not found.
|
||||
test-client-config() {
|
||||
|
||||
local needle="${1}"
|
||||
|
||||
busybox grep -q "${needle}" "${TEST1_OVPN}"
|
||||
if [ $? -ne 0 ]; then
|
||||
abort "==> Config match not found: ${needle}"
|
||||
fi
|
||||
}
|
||||
|
||||
#
|
||||
# Test cases
|
||||
# Simple test cases
|
||||
#
|
||||
|
||||
# Test 1: Check MTU
|
||||
test-client-config "^tun-mtu\s+1337"
|
||||
# 1. client MTU
|
||||
test_config "${TEST1_OVPN}" "^tun-mtu\s\+1337"
|
||||
|
||||
|
||||
#
|
||||
# Test udp client with tcp fallback
|
||||
#
|
||||
ovpn_genconfig -u udp://$SERV_IP -E "remote $SERV_IP 443 tcp" -E "remote vpn.example.com 443 tcp"
|
||||
# nopass is insecure
|
||||
EASYRSA_BATCH=1 EASYRSA_REQ_CN="Travis-CI Test CA" ovpn_initpki nopass
|
||||
easyrsa build-client-full client-fallback nopass
|
||||
ovpn_getclient client-fallback > "${TEST1_OVPN}"
|
||||
|
||||
test_config "${TEST1_OVPN}" "^remote\s\+$SERV_IP\s\+443\s\+tcp"
|
||||
test_config "${TEST1_OVPN}" "^remote\s\+vpn.example.com\s\+443\s\+tcp"
|
||||
|
||||
|
||||
#
|
||||
# Test non-defroute config
|
||||
#
|
||||
ovpn_genconfig -d -u udp://$SERV_IP -r "172.33.33.0/24" -r "172.34.34.0/24"
|
||||
# nopass is insecure
|
||||
EASYRSA_BATCH=1 EASYRSA_REQ_CN="Travis-CI Test CA" ovpn_initpki nopass
|
||||
easyrsa build-client-full non-defroute nopass
|
||||
ovpn_getclient non-defroute > "${TEST1_OVPN}"
|
||||
|
||||
# The '!' inverts the match to test that the string isn't present
|
||||
test_not_config "${TEST1_OVPN}" "^redirect-gateway\s\+def1"
|
||||
|
||||
@@ -1,8 +1,37 @@
|
||||
#!/bin/bash
|
||||
|
||||
SERV_IP=$(ip -4 -o addr show scope global | awk '{print $4}' | sed -e 's:/.*::' | head -n1)
|
||||
SERVER_CONF="/etc/openvpn/openvpn.conf"
|
||||
TEST1_OVPN="/etc/openvpn/test1.ovpn"
|
||||
|
||||
# Function to fail
|
||||
abort() { cat <<< "$@" 1>&2; exit 1; }
|
||||
|
||||
# Check a config (haystack) for a given line (needle) exit with error if not found.
|
||||
test_config() {
|
||||
|
||||
local needle="${2}"
|
||||
local file="${1}"
|
||||
|
||||
busybox grep -q "${needle}" "${file}"
|
||||
if [ $? -ne 0 ]; then
|
||||
abort "==> Config match not found: ${needle}"
