#!/bin/sh#export DEBUG= # uncomment/comment to enable/disable debugging mode

1. #!/bin/sh
2. #export DEBUG= # uncomment/comment to enable/disable debugging mode
3. # http://www.dd-wrt.com/phpBB2/viewtopic.php?t=280165
4.  
5.  
6. SERVER="watch.torguard.org"
7. PROTOCOL="udp" # You can use tcp or udp, but make sure the letters are lowercase.
8. PORT="443" # You can select port 443 for either tcp or udp. Port 1194 also works for udp.
9. USER="MYUSERNAME" # Replace MYUSERNAME with your IPVanish Username.
10. PASS="MYPASSWORD" # Replace MYPASSWORD with your IPVanish Password.
11.  
12. # This script will cause the entire router startup sequence to be about 2 minutes.
13.  
14. ntpclient pool.ntp.org
15. stopservice process_monitor
16. startservice process_monitor
17. sleep 30
18.  
19. mkdir /tmp/openvpncl
20.  
21. echo client > /tmp/openvpncl/openvpn.conf &&
22. echo dev tun >> /tmp/openvpncl/openvpn.conf &&
23. echo proto "$PROTOCOL" >> /tmp/openvpncl/openvpn.conf &&
24. echo remote "$SERVER" "$PORT" >> /tmp/openvpncl/openvpn.conf &&
25. echo resolv-retry infinite >> /tmp/openvpncl/openvpn.conf &&
26. echo nobind >> /tmp/openvpncl/openvpn.conf &&
27. echo persist-key >> /tmp/openvpncl/openvpn.conf &&
28. echo persist-tun >> /tmp/openvpncl/openvpn.conf &&
29. echo persist-remote-ip >> /tmp/openvpncl/openvpn.conf &&
30. echo tun-mtu 1500 >> /tmp/openvpncl/openvpn.conf &&
31. echo ca /tmp/openvpncl/ca.crt >> /tmp/openvpncl/openvpn.conf &&
32. echo remote-cert-tls server >> /tmp/openvpncl/openvpn.conf &&
33. echo auth-user-pass /tmp/auth.conf >> /tmp/openvpncl/openvpn.conf &&
34. echo comp-lzo >> /tmp/openvpncl/openvpn.conf &&
35. echo verb 4 >> /tmp/openvpncl/openvpn.conf &&
36. echo auth SHA256 >> /tmp/openvpncl/openvpn.conf &&
37. echo cipher AES-256-CBC >> /tmp/openvpncl/openvpn.conf &&
38. echo keysize 256 >> /tmp/openvpncl/openvpn.conf &&
39. echo tls-cipher DHE-RSA-AES256-SHA >> /tmp/openvpncl/openvpn.conf &&
40. echo script-security 3 system >> /tmp/openvpncl/openvpn.conf
41. echo log /tmp/openvpncl/openvpn.log >> /tmp/openvpncl/openvpn.conf
42. echo daemon >> /tmp/openvpncl/openvpn.conf
43. echo status-version 3 >> /tmp/openvpncl/openvpn.conf
44. echo status /tmp/openvpncl/status.log 5 >> /tmp/openvpncl/openvpn.conf
45. echo -e "$USER\n$PASS" > /tmp/auth.conf
46.  
47. chmod 600 /tmp/auth.conf
48.  
