Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- # Login Info
- PPTP_USER=<vpn_user_name>
- PPTP_PASSWORD=<vpn_password>
- # PPTP Server Info
- PPTP_DOMAIN=<vpn_domain>
- PPTP_SERVER=<vpn_server_name_or_ip>
- PPPD_OPTIONS=
- DEF_GATEWAY=No
- ADD_SUBNETS=<vpn_extra_subnets_space_delimited_and_quoted>
- # for example, "192.168.100.0 192.168.101.0"
- # this is needed if you're not using default
- # gateway from VPN network,
- # and your VPN network has multiple subnets.
- UNIT=5 # anything but 0
- # Do not change anything below unless you know what you're doing...
- SCRIPTS_PATH=/tmp/ppp/ppp$UNIT
- FIRE_PATH=/tmp/config
- DNSMASQ_CUSTOM=/etc/dnsmasq.custom
- TMPF=/tmp/$(date '+%y%d%m%H%M%S')
- _up()
- {
- if [ x$IFNAME == x ]; then
- return 0
- fi
- logger -p 6 -t 'pptp-vpn['$$']' 'PPP link '$IFNAME' is up: server IP '$IPREMOTE', local IP '$IPLOCAL
- echo "IP-UP: " $IFNAME $IPREMOTE $IPLOCAL
- echo $IFNAME > $SCRIPTS_PATH/link
- ifconfig $IFNAME arp multicast up
- nvram set ppp${UNIT}_get_ip=$IPLOCAL
- nvram set ppp${UNIT}_gateway=$IPREMOTE
- if [ x$PPTP_DOMAIN != x ]; then
- echo "rebind-domain-ok=$PPTP_DOMAIN" > $TMPF
- [ -n $DNS1 ] && echo "server=/$PPTP_DOMAIN/$DNS1" >> $TMPF
- else
- echo "rebind-domain-ok=$PPTP_SERVER" > $TMPF
- fi
- echo "server=/$PPTP_SERVER/#" >> $TMPF
- # configure routes via remote gateway
- if [ x$IPREMOTE != x ]; then
- # reset IP address of the interface for MASQ to flush the conntrack entries
- ifconfig $IFNAME add 0.0.0.0
- ifconfig ppp5 add $IPLOCAL dstaddr $IPREMOTE netmask 255.255.255.255
- # delete existing routes
- route del default dev $IFNAME
- route del $IPREMOTE dev $IFNAME
- # add routes to the gateway and to itself
- route add $IPREMOTE metric 0 dev $IFNAME
- route add $IPLOCAL metric 0 dev $IFNAME
- # add routes to DNS servers
- [ -n $DNS1 ] && route add $DNS1 gw $IPREMOTE metric 0 dev $IFNAME
- [ -n $DNS2 ] && route add $DNS2 gw $IPREMOTE metric 0 dev $IFNAME
- # add route to the gateway subnet
- route add -net ${IPREMOTE%'.'*}.0 gw $IPREMOTE netmask 255.255.255.0 metric 0 dev $IFNAME
- # setup default gateway
- metric_ppp=1
- metric_wan=0
- if [ "$DEF_GATEWAY" == "Yes" ]; then
- metric_ppp=0
- metric_wan=1
- fi
- # reset the default gateway route via physical interface
- route del default gw $(nvram get wan_gateway) dev $(nvram get wan_ifname)
- route del $(nvram get wan_gateway) dev $(nvram get wan_ifname)
- route add $(nvram get wan_gateway) metric 0 dev $(nvram get wan_ifname)
- route add default gw $(nvram get wan_gateway) metric $metric_wan dev $(nvram get wan_ifname)
- # add PPTP default gateway
- route add default gw $IPREMOTE metric $metric_ppp dev $IFNAME
- # add routes to additional subnets if any
- for subnet in $ADD_SUBNETS
- do
- route add -net $subnet gw $IPREMOTE netmask 255.255.255.0 metric 0 dev $IFNAME
- done
- # remove route to the gateway - no longer needed
- route del $IPREMOTE dev $IFNAME
- fi
- # firewall script
- mkdir -p $FIRE_PATH
- echo '#!/bin/sh
- if [ -f /var/run/ppp'$UNIT'.pid ] && [ -n $(cat /var/run/ppp'$UNIT'.pid) ]; then
- iptables -t nat -A PREROUTING -d '$IPLOCAL' -j WANPREROUTING
- iptables -t nat -A PREROUTING -i '$IFNAME' -d '$(nvram get lan_ipaddr)'/'$(nvram get lan_netmask)' -j DROP
- iptables -t nat -A POSTROUTING -o '$IFNAME' -j MASQUERADE
- iptables -I INPUT -i br0 -d '$IPLOCAL' -j DROP
- iptables -A FORWARD -i '$IFNAME' -j wanin
- iptables -A FORWARD -o '$IFNAME' -j wanout
- iptables -A FORWARD -i '$IFNAME' -j upnp
- # QoS rules (not needed)
- # iptables -t mangle -A FORWARD -o '$IFNAME' -j QOSO
- # iptables -t mangle -A OUTPUT -o '$IFNAME' -j QOSO
- # iptables -t mangle -A PREROUTING -i '$IFNAME' -j CONNMARK --restore-mark --mask 0xff
- fi
- ' > "$FIRE_PATH/ppp$UNIT.fire"
- chmod +x "$FIRE_PATH/ppp$UNIT.fire"
- mv -f $TMPF $DNSMASQ_CUSTOM
- service routing restart
- service dnsmasq restart
- service firewall restart
- }
- _down()
- {
- echo "IP-DOWN"
- logger -p 6 -t 'pptp-vpn['$$']' 'PPP link is down, restoring default settings...'