|
||||
fi
|
||||
}
|
||||
|
||||
# Check a config (haystack) for absence of given line (needle) exit with error
|
||||
# if found.
|
||||
test_not_config() {
|
||||
|
||||
local needle="${2}"
|
||||
local file="${1}"
|
||||
|
||||
busybox grep -vq "${needle}" "${file}"
|
||||
if [ $? -ne 0 ]; then
|
||||
abort "==> Config match found: ${needle}"
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
#
|
||||
# Generate openvpn.config file
|
||||
@@ -12,242 +41,74 @@ management localhost 7505
|
||||
max-clients 10
|
||||
EOF
|
||||
|
||||
SERV_IP=$(ip -4 -o addr show scope global | awk '{print $4}' | sed -e 's:/.*::' | head -n1)
|
||||
ovpn_genconfig -u udp://$SERV_IP -f 1400 -k '60 300' -e "$MULTILINE_EXTRA_SERVER_CONF" -e 'duplicate-cn' -e 'topology subnet' -p 'route 172.22.22.0 255.255.255.0'
|
||||
ovpn_genconfig \
|
||||
-u udp://$SERV_IP \
|
||||
-f 1400 \
|
||||
-k '60 300' \
|
||||
-e "$MULTILINE_EXTRA_SERVER_CONF" \
|
||||
-e 'duplicate-cn' \
|
||||
-e 'topology subnet' \
|
||||
-p 'route 172.22.22.0 255.255.255.0' \
|
||||
|
||||
|
||||
#
|
||||
# grep for config lines from openvpn.conf
|
||||
# add more tests for more configs as required
|
||||
# Simple test cases
|
||||
#
|
||||
|
||||
# 1. verb config
|
||||
CONFIG_REQUIRED_VERB="verb 3"
|
||||
CONFIG_MATCH_VERB=$(busybox grep verb /etc/openvpn/openvpn.conf)
|
||||
test_config "${SERVER_CONF}" "^verb\s\+3"
|
||||
|
||||
# 2. fragment config
|
||||
CONFIG_REQUIRED_FRAGMENT="fragment 1400"
|
||||
CONFIG_MATCH_FRAGMENT=$(busybox grep fragment /etc/openvpn/openvpn.conf)
|
||||
test_config "${SERVER_CONF}" "^fragment\s\+1400"
|
||||
|
||||
## Tests for extra configs
|
||||
# 3. management config
|
||||
CONFIG_REQUIRED_MANAGEMENT="^management localhost 7505"
|
||||
CONFIG_MATCH_MANAGEMENT=$(busybox grep management /etc/openvpn/openvpn.conf)
|
||||
test_config "${SERVER_CONF}" "^management\s\+localhost\s\+7505"
|
||||
|
||||
# 4. max-clients config
|
||||
CONFIG_REQUIRED_MAX_CLIENTS="^max-clients 10"
|
||||
CONFIG_MATCH_MAX_CLIENTS=$(busybox grep max-clients /etc/openvpn/openvpn.conf)
|
||||
test_config "${SERVER_CONF}" "^max-clients\s\+10"
|
||||
|
||||
# 5. duplicate-cn config
|
||||
CONFIG_REQUIRED_DUPCN="^duplicate-cn"
|
||||
CONFIG_MATCH_DUPCN=$(busybox grep duplicate-cn /etc/openvpn/openvpn.conf)
|
||||
test_config "${SERVER_CONF}" "^duplicate-cn"
|
||||
|
||||
# 6. topology config
|
||||
CONFIG_REQUIRED_TOPOLOGY="^topology subnet"
|
||||
CONFIG_MATCH_TOPOLOGY=$(busybox grep 'topology subnet' /etc/openvpn/openvpn.conf)
|
||||
test_config "${SERVER_CONF}" "^topology\s\+subnet"
|
||||
|
||||
## Tests for push config
|
||||
# 7. push route
|
||||
CONFIG_REQUIRED_PUSH_ROUTE='^push "route 172.22.22.0 255.255.255.0"'
|
||||
CONFIG_MATCH_PUSH_ROUTE=$(busybox grep 'push "route 172.22.22.0 255.255.255.0"' /etc/openvpn/openvpn.conf)
|
||||
test_config "${SERVER_CONF}" '^push\s\+"route\s\+172.22.22.0\s\+255.255.255.0"'
|
||||
|
||||
## Test for default
|
||||
# 8. Should see default route if none provided
|
||||
CONFIG_REQUIRED_DEFAULT_ROUTE='^route 192.168.254.0 255.255.255.0'
|
||||
