API tools faq
paste
Guest User

Untitled

a guest
Aug 23rd, 2016
63
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.37 KB | None | 0 0
raw download clone embed print report
  1. script-security 2
  2. up /etc/openvpn/update-resolv-conf
  3. down /etc/openvpn/update-resolv-conf
  4.  
  5. acl goodclients {
  6. 172.31.18.0/24;
  7. 10.8.93.0/24;
  8. 127.0.0.1;
  9. localhost;
  10. localnets;
  11. };
  12.  
  13. options {
  14. directory "/var/cache/bind";
  15.  
  16. recursion yes;
  17. allow-query { goodclients; };
  18.  
  19. forwarders {
  20. 91.239.100.100;
  21. 89.233.43.71;
  22. };
  23. forward only;
  24.  
  25. dnssec-validation auto;
  26.  
  27. auth-nxdomain no; # conform to RFC1035
  28. listen-on-v6 { any; };
  29. };
  30.  
  31. port 1194
  32. proto udp
  33. dev tun
  34.  
  35. comp-lzo
  36. keepalive 10 120
  37.  
  38. persist-key
  39. persist-tun
  40. user nobody
  41. group nogroup
  42.  
  43. chroot /etc/openvpn/easy-rsa/keys/crl.jail
  44. crl-verify crl.pem
  45.  
  46. ca /etc/openvpn/easy-rsa/keys/ca.crt
  47. dh /etc/openvpn/easy-rsa/keys/dh1024.pem
  48. tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
  49. key /etc/openvpn/easy-rsa/keys/server.key
  50. cert /etc/openvpn/easy-rsa/keys/server.crt
  51.  
  52. ifconfig-pool-persist /var/lib/openvpn/server.ipp
  53. client-config-dir /etc/openvpn/server.ccd
  54. status /var/log/openvpn/server.log
  55. verb 4
  56.  
  57. # virtual subnet unique for openvpn to draw client addresses from
  58. # the server will be configured with x.x.x.1
  59. # important: must not be used on your network
  60. server 10.8.93.0 255.255.255.0
  61.  
  62. # configure clients to route all their traffic through the vpn
  63. push "redirect-gateway def1 bypass-dhcp"
  64. push "dhcp-option DNS 10.8.93.1"
  65. #push "redirect-gateway def1"
  66.  
  67.  
  68. #logs
  69. log-append openvpn.log
  70. verb 5
  71.  
  72. dig @10.8.93.1 google.com
  73.  
  74. ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @10.8.93.1 google.com
  75. ; (1 server found)
  76. ;; global options: +cmd
  77. ;; Got answer:
  78. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35943
  79. ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0
  80.  
  81. ;; QUESTION SECTION:
  82. ;google.com. IN A
  83.  
  84. ;; ANSWER SECTION:
  85. google.com. 251 IN A 173.194.112.201
  86. google.com. 251 IN A 173.194.112.206
  87. google.com. 251 IN A 173.194.112.192
  88. google.com. 251 IN A 173.194.112.193
  89. google.com. 251 IN A 173.194.112.194
  90. google.com. 251 IN A 173.194.112.195
  91. google.com. 251 IN A 173.194.112.196
  92. google.com. 251 IN A 173.194.112.197
  93. google.com. 251 IN A 173.194.112.198
  94. google.com. 251 IN A 173.194.112.199
  95. google.com. 251 IN A 173.194.112.200
  96.  
  97. ;; Query time: 130 msec
  98. ;; SERVER: 10.8.93.1#53(10.8.93.1)
  99. ;; WHEN: Fri Nov 7 00:50:59 2014
  100. ;; MSG SIZE rcvd: 204
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!