From 39bc54234a06bf0f4693eb3d4121aafa9225b239 Mon Sep 17 00:00:00 2001
From: Stephen Seo <seo.disparate@gmail.com>
Date: Sat, 22 May 2021 17:46:40 +0900
Subject: [PATCH] Impl full subnet clients for wireguardConfigGenerator.sh

---
 wireguardConfigGenerator.sh | 59 ++++++++++++++++++++++++++++++++-----
 1 file changed, 51 insertions(+), 8 deletions(-)

diff --git a/wireguardConfigGenerator.sh b/wireguardConfigGenerator.sh
index e360f75..fa4e76a 100755
--- a/wireguardConfigGenerator.sh
+++ b/wireguardConfigGenerator.sh
@@ -10,13 +10,15 @@ function print_help {
     echo "Generates config for wireguard"
     echo "-h - prints this help"
     echo "-n <name> - gives a name to the config"
-    echo "-c <count> - number of clients to generate for"
+    echo "-c <count> - number of clients to generate for. Mutually exclusive with \"-u\""
     echo "-s <ipv4_second> - sets the second byte of the ipv4"
     echo "-i <ipv4_third> - sets the third byte of the ipv4"
     echo "-e <endpoint> - ip address or domain name (required)"
     echo "-p <port> - listen port of server (defaults to 50000)"
     echo "-k - enables persistent keepalive for clients"
     echo "-o <directory> - output dir to place configs (required)"
+    echo "-u <subnet> - subnet to use (default 24). Mutually exclusive with \"-c\""
+    echo "-f <ipv4_fourth> - must use with \"-u\" to set partial fourth byte"
 }
 
 WGNAME="wg$(date | sha1sum | head -c 8)"
@@ -24,14 +26,18 @@ CLIENT_COUNT=1
 IPV4_FIRST=10
 IPV4_SECOND=8 # this can be modified with "-s <integer>"
 IPV4_THIRD=0 # this can be modified with "-i <integer>"
-# IPV4_FOURTH is generated automatically. Server starts with 1, and clients increment afterward.
+IPV4_FOURTH=0 # used when "-u <subnet>" is used
 SERVER_ENDPOINT="REQUIRED"
 SERVER_LISTEN_PORT=50000
 ENABLE_PERSISTENT_KEEPALIVE=0
 CONFIG_OUTPUT_DIRECTORY="REQUIRED"
+WG_SUBNET=24
+CLIENT_COUNT_SET=0
+WG_SUBNET_SET=0
+IPV4_FOURTH_SET=0
 
 # OPTARG
-while getopts 'hn:c:s:i:e:p:ko:' opt; do
+while getopts 'hn:c:s:i:e:p:ko:u:f:' opt; do
     if [ "$opt" == "?" ]; then
         print_help
         exit 1
@@ -42,6 +48,7 @@ while getopts 'hn:c:s:i:e:p:ko:' opt; do
         WGNAME="$OPTARG"
     elif [ "$opt" == "c" ]; then
         CLIENT_COUNT="$OPTARG"
+        CLIENT_COUNT_SET=1
     elif [ "$opt" == "s" ]; then
         IPV4_SECOND="$OPTARG"
         if (($IPV4_SECOND < 0 || $IPV4_SECOND > 255)); then
@@ -69,9 +76,16 @@ while getopts 'hn:c:s:i:e:p:ko:' opt; do
         ENABLE_PERSISTENT_KEEPALIVE=1
     elif [ "$opt" == "o" ]; then
         CONFIG_OUTPUT_DIRECTORY="$OPTARG"
+    elif [ "$opt" == "u" ]; then
+        WG_SUBNET="$OPTARG"
+        WG_SUBNET_SET=1
+    elif [ "$opt" == "f" ]; then
+        IPV4_FOURTH="$OPTARG"
+        IPV4_FOURTH_SET=1
     fi
 done
 
