DD-WRT VPN.SH OpenVPN Client Script

# Name: DD-WRT Startup script to connect to VPN.sh VPN service
# Author: Yugandhar Veeramachaneni (www.capslocktrojan.com)
# Date: 01/01/2015
# Tested on: DD-WRT v24-sp2
# Credits: Some part of the code reused from VyprVPN's script

#!/bin/sh

USERNAME="Your VPN.sh Username"
PASSWORD="Your VPN.sh Password"
PROTOCOL="tcp"

# Add - delete - edit servers. You can use multiple servers; Edit remote_server_ip and remote_port.
# Usually, the port number is 443. Remote IP is the IP of the servers in various locations. Check your Client Area.
REMOTE_SERVERS="
remote remote_server_ip remote_port
"

CA_CRT='-----BEGIN CERTIFICATE-----
Paste the contents of CA.crt file here.
-----END CERTIFICATE-----'

# Check if OpenVPN Client is disabled in the GUI. If not, disable it now.
OPVPNENABLE=`nvram get openvpncl_enable | awk '$1 == "0" {print $1}'`

if [ "$OPVPNENABLE" != 0 ]; then
   nvram set openvpncl_enable=0
   nvram commit
fi

sleep 10
mkdir /tmp/vpn; cd /tmp/vpn
echo -e "$USERNAME\n$PASSWORD" > auth.conf
echo "$CA_CRT" > ca.crt
echo "#!/bin/sh
iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE" > route-up.sh
echo "#!/bin/sh
iptables -t nat -D POSTROUTING -o tun0 -j MASQUERADE" > route-down.sh
chmod 644 ca.crt; chmod 600 auth.conf; chmod 700 route-up.sh route-down.sh
sleep 10
echo "client
auth-user-pass /tmp/vpn/auth.conf
management 127.0.0.1 5001
management-log-cache 50
dev tun
proto $PROTOCOL
comp-lzo adaptive
fast-io
script-security 2
mtu-disc yes
verb 3
mute 5
cipher bf-cbc
auth sha1
tun-mtu 1500
resolv-retry infinite
nobind
persist-key
persist-tun
log-append vpn.log
ca ca.crt
status-version 3
status status
daemon
$REMOTE_SERVERS" > vpn.conf
ln -s /tmp/vpn/vpn.log /tmp/vpn.log
ln -s /tmp/vpn/status /tmp/status
(killall openvpn; openvpn --config /tmp/vpn/vpn.conf --route-up /tmp/vpn/route-up.sh --down /tmp/vpn/route-down.sh) &
exit 0