From 832571f8f0fbe0ec3ba4f961c6d4fb682ac742b6 Mon Sep 17 00:00:00 2001
From: Julien Vaubourg <julien@vaubourg.com>
Date: Thu, 8 Oct 2015 20:19:35 +0200
Subject: [PATCH] * Remove default value vpn.ldn-fai.net * Update loadcube.sh
 help * Allow incoming TCP/443 connections on the wired_interface

---
 conf/hook_post-iptable-rules       |  2 ++
 conf/ynh-vpnclient                 |  4 ++--
 conf/ynh-vpnclient-loadcubefile.sh | 10 +++-------
 scripts/install                    |  2 +-
 4 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/conf/hook_post-iptable-rules b/conf/hook_post-iptable-rules
index 479c2ea..c465a4e 100644
--- a/conf/hook_post-iptable-rules
+++ b/conf/hook_post-iptable-rules
@@ -12,6 +12,7 @@ sudo ip6tables -N vpnclient_fwd
 sudo ip6tables -A vpnclient_in -p icmpv6 -j ACCEPT
 sudo ip6tables -A vpnclient_in -s fd00::/8,fe80::/10 -j ACCEPT
 sudo ip6tables -A vpnclient_in -p tcp --dport 22 -j ACCEPT
+sudo ip6tables -A vpnclient_in -p tcp --dport 443 -j ACCEPT
 sudo ip6tables -A vpnclient_in -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 sudo ip6tables -A vpnclient_in -j DROP
 
@@ -44,6 +45,7 @@ sudo iptables -N vpnclient_fwd
 sudo iptables -A vpnclient_in -p icmp -j ACCEPT
 sudo iptables -A vpnclient_in -s 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,169.254.0.0/16 -j ACCEPT
 sudo iptables -A vpnclient_in -p tcp --dport 22 -j ACCEPT
+sudo iptables -A vpnclient_in -p tcp --dport 443 -j ACCEPT
 sudo iptables -A vpnclient_in -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 sudo iptables -A vpnclient_in -j DROP
 
diff --git a/conf/ynh-vpnclient b/conf/ynh-vpnclient
index eddaeee..7abef8e 100644
--- a/conf/ynh-vpnclient
+++ b/conf/ynh-vpnclient
@@ -247,10 +247,10 @@ if [ "$1" != restart ]; then
 
   new_ip6_gw=$(ip -6 route | grep default\ via | awk '{ print $3 }')
   new_wired_device=$(ip route | awk '/default via/ { print $NF; }')
-  new_server_ip6=$(host "${ynh_server_name}" | awk '/IPv6/ { print $NF; }')
+  new_server_ip6=$(host "${ynh_server_name}" 2> /dev/null | awk '/IPv6/ { print $NF; }')
 
   if [ -z "${new_server_ip6}" ]; then
-    new_server_ip6=$(host "${ynh_server_name}" 80.67.188.188 | awk '/IPv6/ { print $NF; }')
+    new_server_ip6=$(host "${ynh_server_name}" 80.67.188.188 2> /dev/null | awk '/IPv6/ { print $NF; }')
   fi
 
   echo "OK"
diff --git a/conf/ynh-vpnclient-loadcubefile.sh b/conf/ynh-vpnclient-loadcubefile.sh
index 19d2211..d88f0ed 100644
--- a/conf/ynh-vpnclient-loadcubefile.sh
+++ b/conf/ynh-vpnclient-loadcubefile.sh
@@ -36,19 +36,15 @@ while getopts "u:p:c:h" opt; do
       fi
     ;;
     h)
-      echo "-u SSO username (user with permissions on VPN Client)"
-      echo "-p SSO password"
+      echo "-u YunoHost username (user with permissions on VPN Client)"
+      echo "-p User password"
       echo "-c Dot cube file path"
       echo "-h This help"
 
       exit 0
     ;;
     \?)
-      echo "[ERR] Invalid option: -$OPTARG (-h for help)" >&2
-      exit 1
-    ;;
-    :)
-      echo "[ERR] Option -$OPTARG requires an argument" >&2
+      echo "[ERR] Invalid option (-h for help)" >&2
       exit 1
     ;;
   esac
diff --git a/scripts/install b/scripts/install
index df10c3c..99ef1e2 100644
--- a/scripts/install
+++ b/scripts/install
@@ -51,7 +51,7 @@ if ! $upgrade; then
 
   # Save arguments
   sudo yunohost app setting vpnclient service_enabled -v 0
-  sudo yunohost app setting vpnclient server_name -v access.ldn-fai.net
+  sudo yunohost app setting vpnclient server_name -v none
   sudo yunohost app setting vpnclient server_port -v 1194
   sudo yunohost app setting vpnclient server_proto -v udp
   sudo yunohost app setting vpnclient ip6_addr -v none