49. echo -----BEGIN CERTIFICATE----- > /tmp/openvpncl/ca.crt
50. echo MIIDqzCCAxSgAwIBAgIJAP/g7Ah3SNNHMA0GCSqGSIb3DQEBBQUAMIGWMQswCQYD >> /tmp/openvpncl/ca.crt
51. echo VQQGEwJVUzELMAkGA1UECBMCRkwxEDAOBgNVBAcTB09ybGFuZG8xETAPBgNVBAoT >> /tmp/openvpncl/ca.crt
52. echo CFRvckd1YXJkMQwwCgYDVQQLEwNWUE4xEzARBgNVBAMTClRHLU9WUE4tQ0ExDDAK >> /tmp/openvpncl/ca.crt
53. echo BgNVBCkTA1ZQTjEkMCIGCSqGSIb3DQEJARYVc3lzYWRtaW5AdG9yZ3VhcmQubmV0 >> /tmp/openvpncl/ca.crt
54. echo MB4XDTE0MDQwOTE0NDIyMloXDTI0MDQwNjE0NDIyMlowgZYxCzAJBgNVBAYTAlVT >> /tmp/openvpncl/ca.crt
55. echo MQswCQYDVQQIEwJGTDEQMA4GA1UEBxMHT3JsYW5kbzERMA8GA1UEChMIVG9yR3Vh >> /tmp/openvpncl/ca.crt
56. echo cmQxDDAKBgNVBAsTA1ZQTjETMBEGA1UEAxMKVEctT1ZQTi1DQTEMMAoGA1UEKRMD >> /tmp/openvpncl/ca.crt
57. echo VlBOMSQwIgYJKoZIhvcNAQkBFhVzeXNhZG1pbkB0b3JndWFyZC5uZXQwgZ8wDQYJ >> /tmp/openvpncl/ca.crt
58. echo KoZIhvcNAQEBBQADgY0AMIGJAoGBANeCV65/6z6cbGfZ6LouGl1W7A71x6CEerxN >> /tmp/openvpncl/ca.crt
59. echo wcFeLZx89DM0NxEBs47+gYYqhzKCR+6YCVduD29NMa5dzDwNFEmhOKrHhIposdY7 >> /tmp/openvpncl/ca.crt
60. echo JmNC2IeXxOSEcOMjBrRexqBN+CZx0bfj6H6qtlRFtkZlDvNritINiznJjG/DbA2X >> /tmp/openvpncl/ca.crt
61. echo jTO6J8f1AgMBAAGjgf4wgfswHQYDVR0OBBYEFPWAX1TtNU8tPbhRdYMGn98i9Hoi >> /tmp/openvpncl/ca.crt
62. echo MIHLBgNVHSMEgcMwgcCAFPWAX1TtNU8tPbhRdYMGn98i9HoioYGcpIGZMIGWMQsw >> /tmp/openvpncl/ca.crt
63. echo CQYDVQQGEwJVUzELMAkGA1UECBMCRkwxEDAOBgNVBAcTB09ybGFuZG8xETAPBgNV >> /tmp/openvpncl/ca.crt
64. echo BAoTCFRvckd1YXJkMQwwCgYDVQQLEwNWUE4xEzARBgNVBAMTClRHLU9WUE4tQ0Ex >> /tmp/openvpncl/ca.crt
65. echo DDAKBgNVBCkTA1ZQTjEkMCIGCSqGSIb3DQEJARYVc3lzYWRtaW5AdG9yZ3VhcmQu >> /tmp/openvpncl/ca.crt
66. echo bmV0ggkA/+DsCHdI00cwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBx >> /tmp/openvpncl/ca.crt
67. echo 1VNcpbpAPzSz8gfT7iUiVPsSgHqhrzozEY8zpPoZkHDfo75P6AQnGwGdDHKljo6h >> /tmp/openvpncl/ca.crt
68. echo dkl1ZCTMd0CMbQbWzseNIZNwvHbE3hcnH0zxVKaGyNB6FNdhWVDNcvOhIZYvYbPM >> /tmp/openvpncl/ca.crt
69. echo fzWZQFXS/jfjjn1+p9UUQwPONvhoQaRhsUJOcrntug== >> /tmp/openvpncl/ca.crt
70. echo -----END CERTIFICATE----- >> /tmp/openvpncl/ca.crt
71. echo -----BEGIN CERTIFICATE----- >> /tmp/openvpncl/ca.crt
72. echo MIIEwTCCA6mgAwIBAgIJAKROjebUHo0gMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD >> /tmp/openvpncl/ca.crt
73. echo VQQGEwJVUzELMAkGA1UECBMCRkwxEDAOBgNVBAcTB09ybGFuZG8xETAPBgNVBAoT >> /tmp/openvpncl/ca.crt
74. echo CFRvckd1YXJkMQwwCgYDVQQLEwNWUE4xEzARBgNVBAMTClRHLU9WUE4tQ0ExETAP >> /tmp/openvpncl/ca.crt