- nvram unset ppp${UNIT}_get_ip
- nvram unset ppp${UNIT}_gateway
- rm -f $FIRE_PATH/ppp$UNIT.fire
- rm -f $SCRIPTS_PATH/link
- echo "" > $DNSMASQ_CUSTOM
- # restore default WAN gateway with metric 0
- route del default gw $(nvram get wan_gateway) dev $(nvram get wan_ifname)
- route del $(nvram get wan_gateway) dev $(nvram get wan_ifname)
- route add $(nvram get wan_gateway) metric 0 dev $(nvram get wan_ifname)
- route add default gw $(nvram get wan_gateway) metric 0 dev $(nvram get wan_ifname)
- service routing restart
- service dnsmasq restart
- service firewall restart
- }
- _stop()
- {
- echo "Stopping pppd$UNIT..."
- killall ppp$UNIT-up
- killall ppp$UNIT-down
- [ -f /var/run/ppp$UNIT.pid ] && kill $(cat /var/run/ppp$UNIT.pid)
- }
- _write_config()
- {
- mkdir -p $SCRIPTS_PATH
- [ -x "$SCRIPTS_PATH/ppp$UNIT-up" ] || echo '#!/bin/sh
- '$0' up' > "$SCRIPTS_PATH/ppp$UNIT-up"
- chmod +x "$SCRIPTS_PATH/ppp$UNIT-up"
- [ -x "$SCRIPTS_PATH/ppp$UNIT-down" ] || echo '#!/bin/sh
- '$0' down' > "$SCRIPTS_PATH/ppp$UNIT-down"
- chmod +x "$SCRIPTS_PATH/ppp$UNIT-down"
- echo " unit $UNIT
- usepeerdns
- plugin pptp.so
- pptp_server $PPTP_SERVER
- user '$PPTP_USER'
- password '$PPTP_PASSWORD'
- default-asyncmap
- nopcomp
- noaccomp
- novj
- nobsdcomp
- nodeflate
- noauth
- refuse-eap
- maxfail 0
- ip-up-script '$SCRIPTS_PATH/ppp$UNIT-up'
- ip-down-script '$SCRIPTS_PATH/ppp$UNIT-down'
- lcp-echo-interval 15
- lcp-echo-failure 6
- lcp-echo-adaptive
- persist
- holdoff 20
- nomppe-stateful
- mtu 1400" > "$SCRIPTS_PATH/options"
- }
- _start()
- {
- echo "Starting pppd$UNIT..."
- pppd file "$SCRIPTS_PATH/options"
- }
- _restart()
- {
- _stop
- sleep 2
- _write_config
- _start
- }
- _check_run()
- {
- if [ ! -f /proc/$(cat /var/run/ppp$UNIT.pid)/exe ]; then
- echo "pppd not running, restarting..."
- _restart
- else
- ifconfig ppp${UNIT} 2>&1 > /dev/null
- if [ $? -eq 1 ]; then
- echo "pppd$UNIT down, restarting..."
- _restart
- fi
- fi
- }
- case $1 in
- start)
- _restart
- ;;
- stop)
- _stop
- ;;
- up)
- _up
- ;;
- down)
- _down
- ;;
- config)
- _write_config
- ;;
- check)
- _check_run
- ;;
- *)
- echo "usage: $0 (start|stop|check|up|down|config)"
- exit 1
- esac
- exit $?
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement