From 39bc54234a06bf0f4693eb3d4121aafa9225b239 Mon Sep 17 00:00:00 2001 From: Stephen Seo Date: Sat, 22 May 2021 17:46:40 +0900 Subject: [PATCH] Impl full subnet clients for wireguardConfigGenerator.sh --- wireguardConfigGenerator.sh | 59 ++++++++++++++++++++++++++++++++----- 1 file changed, 51 insertions(+), 8 deletions(-) diff --git a/wireguardConfigGenerator.sh b/wireguardConfigGenerator.sh index e360f75..fa4e76a 100755 --- a/wireguardConfigGenerator.sh +++ b/wireguardConfigGenerator.sh @@ -10,13 +10,15 @@ function print_help { echo "Generates config for wireguard" echo "-h - prints this help" echo "-n - gives a name to the config" - echo "-c - number of clients to generate for" + echo "-c - number of clients to generate for. Mutually exclusive with \"-u\"" echo "-s - sets the second byte of the ipv4" echo "-i - sets the third byte of the ipv4" echo "-e - ip address or domain name (required)" echo "-p - listen port of server (defaults to 50000)" echo "-k - enables persistent keepalive for clients" echo "-o - output dir to place configs (required)" + echo "-u - subnet to use (default 24). Mutually exclusive with \"-c\"" + echo "-f - must use with \"-u\" to set partial fourth byte" } WGNAME="wg$(date | sha1sum | head -c 8)" @@ -24,14 +26,18 @@ CLIENT_COUNT=1 IPV4_FIRST=10 IPV4_SECOND=8 # this can be modified with "-s " IPV4_THIRD=0 # this can be modified with "-i " -# IPV4_FOURTH is generated automatically. Server starts with 1, and clients increment afterward. +IPV4_FOURTH=0 # used when "-u " is used SERVER_ENDPOINT="REQUIRED" SERVER_LISTEN_PORT=50000 ENABLE_PERSISTENT_KEEPALIVE=0 CONFIG_OUTPUT_DIRECTORY="REQUIRED" +WG_SUBNET=24 +CLIENT_COUNT_SET=0 +WG_SUBNET_SET=0 +IPV4_FOURTH_SET=0 # OPTARG -while getopts 'hn:c:s:i:e:p:ko:' opt; do +while getopts 'hn:c:s:i:e:p:ko:u:f:' opt; do if [ "$opt" == "?" ]; then print_help exit 1 @@ -42,6 +48,7 @@ while getopts 'hn:c:s:i:e:p:ko:' opt; do WGNAME="$OPTARG" elif [ "$opt" == "c" ]; then CLIENT_COUNT="$OPTARG" + CLIENT_COUNT_SET=1 elif [ "$opt" == "s" ]; then IPV4_SECOND="$OPTARG" if (($IPV4_SECOND < 0 || $IPV4_SECOND > 255)); then @@ -69,9 +76,16 @@ while getopts 'hn:c:s:i:e:p:ko:' opt; do ENABLE_PERSISTENT_KEEPALIVE=1 elif [ "$opt" == "o" ]; then CONFIG_OUTPUT_DIRECTORY="$OPTARG" + elif [ "$opt" == "u" ]; then + WG_SUBNET="$OPTARG" + WG_SUBNET_SET=1 + elif [ "$opt" == "f" ]; then + IPV4_FOURTH="$OPTARG" + IPV4_FOURTH_SET=1 fi done +# validation if [ "$SERVER_ENDPOINT" == "REQUIRED" ]; then echo "ERROR: Endpoint is not set with \"-e\" !" exit 2 @@ -81,9 +95,38 @@ elif [ "$CONFIG_OUTPUT_DIRECTORY" == "REQUIRED" ]; then elif [ ! -d "$CONFIG_OUTPUT_DIRECTORY" ]; then echo "ERROR: dir set with \"-o\" is not a directory!" exit 4 +elif (( $CLIENT_COUNT_SET )) && (( $WG_SUBNET_SET )); then + echo "ERROR: \"-c\" and \"-u\" is mutually exclusive!" + exit 12 +elif (( $IPV4_FOURTH_SET )) && (( $WG_SUBNET_SET == 0 )); then + echo "ERROR: fourth byte set but \"-u\" not used!" + exit 13 fi -echo "Creating config with name \"$WGNAME\" with \"$CLIENT_COUNT\" clients..." +# validation of "-u " +if (( $WG_SUBNET < 24 )); then + echo "ERROR: subnet cannot be less than 24!" + exit 9 +elif (( $WG_SUBNET > 24 )); then + USED_BITS=$(( 32 - $WG_SUBNET )) + if (( $USED_BITS < 2 )); then + echo "ERROR: subnet \"$WG_SUBNET\" is too large! Use 24-30!" + exit 11 + fi + TEMP_A="$IPV4_FOURTH" + while (( $USED_BITS > 0 )); do + if (( $TEMP_A & 1 != 0 )); then + echo "ERROR: Invalid IPV4_FOURTH when using subnet \"$WG_SUBNET\"!" + exit 10 + fi + TEMP_A=$(( $TEMP_A >> 1 )) + USED_BITS=$(( $USED_BITS - 1 )) + done + + CLIENT_COUNT=$(( 2**(32 - $WG_SUBNET) - 2 )) +fi + +echo "Creating config with name \"$WGNAME\" with \"$CLIENT_COUNT\" clients and subnet \"$WG_SUBNET\"..." mkdir -p "$HOME/temp" @@ -97,7 +140,7 @@ SERVER_PUB="$(echo -n ${SERVER_PRK} | wg pubkey)" echo "Creating server conf (will be appended to with client info)..." cat >> "${SERVER_CONF}" <> "${CLIENT_CONF}" <