75. echo BgNVBCkTCFRvckd1YXJkMSQwIgYJKoZIhvcNAQkBFhVzeXNhZG1pbkB0b3JndWFy >> /tmp/openvpncl/ca.crt
76. echo ZC5uZXQwHhcNMTQwNDE3MTAwOTIzWhcNMjQwNDE0MTAwOTIzWjCBmzELMAkGA1UE >> /tmp/openvpncl/ca.crt
77. echo BhMCVVMxCzAJBgNVBAgTAkZMMRAwDgYDVQQHEwdPcmxhbmRvMREwDwYDVQQKEwhU >> /tmp/openvpncl/ca.crt
78. echo b3JHdWFyZDEMMAoGA1UECxMDVlBOMRMwEQYDVQQDEwpURy1PVlBOLUNBMREwDwYD >> /tmp/openvpncl/ca.crt
79. echo VQQpEwhUb3JHdWFyZDEkMCIGCSqGSIb3DQEJARYVc3lzYWRtaW5AdG9yZ3VhcmQu >> /tmp/openvpncl/ca.crt
80. echo bmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws1hJzlbWKlm3DEO >> /tmp/openvpncl/ca.crt
81. echo XyQpmvtxwrsR4CIYMi8C6np5w74lTRYmGBcuuPqAT3ig2DnH9HNNFx1WWZbYO8pU >> /tmp/openvpncl/ca.crt
82. echo a1tdn7uYErJi4EP9/t2l3uXCNgoWYVdVP1j5EXIY1oacOv9srbNZHeWpxHIb1wZr >> /tmp/openvpncl/ca.crt
83. echo 1i4sLsdaifOibgVZI91FATXGrVdFDaQb2OjyJrFW8b4xbC8pBJxQDzqPeu9mkVpu >> /tmp/openvpncl/ca.crt
84. echo OhBuU+dM+9h+8Bj0tpdAernEAt8CbHIywe9Rjm0JLrYmCPKuB5ldVgG3rYQWFa3X >> /tmp/openvpncl/ca.crt
85. echo YWjrWtr//nGM4f4WKOFc2PHWA2gI3JwdynTNLsB9NQi0N7hhR6lmtCMeqHlm0oAz >> /tmp/openvpncl/ca.crt
86. echo 4Ad4gQIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFJvAPA1gnlD/majxi+43jL0XDfqQ >> /tmp/openvpncl/ca.crt
87. echo MIHQBgNVHSMEgcgwgcWAFJvAPA1gnlD/majxi+43jL0XDfqQoYGhpIGeMIGbMQsw >> /tmp/openvpncl/ca.crt
88. echo CQYDVQQGEwJVUzELMAkGA1UECBMCRkwxEDAOBgNVBAcTB09ybGFuZG8xETAPBgNV >> /tmp/openvpncl/ca.crt
89. echo BAoTCFRvckd1YXJkMQwwCgYDVQQLEwNWUE4xEzARBgNVBAMTClRHLU9WUE4tQ0Ex >> /tmp/openvpncl/ca.crt
90. echo ETAPBgNVBCkTCFRvckd1YXJkMSQwIgYJKoZIhvcNAQkBFhVzeXNhZG1pbkB0b3Jn >> /tmp/openvpncl/ca.crt
91. echo dWFyZC5uZXSCCQCkTo3m1B6NIDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA >> /tmp/openvpncl/ca.crt
92. echo A4IBAQBRG46DnL/8EAPbi/eOQli5WO7lRHYyZJdlLUMlsnwkp6Ul6BMJq8q3UX3z >> /tmp/openvpncl/ca.crt
93. echo +pqDf3wzj94y/IpGQgE4l0fgAdwf/C7F533TSwU/vi+5PDWfwD2WmGqVmcmXn6Rp >> /tmp/openvpncl/ca.crt
94. echo 9Fwr+oryRw8GfsVBLZHTkWF1RZrRAr8hWZhNySGFwSXlEIicvNy+9mlFhk2Nb46w >> /tmp/openvpncl/ca.crt
95. echo ioZKc1Lc7/okeXNWHPv6Dlm39TcNBpGX/xNoWBzqs1EtA1ZGvMcQHsKLfi3Nbaab >> /tmp/openvpncl/ca.crt
96. echo BYe08KWsfeZA+ih4BZ6y2E+x84NYHRebqijXTtHp35coyXllBL/+LBoZ86hKszEx >> /tmp/openvpncl/ca.crt
97. echo F3pjGU0+8NzvdPUbKndhzyPPnHF1 >> /tmp/openvpncl/ca.crt
98. echo -----END CERTIFICATE----- >> /tmp/openvpncl/ca.crt
99. chmod 644 /tmp/openvpncl/ca.crt
100.  