CONFIG_MATCH_DEFAULT_ROUTE=$(busybox grep 'route 192.168.254.0 255.255.255.0' /etc/openvpn/openvpn.conf)
|
||||
test_config "${SERVER_CONF}" "^route\s\+192.168.254.0\s\+255.255.255.0"
|
||||
|
||||
# 9. Should see a push of 'block-outside-dns' by default
|
||||
CONFIG_REQUIRED_BLOCK_OUTSIDE_DNS='^push "block-outside-dns"'
|
||||
CONFIG_MATCH_BLOCK_OUTSIDE_DNS=$(busybox grep 'push "block-outside-dns"' /etc/openvpn/openvpn.conf)
|
||||
test_config "${SERVER_CONF}" '^push\s\+"block-outside-dns"'
|
||||
|
||||
# 10. Should see a push of 'dhcp-option DNS' by default
|
||||
CONFIG_REQUIRED_DEFAULT_DNS_1='^push "dhcp-option DNS 8.8.8.8"'
|
||||
CONFIG_MATCH_DEFAULT_DNS_1=$(busybox grep 'push "dhcp-option DNS 8.8.8.8"' /etc/openvpn/openvpn.conf)
|
||||
CONFIG_REQUIRED_DEFAULT_DNS_2='^push "dhcp-option DNS 8.8.4.4"'
|
||||
CONFIG_MATCH_DEFAULT_DNS_2=$(busybox grep 'push "dhcp-option DNS 8.8.4.4"' /etc/openvpn/openvpn.conf)
|
||||
test_config "${SERVER_CONF}" '^push\s\+"dhcp-option\s\+DNS\s\+8.8.8.8"'
|
||||
test_config "${SERVER_CONF}" '^push\s\+"dhcp-option\s\+DNS\s\+8.8.4.4"'
|
||||
|
||||
## Test for keepalive
|
||||
# 11. keepalive config
|
||||
CONFIG_REQUIRED_KEEPALIVE="^keepalive 60 300"
|
||||
CONFIG_MATCH_KEEPALIVE=$(busybox grep keepalive /etc/openvpn/openvpn.conf)
|
||||
test_config "${SERVER_CONF}" '^keepalive\s\+60\s\+300'
|
||||
|
||||
|
||||
#
|
||||
# Tests
|
||||
# More elaborate route tests
|
||||
#
|
||||
|
||||
if [[ $CONFIG_MATCH_VERB =~ $CONFIG_REQUIRED_VERB ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_VERB == $CONFIG_MATCH_VERB"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_VERB != $CONFIG_MATCH_VERB"
|
||||
fi
|
||||
|
||||
if [[ $CONFIG_MATCH_FRAGMENT =~ $CONFIG_REQUIRED_FRAGMENT ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_FRAGMENT == $CONFIG_MATCH_FRAGMENT"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_FRAGMENT != $CONFIG_MATCH_FRAGMENT"
|
||||
fi
|
||||
|
||||
if [[ $CONFIG_MATCH_MANAGEMENT =~ $CONFIG_REQUIRED_MANAGEMENT ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_MANAGEMENT == $CONFIG_MATCH_MANAGEMENT"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_MANAGEMENT != $CONFIG_MATCH_MANAGEMENT"
|
||||
fi
|
||||
|
||||
|
||||
if [[ $CONFIG_MATCH_MAX_CLIENTS =~ $CONFIG_REQUIRED_MAX_CLIENTS ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_MAX_CLIENTS == $CONFIG_MATCH_MAX_CLIENTS"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_MAX_CLIENTS != $CONFIG_MATCH_MAX_CLIENTS"
|
||||
fi
|
||||
|
||||
if [[ $CONFIG_MATCH_DUPCN =~ $CONFIG_REQUIRED_DUPCN ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_DUPCN == $CONFIG_MATCH_DUPCN"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_DUPCN != $CONFIG_MATCH_DUPCN"
|
||||
fi
|
||||
|
||||
if [[ $CONFIG_MATCH_TOPOLOGY =~ $CONFIG_REQUIRED_TOPOLOGY ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_TOPOLOGY == $CONFIG_MATCH_TOPOLOGY"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_TOPOLOGY != $CONFIG_MATCH_TOPOLOGY"
|
||||
fi
|
||||
|
||||
if [[ $CONFIG_MATCH_PUSH_ROUTE =~ $CONFIG_REQUIRED_PUSH_ROUTE ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_PUSH_ROUTE == $CONFIG_MATCH_PUSH_ROUTE"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_PUSH_ROUTE != $CONFIG_MATCH_PUSH_ROUTE"