+# validation
 if [ "$SERVER_ENDPOINT" == "REQUIRED" ]; then
     echo "ERROR: Endpoint is not set with \"-e\" !"
     exit 2
@@ -81,9 +95,38 @@ elif [ "$CONFIG_OUTPUT_DIRECTORY" == "REQUIRED" ]; then
 elif [ ! -d "$CONFIG_OUTPUT_DIRECTORY" ]; then
     echo "ERROR: dir set with \"-o\" is not a directory!"
     exit 4
+elif (( $CLIENT_COUNT_SET )) && (( $WG_SUBNET_SET )); then
+    echo "ERROR: \"-c\" and \"-u\" is mutually exclusive!"
+    exit 12
+elif (( $IPV4_FOURTH_SET )) && (( $WG_SUBNET_SET == 0 )); then
+    echo "ERROR: fourth byte set but \"-u\" not used!"
+    exit 13
 fi
 
-echo "Creating config with name \"$WGNAME\" with \"$CLIENT_COUNT\" clients..."
+# validation of "-u <subnet>"
+if (( $WG_SUBNET < 24 )); then
+    echo "ERROR: subnet cannot be less than 24!"
+    exit 9
+elif (( $WG_SUBNET > 24 )); then
+    USED_BITS=$(( 32 - $WG_SUBNET ))
+    if (( $USED_BITS < 2 )); then
+        echo "ERROR: subnet \"$WG_SUBNET\" is too large! Use 24-30!"
+        exit 11
+    fi
+    TEMP_A="$IPV4_FOURTH"
+    while (( $USED_BITS > 0 )); do
+        if (( $TEMP_A & 1 != 0 )); then
+            echo "ERROR: Invalid IPV4_FOURTH when using subnet \"$WG_SUBNET\"!"
+            exit 10
+        fi
+        TEMP_A=$(( $TEMP_A >> 1 ))
+        USED_BITS=$(( $USED_BITS - 1 ))
+    done
+
+    CLIENT_COUNT=$(( 2**(32 - $WG_SUBNET) - 2 ))
+fi
+
+echo "Creating config with name \"$WGNAME\" with \"$CLIENT_COUNT\" clients and subnet \"$WG_SUBNET\"..."
 
 mkdir -p "$HOME/temp"
 
@@ -97,7 +140,7 @@ SERVER_PUB="$(echo -n ${SERVER_PRK} | wg pubkey)"
 echo "Creating server conf (will be appended to with client info)..."
 cat >> "${SERVER_CONF}" <<EOF
 [Interface]
-Address = ${IPV4_FIRST}.${IPV4_SECOND}.${IPV4_THIRD}.1/24
+Address = ${IPV4_FIRST}.${IPV4_SECOND}.${IPV4_THIRD}.$(( 1 | $IPV4_FOURTH ))/$WG_SUBNET
 ListenPort = ${SERVER_LISTEN_PORT}
 PrivateKey = ${SERVER_PRK}
 EOF
@@ -115,19 +158,19 @@ for ((i = 0; i < $CLIENT_COUNT; ++i)); do
 [Peer]
 PublicKey = ${CLIENT_PUB}
 PresharedKey = ${CLIENT_PRE}
-AllowedIPs = ${IPV4_FIRST}.${IPV4_SECOND}.${IPV4_THIRD}.$((i + 2))/32
+AllowedIPs = ${IPV4_FIRST}.${IPV4_SECOND}.${IPV4_THIRD}.$(( (i + 2) | $IPV4_FOURTH ))/32
 EOF
 
     echo "Creating client $((i + 1)) conf..."
     cat >> "${CLIENT_CONF}" <<EOF
 [Interface]
-Address = ${IPV4_FIRST}.${IPV4_SECOND}.${IPV4_THIRD}.$((i + 2))/24
+Address = ${IPV4_FIRST}.${IPV4_SECOND}.${IPV4_THIRD}.$(( (i + 2) | $IPV4_FOURTH ))/$WG_SUBNET
 PrivateKey = ${CLIENT_PRK}
 
 [Peer]
 PublicKey = ${SERVER_PUB}
 PresharedKey = ${CLIENT_PRE}
-AllowedIPs = ${IPV4_FIRST}.${IPV4_SECOND}.${IPV4_THIRD}.1/32
+AllowedIPs = ${IPV4_FIRST}.${IPV4_SECOND}.${IPV4_THIRD}.$(( 1 | $IPV4_FOURTH ))/32
 Endpoint = ${SERVER_ENDPOINT}:${SERVER_LISTEN_PORT}
 EOF