fix tcp

build/root/install.sh

@@ -107,20 +107,27 @@ if [[ $VPN_ENABLED == "yes" ]]; then
 	# convert CRLF (windows) to LF (unix) for ovpn
 	/usr/bin/dos2unix "${VPN_CONFIG}" 1> /dev/null
 
-	# parse values from ovpn file
-	export vpn_remote_line=$(cat "${VPN_CONFIG}" | grep -P -o -m 1 '(?<=^remote\s)[^\n\r]+' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
-	if [[ ! -z "${vpn_remote_line}" ]]; then
+	# get first matching 'remote' line in ovpn
+	vpn_remote_line=$(cat "${VPN_CONFIG}" | grep -P -o -m 1 '^remote\s.*')
+
+	if [ -n "${vpn_remote_line}" ]; then
+
+		# remove all remote lines as we cannot cope with multi remote lines
+		sed -i '/^remote\s.*/d' "${VPN_CONFIG}"
+
+		# if remote line contains old format 'tcp' then replace with newer 'tcp-client' format
+		vpn_remote_line=$(echo "${vpn_remote_line}" | sed "s/tcp$/tcp-client/g")
+
+		# write the single remote line back to the ovpn file on line 1
+		sed -i -e "1i${vpn_remote_line}" "${VPN_CONFIG}"
+
 		echo "[info] VPN remote line defined as '${vpn_remote_line}'" | ts '%Y-%m-%d %H:%M:%.S'
+
 	else
+
 		echo "[crit] VPN configuration file ${VPN_CONFIG} does not contain 'remote' line, showing contents of file before exit..." | ts '%Y-%m-%d %H:%M:%.S'
 		cat "${VPN_CONFIG}" && exit 1
-	fi
 
-	export VPN_REMOTE=$(echo "${vpn_remote_line}" | grep -P -o -m 1 '^[^\s\r\n]+' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
-	if [[ ! -z "${VPN_REMOTE}" ]]; then
-		echo "[info] VPN_REMOTE defined as '${VPN_REMOTE}'" | ts '%Y-%m-%d %H:%M:%.S'
-	else
-		echo "[crit] VPN_REMOTE not found in ${VPN_CONFIG}, exiting..." | ts '%Y-%m-%d %H:%M:%.S' && exit 1
 	fi
 
 	export VPN_PORT=$(echo "${vpn_remote_line}" | grep -P -o -m 1 '(?<=\s)\d{2,5}(?=\s)?+' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
@@ -132,6 +139,8 @@ if [[ $VPN_ENABLED == "yes" ]]; then
 
 	export VPN_PROTOCOL=$(cat "${VPN_CONFIG}" | grep -P -o -m 1 '(?<=^proto\s)[^\r\n]+' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
 	if [[ ! -z "${VPN_PROTOCOL}" ]]; then
+		# if 'proto' is old format 'tcp' then forcibly set to newer 'tcp-client' format
+		sed -i "s/^proto\stcp$/proto tcp-client/g" "${VPN_CONFIG}"
 		echo "[info] VPN_PROTOCOL defined as '${VPN_PROTOCOL}'" | ts '%Y-%m-%d %H:%M:%.S'
 	else
 		export VPN_PROTOCOL=$(echo "${vpn_remote_line}" | grep -P -o -m 1 'udp|tcp-client|tcp$' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
@@ -143,11 +152,6 @@ if [[ $VPN_ENABLED == "yes" ]]; then
 		fi
 	fi
 
-	# required for use in iptables
-	if [[ "${VPN_PROTOCOL}" == "tcp-client" ]]; then
-		export VPN_PROTOCOL="tcp"
-	fi
-
 	VPN_DEVICE_TYPE=$(cat "${VPN_CONFIG}" | grep -P -o -m 1 '(?<=^dev\s)[^\r\n\d]+' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
 	if [[ ! -z "${VPN_DEVICE_TYPE}" ]]; then
 		export VPN_DEVICE_TYPE="${VPN_DEVICE_TYPE}0"

run/root/iptable.sh

@@ -1,5 +1,10 @@
 #!/bin/bash
 
+# change openvpn config 'tcp-client' to compatible iptables 'tcp'
+if [[ "${VPN_PROTOCOL}" == "tcp-client" ]]; then
+	export VPN_PROTOCOL="tcp"
+fi
+
 # ip route
 ###
 
@@ -223,3 +228,8 @@ echo "[info] iptables defined as follows..."
 echo "--------------------"
 iptables -S
 echo "--------------------"
+
+# change iptable 'tcp' to openvpn config compatible 'tcp-client' (this file is sourced)
+if [[ "${VPN_PROTOCOL}" == "tcp" ]]; then
+	export VPN_PROTOCOL="tcp-client"
+fi