- { echo "**tinc: MyOwnVPNIP/MyVirtualIP required!" >&2; return 2; }
- [ `echo $VPN | wc -l` -gt 1 ] && \
- { echo "**tinc: multiple MyOwnVPNIP/MyVirtualIP entries not allowed!" >&2; return 3; }
- echo $VPN | grep -q -x \
- '\([[:digit:]]\{1,3\}\.\)\{3\}[[:digit:]]\{1,3\}/[[:digit:]]\{1,2\}' || \
- { echo "**tinc: badly formed MyOwnVPNIP/MyVirtualIP address $VPN!"; return 3; }
+ { MSG="MyOwnVPNIP/MyVirtualIP required!"; return 1 }
+ [ $(echo $VPN | wc -l) -gt 1 ] && \
+ { MSG="multiple MyOwnVPNIP/MyVirtualIP entries not allowed!"; return 1 }
+ echo $VPN | grep -q -x -E \
+ '([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}/[[:digit:]]{1,2}' || \
+ { MSG="badly formed MyOwnVPNIP/MyVirtualIP address $VPN!"; return 1 }
+
+ # VPNMask syntax validation
+ [ $(echo $IFM | wc -l) -gt 1 ] && \
+ { MSG="multiple VPNMask entries not allowed!"; return 1 }
+
+
+ # device & IP address extraction
+ TAP=${DEV##*/}
+ NUM=${TAP#tap}
+ ADR=${VPN%%/*}
+
+ # netmask is calculated from MyVirtualIP netmask prefix length, except when
+ # VPNMask is specified, in which case it is used instead of default prefix
+
+ # VPNMask not specified
+ if [ -z "$IFM" ]; then
+ LEN=${VPN##*/}
+ MSK=$(prefix_to_mask $LEN)
+
+ # VPNMask is prefix length, convert it to netmask for MSK
+ elif echo $IFM | grep -q -x -E '[[:digit:]]{1,2}'; then
+ VPN="$ADR/$IFM"
+ MSK=$(prefix_to_mask $IFM)
+
+ # VPNMask is netmask, convert it to prefix length for VPN
+ elif echo $IFM | grep -q -x -E '([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}'; then
+ VPN="$ADR/$(mask_to_prefix $IFM)"
+ MSK="$IFM"
+
+ else
+ MSG="badly formed interface netmask (VPNMask=$IFM)!"
+ return 1
+ fi