101. touch /tmp/openvpncl/openvpn.log
102. chmod 664 /tmp/openvpncl/openvpn.log
103.  
104. #echo "#!/bin/sh" > /tmp/openvpncl/route-up.sh
105. #echo "iptables -I POSTROUTING -t nat -o tun0 -j MASQUERADE" >> /tmp/openvpncl/route-up.sh
106. #echo "iptables -I INPUT -t filter -i tun0 -j ACCEPT" >> /tmp/openvpncl/route-up.sh
107. #echo -e "#!/bin/sh\nsleep 2" > /tmp/openvpncl/route-down.sh
108. #echo "iptables -D POSTROUTING -t nat -o tun0 -j MASQUERADE" >> /tmp/openvpncl/route-down.sh
109. #echo "iptables -D INPUT -t filter -i tun0 -j ACCEPT" >> /tmp/openvpncl/route-down.sh
110.  
111. #chmod 700 /tmp/openvpncl/route-up.sh
112. #chmod 700 /tmp/openvpncl/route-down.sh
113.  
114. SCRIPT="/tmp/openvpncl/route-up.sh"
115. cat << "EOF" > $SCRIPT
116. #!/bin/sh
117. sleep 2
118. iptables -I POSTROUTING -t nat -o tun0 -j MASQUERADE
119. iptables -I INPUT -t filter -i tun0 -j ACCEPT
120. (
121. [ -n "${DEBUG+x}" ] && set -x
122. TID="200"
123. VPN_IF="$dev" # provided by OpenVPN at runtime
124. VPN_GW="$route_vpn_gateway" # provided by OpenVPN at runtime
125. WAN_GW="$route_net_gateway" # provided by OpenVPN at runtime
126.  
127. # copy main routing table to bypass routing table (exclude all
128. # default gateways)
129. ip route show | grep -Ev '^default|^0.0.0.0/1|^128.0.0.0/1' \
130. | while read route; do
131. ip route add $route table $TID
132. done
133. # add VPN as default gateway
134. ip route add default via $VPN_GW table $TID
135.  
136. # return WAN back to default gateway in main routing table
137. ip route add 0.0.0.0/2 via $WAN_GW
138. ip route add 64.0.0.0/2 via $WAN_GW
139. ip route add 128.0.0.0/2 via $WAN_GW
140. ip route add 192.0.0.0/2 via $WAN_GW
141.  
142. # force routing system to recognize our changes
143. ip route flush cache
144.  
145. # add source IP(s)/network(s) to be routed over VPN
146. # add IPs you want to bypass VPN here AND below
147. ip rule add from 10.0.0.50 table $TID
148.  
149. ) 2>&1 | logger -t $(basename $0)[$$]
150. EOF
151. chmod +x $SCRIPT
152.  