|
||||
fi
|
||||
|
||||
if [[ $CONFIG_MATCH_DEFAULT_ROUTE =~ $CONFIG_REQUIRED_DEFAULT_ROUTE ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_DEFAULT_ROUTE == $CONFIG_MATCH_DEFAULT_ROUTE"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_DEFAULT_ROUTE != $CONFIG_MATCH_DEFAULT_ROUTE"
|
||||
fi
|
||||
|
||||
if [[ $CONFIG_MATCH_BLOCK_OUTSIDE_DNS =~ $CONFIG_REQUIRED_BLOCK_OUTSIDE_DNS ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_BLOCK_OUTSIDE_DNS == $CONFIG_MATCH_BLOCK_OUTSIDE_DNS"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_BLOCK_OUTSIDE_DNS != $CONFIG_MATCH_BLOCK_OUTSIDE_DNS"
|
||||
fi
|
||||
|
||||
if [[ $CONFIG_MATCH_DEFAULT_DNS_1 =~ $CONFIG_REQUIRED_DEFAULT_DNS_1 ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_DEFAULT_DNS_1 == $CONFIG_MATCH_DEFAULT_DNS_1"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_DEFAULT_DNS_1 != $CONFIG_MATCH_DEFAULT_DNS_1"
|
||||
fi
|
||||
|
||||
if [[ $CONFIG_MATCH_DEFAULT_DNS_2 =~ $CONFIG_REQUIRED_DEFAULT_DNS_2 ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_DEFAULT_DNS_2 == $CONFIG_MATCH_DEFAULT_DNS_2"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_DEFAULT_DNS_2 != $CONFIG_MATCH_DEFAULT_DNS_2"
|
||||
fi
|
||||
|
||||
if [[ $CONFIG_MATCH_KEEPALIVE =~ $CONFIG_REQUIRED_KEEPALIVE ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_KEEPALIVE == $CONFIG_MATCH_KEEPALIVE"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_KEEPALIVE != $CONFIG_MATCH_KEEPALIVE"
|
||||
fi
|
||||
|
||||
SERV_IP=$(ip -4 -o addr show scope global | awk '{print $4}' | sed -e 's:/.*::' | head -n1)
|
||||
ovpn_genconfig -u udp://$SERV_IP -r "172.33.33.0/24" -r "172.34.34.0/24"
|
||||
|
||||
CONFIG_REQUIRED_ROUTE_1="^route 172.33.33.0 255.255.255.0"
|
||||
CONFIG_MATCH_ROUTE_1=$(busybox grep 'route 172.33.33.0 255.255.255.0' /etc/openvpn/openvpn.conf)
|
||||
test_config "${SERVER_CONF}" "^route\s\+172.33.33.0\s\+255.255.255.0"
|
||||
test_config "${SERVER_CONF}" "^route\s\+172.34.34.0\s\+255.255.255.0"
|
||||
|
||||
CONFIG_REQUIRED_ROUTE_2="^route 172.34.34.0 255.255.255.0"
|
||||
CONFIG_MATCH_ROUTE_2=$(busybox grep 'route 172.34.34.0 255.255.255.0' /etc/openvpn/openvpn.conf)
|
||||
|
||||
if [[ $CONFIG_MATCH_ROUTE_1 =~ $CONFIG_REQUIRED_ROUTE_1 ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_ROUTE_1 == $CONFIG_MATCH_ROUTE_1"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_ROUTE_1 != $CONFIG_MATCH_ROUTE_1"
|
||||
fi
|
||||
#
|
||||
# Block outside DNS test
|
||||
#
|
||||
|
||||
if [[ $CONFIG_MATCH_ROUTE_2 =~ $CONFIG_REQUIRED_ROUTE_2 ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_ROUTE_2 == $CONFIG_MATCH_ROUTE_2"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_ROUTE_2 != $CONFIG_MATCH_ROUTE_2"
|
||||
fi
|
||||
|
||||
SERV_IP=$(ip -4 -o addr show scope global | awk '{print $4}' | sed -e 's:/.*::' | head -n1)
|
||||
ovpn_genconfig -u udp://$SERV_IP -b
|
||||
|
||||
if busybox grep -v 'block-outside-dns' /etc/openvpn/openvpn.conf
|
||||
then
|
||||
echo "==> Config '-b' Succesfully remove the 'block-outside-dns' option"
