#!/bin/bash set -e # Source debconf library. . /usr/share/debconf/confmodule REGEXP_IPV4_ADDR='^([01]?[0-9][0-9]?|2[0-4][0-9]|25[0-5])\.([01]?[0-9][0-9]?|2[0-4][0-9]|25[0-5])\.([01]?[0-9][0-9]?|2[0-4][0-9]|25[0-5])\.([01]?[0-9][0-9]?|2[0-4][0-9]|25[0-5])$' REGEXP_IPV6_ADDR='^(([0-9a-fA-F]{0,4}:){2,7}[0-9a-fA-F]{0,4})$' is_ip_v4() { if [[ "${1}" =~ ${REGEXP_IPV4_ADDR} ]]; then return 0 fi return 1 } is_ip_v6() { # our REGEXP_IPV6_ADDR is not 100% perfect, so... if [[ "${1}" =~ ${REGEXP_IPV6_ADDR} ]] && ! [[ "${1}" =~ ::: ]]; then return 0 fi return 1 } is_net_v4() { NET=`echo "$1" | cut -d/ -f1` MASK=`echo "$1" | cut -d/ -f2` is_ip_v4 "$MASK" && is_ip_v4 "$NET" && return 0 echo "$MASK"|egrep -q '^([0-2]?[0-9]?|3[0-2])$' && is_ip_v4 "$NET" && return 0 return 1 } is_net_v6() { NET=`echo "$1" | cut -d/ -f1` MASK=`echo "$1" | cut -d/ -f2` is_ip_v6 "$MASK" && is_ip_v6 "$NET" && return 0 [[ "${MASK}" =~ ^[0-9]+$ ]] && [ ${MASK} -ge 32 ] && [ ${MASK} -le 128 ] && is_ip_v6 "$NET" && return 0 return 1 } is_host_v4() { LANG=C host "$1" 2> /dev/null | grep "address" | grep -v "IPv6" | cut -d" " -f4 } is_host_v6() { LANG=C host "$1" 2> /dev/null | grep "IPv6 address" | cut -d" " -f4 } is_host_v4_and_v6() { is_host=1 [ -n "$(is_host_v4 "$1")" ] && [ -n "$(is_host_v6 "$1")" ] && is_host=0 return ${is_host} } while true; do # Chooser for conf_method db_input high uif/conf_method || true db_go # Check their answer. db_get uif/conf_method case "$RET" in workstation) # show message db_input high uif/really-setup-workstation || true db_go # safety net question, jump back to asking for uif/conf_mode again # if not ACK'ed here. db_get uif/really-setup-workstation || true if [ "${RET}" = "false" ]; then continue fi # configure ping / traceroutes db_input high uif/pings || true db_go db_input high uif/traceroute || true db_go # configure trusted hostnames while true; do db_input high uif/trusted-hostnames || true db_go db_get uif/trusted-hostnames if [ -n "$RET" ]; then for i in $RET; do WORKS=0 is_host_v4_and_v6 "$i" && WORKS=1 if [ $WORKS -eq 0 ]; then db_input high uif/error || true db_go break fi done [ $WORKS -eq 0 ] && continue fi break done # configure trusted IPv4 hosts while true; do db_input high uif/trusted || true db_go db_get uif/trusted if [ -n "$RET" ]; then for i in $RET; do WORKS=0 is_ip_v4 "$i" && WORKS=1 [ $WORKS -eq "0" ] && is_net_v4 "$i" && WORKS=1 [ $WORKS -eq "0" ] && HOST=`is_host_v4 "$i"` [ -n "$HOST" ] && WORKS=1 if [ $WORKS -eq 0 ]; then db_input high uif/error || true db_go break fi done [ $WORKS -eq 0 ] && continue fi break done # configure trusted IPv6 hosts while true; do db_input high uif/trusted-v6 || true db_go db_get uif/trusted-v6 if [ -n "$RET" ]; then for i in $RET; do WORKS=0 is_ip_v6 "$i" && WORKS=1 [ $WORKS -eq "0" ] && is_net_v6 "$i" && WORKS=1 [ $WORKS -eq "0" ] && HOST=`is_host_v6 "$i"` [ -n "$HOST" ] && WORKS=1 if [ $WORKS -eq 0 ]; then db_input high uif/error || true db_go break fi done [ $WORKS -eq 0 ] && continue fi break done # if we reach here, we can simply leave the outer while loop break ;; debian-edu-router) # show message db_input high uif/really-setup-debianedurouter || true db_go # safety net question, jump back to asking for uif/conf_mode again # if not ACK'ed here. db_get uif/really-setup-debianedurouter || true if [ "${RET}" = "false" ]; then continue fi # configure ping / traceroutes db_input high uif/pings || true db_go db_input high uif/traceroute || true db_go # if we reach here, we can simply leave the outer while loop break ;; *) break ;; esac done exit 0