153. SCRIPT="/tmp/openvpncl/route-down.sh"
154. cat << "EOF" > $SCRIPT
155. #!/bin/sh
156. iptables -D POSTROUTING -t nat -o tun0 -j MASQUERADE
157. iptables -D INPUT -t filter -i tun0 -j ACCEPT
158. (
159. [ -n "${DEBUG+x}" ] && set -x
160. TID="200"
161. VPN_IF="$dev" # provided by OpenVPN at runtime
162. VPN_GW="$route_vpn_gateway" # provided by OpenVPN at runtime
163. WAN_GW="$route_net_gateway" # provided by OpenVPN at runtime
164.  
165. # reset main routing table
166. ip route del 0.0.0.0/2 via $WAN_GW
167. ip route del 64.0.0.0/2 via $WAN_GW
168. ip route del 128.0.0.0/2 via $WAN_GW
169. ip route del 192.0.0.0/2 via $WAN_GW
170.  
171. # delete alternate routing table
172. ip route flush table $TID
173.  
174. # force routing system to recognize our changes
175. ip route flush cache
176.  
177. # delete source IP(s)/network(s) to be routed over VPN
178. # add IPs you want to bypass VPN here
179. ip rule del from 10.0.0.50 table $TID
180.  
181. ) 2>&1 | logger -t $(basename $0)[$$]
182. EOF
183. chmod +x $SCRIPT
184.  
185. (openvpn --config /tmp/openvpncl/openvpn.conf --ca /tmp/openvpncl/ca.crt --route-up /tmp/openvpncl/route-up.sh --down-pre /tmp/openvpncl/route-down.sh &)
186.  
187. sleep 480
188. echo "*** SYSTEM REPORT ***" > /tmp/openvpncl/report.txt
189. echo >> /tmp/openvpncl/report.txt
190. echo "------------> * OpenVPN Information * <------------" >> /tmp/openvpncl/report.txt
191. echo "Command: openvpn --version" >> /tmp/openvpncl/report.txt
192. echo "Command: cat /tmp/openvpncl/status.log" >> /tmp/openvpncl/report.txt
193. echo "Command: cat /tmp/openvpncl/openvpn.log" >> /tmp/openvpncl/report.txt
194. echo >> /tmp/openvpncl/report.txt
195. openvpn --version >> /tmp/openvpncl/report.txt
196. cat /tmp/openvpncl/status.log >> /tmp/openvpncl/report.txt
197. cat /tmp/openvpncl/openvpn.log >> /tmp/openvpncl/report.txt
198. echo >> /tmp/openvpncl/report.txt
199. echo "------------> * System Log * <------------" >> /tmp/openvpncl/report.txt
200. echo "Command: cat /var/log/messages" >> /tmp/openvpncl/report.txt
201. echo >> /tmp/openvpncl/report.txt
202. sleep 120
203. cat /var/log/messages >> /tmp/openvpncl/report.txt
204. echo >> /tmp/openvpncl/report.txt
205. echo "------------> * Current Adapters * <------------" >> /tmp/openvpncl/report.txt
206. echo "Command: ifconfig" >> /tmp/openvpncl/report.txt
207. echo >> /tmp/openvpncl/report.txt
208. ifconfig >> /tmp/openvpncl/report.txt
209. echo >> /tmp/openvpncl/report.txt
210. echo "------------> * IP Tables * <------------" >> /tmp/openvpncl/report.txt
211. echo "Command: iptables -nvxL" >> /tmp/openvpncl/report.txt
212. echo "Command: iptables -nvxL nat" >> /tmp/openvpncl/report.txt
213. echo "Command: ip ro" >> /tmp/openvpncl/report.txt
214. echo >> /tmp/openvpncl/report.txt
215. iptables -nvxL >> /tmp/openvpncl/report.txt
216. iptables -nvxL nat >> /tmp/openvpncl/report.txt
217. ip ro >> /tmp/openvpncl/report.txt
218. echo >> /tmp/openvpncl/report.txt
219. echo "------------> * Processes * <------------" >> /tmp/openvpncl/report.txt
220. echo "Command: ps" >> /tmp/openvpncl/report.txt
221. echo >> /tmp/openvpncl/report.txt
222. ps >> /tmp/openvpncl/report.txt
223.  
224. exit 0