convert ip list to string export and back to array

binhex · Jun 7, 2023 · f9ec356 · f9ec356
1 parent 1d29881
commit f9ec356
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 5 deletions.
diff --git a/run/root/iptable-init.sh b/run/root/iptable-init.sh
@@ -21,6 +21,9 @@ function add_vpn_endpoints_to_iptables_accept() {
 		srcdst_flag="-d"
 	fi
 
+	# convert list of ip's back into an array (cannot export arrays in bash)
+	IFS=' ' read -ra vpn_remote_ip_array <<< "${VPN_REMOTE_IP_LIST}"
+
 	# iterate over remote ip address array and create accept rules
 	for vpn_remote_ip_item in "${vpn_remote_ip_array[@]}"; do
 

diff --git a/run/root/iptable.sh b/run/root/iptable.sh
@@ -38,6 +38,9 @@ if [[ ! -z "${VPN_INPUT_PORTS}" ]]; then
 
 fi
 
+# convert list of ip's back into an array (cannot export arrays in bash)
+IFS=' ' read -ra vpn_remote_ip_array <<< "${VPN_REMOTE_IP_LIST}"
+
 # if vpn output ports specified then add to outbound ports lan array
 if [[ ! -z "${VPN_OUTPUT_PORTS}" ]]; then
 	# split comma separated string into array from VPN_OUTPUT_PORTS env variable

diff --git a/run/root/openvpn.sh b/run/root/openvpn.sh
@@ -155,6 +155,9 @@ function start_openvpn() {
 	# split comma separated string into array from VPN_REMOTE_PROTOCOL env var
 	IFS=',' read -ra vpn_remote_protocol_list <<< "${VPN_REMOTE_PROTOCOL}"
 
+	# convert list of ip's back into an array (cannot export arrays in bash)
+	IFS=' ' read -ra vpn_remote_ip_array <<< "${VPN_REMOTE_IP_LIST}"
+
 	# setup ip tables and routing for application
 	source /root/iptable.sh
 

diff --git a/run/root/tools.sh b/run/root/tools.sh
@@ -50,9 +50,11 @@ function resolve_vpn_endpoints() {
 	IFS=',' read -ra vpn_remote_server_list <<< "${VPN_REMOTE_SERVER}"
 
 	# initialise indexed array used to store remote ip addresses for all remote endpoints
+	# note arrays are local to function unless -g flag is added
 	declare -a vpn_remote_ip_array
 
 	# initalise associative array used to store names and ip for remote endpoints
+	# note arrays are local to function unless -g flag is added
 	declare -A vpn_remote_array
 
 	if [[ "${VPN_PROV}" == "pia" ]]; then
@@ -131,9 +133,14 @@ function resolve_vpn_endpoints() {
 			# must also be able to resolve the host name (assuming it is a name and not ip).
 			remote_dns_answer_first=$(echo "${vpn_remote_item_dns_answer}" | cut -d ' ' -f 1)
 
-			# if not blank then write to hosts file
-			if [[ ! -z "${remote_dns_answer_first}" ]]; then
-				echo "${remote_dns_answer_first}	${vpn_remote_server}" >> /etc/hosts
+			# if name not already in /etc/hosts file then write
+			if ! grep -P -o -m 1 "${vpn_remote_server}" < '/etc/hosts'; then
+
+				# if name resolution to ip is not blank then write to hosts file
+				if [[ ! -z "${remote_dns_answer_first}" ]]; then
+					echo "${remote_dns_answer_first}	${vpn_remote_server}" >> /etc/hosts
+				fi
+
 			fi
 
 		else
@@ -145,6 +152,6 @@ function resolve_vpn_endpoints() {
 
 	done
 
-	# export all resolved vpn remote ip's - used in sourced openvpn.sh
-	export vpn_remote_ip_array="${vpn_remote_ip_array}"
+	# assign array to string (cannot export array in bash) and export for use with other scripts
+	export VPN_REMOTE_IP_LIST="${vpn_remote_ip_array[*]}"
 }