|
||||
else
|
||||
abort "==> Config '-b' given, but 'block-outside-dns' option is still present in configuration"
|
||||
fi
|
||||
|
||||
|
||||
# Test generated client config
|
||||
|
||||
# gen udp client with tcp fallback
|
||||
ovpn_genconfig -u udp://$SERV_IP -E "remote $SERV_IP 443 tcp" -E "remote vpn.example.com 443 tcp"
|
||||
# nopass is insecure
|
||||
EASYRSA_BATCH=1 EASYRSA_REQ_CN="Travis-CI Test CA" ovpn_initpki nopass
|
||||
easyrsa build-client-full client-fallback nopass
|
||||
ovpn_getclient client-fallback | tee /etc/openvpn/config-fallback.ovpn
|
||||
|
||||
CONFIG_REQUIRED_TCP_REMOTE="^remote $SERV_IP 443 tcp"
|
||||
CONFIG_MATCH_TCP_REMOTE=$(busybox grep "remote $SERV_IP 443 tcp" /etc/openvpn/config-fallback.ovpn)
|
||||
|
||||
CONFIG_REQUIRED_TCP_REMOTE_2="^remote vpn.example.com 443 tcp"
|
||||
CONFIG_MATCH_TCP_REMOTE_2=$(busybox grep "remote vpn.example.com 443 tcp" /etc/openvpn/config-fallback.ovpn)
|
||||
|
||||
if [[ $CONFIG_MATCH_TCP_REMOTE =~ $CONFIG_REQUIRED_TCP_REMOTE ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_TCP_REMOTE == $CONFIG_MATCH_TCP_REMOTE"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_TCP_REMOTE != $CONFIG_MATCH_TCP_REMOTE"
|
||||
fi
|
||||
|
||||
if [[ $CONFIG_MATCH_TCP_REMOTE_2 =~ $CONFIG_REQUIRED_TCP_REMOTE_2 ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_TCP_REMOTE_2 == $CONFIG_MATCH_TCP_REMOTE_2"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_TCP_REMOTE_2 != $CONFIG_MATCH_TCP_REMOTE_2"
|
||||
fi
|
||||
|
||||
# Test non-defroute config
|
||||
|
||||
SERV_IP=$(ip -4 -o addr show scope global | awk '{print $4}' | sed -e 's:/.*::' | head -n1)
|
||||
ovpn_genconfig -d -u udp://$SERV_IP -r "172.33.33.0/24" -r "172.34.34.0/24"
|
||||
# nopass is insecure
|
||||
EASYRSA_BATCH=1 EASYRSA_REQ_CN="Travis-CI Test CA" ovpn_initpki nopass
|
||||
easyrsa build-client-full client-fallback nopass
|
||||
ovpn_getclient client-fallback | tee /etc/openvpn/config-fallback.ovpn
|
||||
|
||||
CONFIG_REQUIRED_BLOCK_OUTSIDE_DNS=""
|
||||
CONFIG_MATCH_BLOCK_OUTSIDE_DNS=$(busybox grep 'push block-outside-dns' /etc/openvpn/openvpn.conf)
|
||||
|
||||
if [[ $CONFIG_MATCH_BLOCK_OUTSIDE_DNS =~ $CONFIG_REQUIRED_BLOCK_OUTSIDE_DNS ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_BLOCK_OUTSIDE_DNS == $CONFIG_MATCH_BLOCK_OUTSIDE_DNS"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_BLOCK_OUTSIDE_DNS != $CONFIG_MATCH_BLOCK_OUTSIDE_DNS"
|
||||
fi
|
||||
|
||||
CONFIG_REQUIRED_REDIRECT_GATEWAY=""
|
||||
CONFIG_MATCH_REDIRECT_GATEWAY=$(busybox grep "redirect-gateway def1" /etc/openvpn/config-fallback.ovpn)
|
||||
|
||||
if [[ $CONFIG_MATCH_REDIRECT_GATEWAY =~ $CONFIG_REQUIRED_REDIRECT_GATEWAY ]]
|
||||
then
|
||||
echo "==> Config match found: $CONFIG_REQUIRED_REDIRECT_GATEWAY == $CONFIG_MATCH_REDIRECT_GATEWAY"
|
||||
else
|
||||
abort "==> Config match not found: $CONFIG_REQUIRED_REDIRECT_GATEWAY != $CONFIG_MATCH_REDIRECT_GATEWAY"
|
||||
fi
|
||||
test_not_config "${SERVER_CONF}" '^push "block-outside-dns"'
|
||||
cat ${SERVER_CONF} >&1
|
||||
|
||||
Reference in New Issue
Block a user