Untitled

# STARTUP
# -----------------------------
# Move to writable directory and create scripts
cd /tmp
ln -s /usr/sbin/openvpn /tmp/myvpn

# Config for Site-to-Site Server-Client104
echo "
proto udp
port 2104
dev tun4
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
secret /tmp/static.key
verb 3
comp-lzo
keepalive 15 60
daemon
" > Server-Client104.conf

# Config for Site-to-Site Server-Client106
echo "
proto udp
port 2106
dev tun6
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
secret /tmp/static.key
verb 3
comp-lzo
keepalive 15 60
daemon
" > Server-Client106.conf

# Config for Static Key
echo "
-----BEGIN OpenVPN Static key V1-----
STATIC KEY
-----END OpenVPN Static key V1-----
" > static.key

# Create interfaces
/tmp/myvpn --mktun --dev tun4
/tmp/myvpn --mktun --dev tun6
ifconfig tun6 10.0.104.1 netmask 255.255.255.0 promisc up
ifconfig tun6 10.0.106.1 netmask 255.255.255.0 promisc up

# Create routes
route add -net 192.168.104.0 netmask 255.255.255.0 gw 10.0.104.2
route add -net 192.168.106.0 netmask 255.255.255.0 gw 10.0.106.2

# Initiate the tunnel
sleep 5
/tmp/myvpn --config Server-Client104.conf
/tmp/myvpn --config Server-Client106.conf


# -----------------------------
# FIREWALL
# -----------------------------

Firewall # Open firewal for Clients
iptables -I FORWARD -i tun+ -o br0 -j ACCEPT
iptables -I FORWARD -i br0 -o tun+ -j ACCEPT

# Open firewall holes for Client104
iptables -I INPUT 2 -p udp --dport 2104 -j ACCEPT
# iptables -I FORWARD 2 --source 192.168.104.0/24 -j ACCEPT
# iptables -I FORWARD -i br0 -o tun4 -j ACCEPT
# iptables -I FORWARD -i tun4 -o br0 -j ACCEPT

# Open firewall holes for Client106
iptables -I INPUT 2 -p udp --dport 2106 -j ACCEPT
iptables -I FORWARD 2 --source 192.168.106.0/24 -j ACCEPT
# iptables -I FORWARD -i br0 -o tun6 -j ACCEPT
# iptables -I FORWARD -i tun6 -o br0 -j ACCEPT

# Pingy na routery
iptables -I INPUT 3 -i tun4 -p icmp -j ACCEPT
iptables -I INPUT 3 -i tun6 -p icmp -j ACCEPT