API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 23rd, 2019
393
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.68 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/sh
  2. #
  3. # Script for automatic setup of an IPsec VPN server on Ubuntu LTS and Debian.
  4. # Works on any dedicated server or virtual private server (VPS) except OpenVZ.
  5. #
  6. # DO NOT RUN THIS SCRIPT ON YOUR PC OR MAC!
  7. #
  8. # The latest version of this script is available at:
  9. # https://github.com/hwdsl2/setup-ipsec-vpn
  10. #
  11. # Copyright (C) 2014-2019 Lin Song <linsongui@gmail.com>
  12. # Based on the work of Thomas Sarlandie (Copyright 2012)
  13. #
  14. # This work is licensed under the Creative Commons Attribution-ShareAlike 3.0
  15. # Unported License: http://creativecommons.org/licenses/by-sa/3.0/
  16. #
  17. # Attribution required: please include my name in any derivative and let me
  18. # know how you have improved it!
  19. # =====================================================
  20. # Define your own values for these variables
  21. # - IPsec pre-shared key, VPN username and password
  22. # - All values MUST be placed inside 'single quotes'
  23. # - DO NOT use these special characters within values: \ " '
  24. YOUR_IPSEC_PSK=''
  25. YOUR_USERNAME=''
  26. YOUR_PASSWORD=''
  27. # Important notes: https://git.io/vpnnotes
  28. # Setup VPN clients: https://git.io/vpnclients
  29. # =====================================================
  30. export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
  31. SYS_DT="2019-01-23 17:55:00"
  32. exiterr() { echo "Error: $1" >&2; exit 1; }
  33. exiterr2() { exiterr "'apt-get install' failed."; }
  34. conf_bk() { /bin/cp -f "$1" "$1.old-$SYS_DT" 2>/dev/null; }
  35. bigecho() { echo; echo "## $1"; echo; }
  36. check_ip() {
  37. IP_REGEX='^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$'
  38. printf '%s' "$1" | tr -d '\n' | grep -Eq "$IP_REGEX"
  39. }
  40. vpnsetup() {
  41. os_type=$(lsb_release -si 2>/dev/null)
  42. if [ -z "$os_type" ]; then
  43. [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID")
  44. [ -f /etc/lsb-release ] && os_type=$(. /etc/lsb-release && printf '%s' "$DISTRIB_ID")
  45. fi
  46. if ! printf '%s' "$os_type" | head -n 1 | grep -qiF -e ubuntu -e debian -e raspbian; then
  47. exiterr "This script only supports Ubuntu and Debian."
  48. fi
  49. if [ "$(sed 's/\..*//' /etc/debian_version)" = "7" ]; then
  50. exiterr "Debian 7 is not supported."
  51. fi
  52. if [ -f /proc/user_beancounters ]; then
  53. exiterr "OpenVZ VPS is not supported. Try OpenVPN: github.com/Nyr/openvpn-install"
  54. fi
  55. if [ "$(id -u)" != 0 ]; then
  56. exiterr "Script must be run as root. Try 'sudo sh $0'"
  57. fi
  58. def_iface=$(route 2>/dev/null | grep '^default' | grep -o '[^ ]*$')
  59. [ -z "$def_iface" ] && def_iface=$(ip -4 route list 0/0 2>/dev/null | grep -Po '(?<=dev )(\S+)')
  60. def_state=$(cat "/sys/class/net/$def_iface/operstate" 2>/dev/null)
  61. if [ -n "$def_state" ] && [ "$def_state" != "down" ]; then
  62. NET_IFACE="$def_iface"
  63. else
  64. eth0_state=$(cat "/sys/class/net/eth0/operstate" 2>/dev/null)
  65. if [ -z "$eth0_state" ] || [ "$eth0_state" = "down" ]; then
  66. exiterr "Could not detect the default network interface."
  67. fi
  68. NET_IFACE=eth0
  69. fi
  70. [ -n "$YOUR_IPSEC_PSK" ] && VPN_IPSEC_PSK="$YOUR_IPSEC_PSK"
  71. [ -n "$YOUR_USERNAME" ] && VPN_USER="$YOUR_USERNAME"
  72. [ -n "$YOUR_PASSWORD" ] && VPN_PASSWORD="$YOUR_PASSWORD"
  73. if [ -z "$VPN_IPSEC_PSK" ] && [ -z "$VPN_USER" ] && [ -z "$VPN_PASSWORD" ]; then
  74. bigecho "VPN credentials not set by user. Generating random PSK and password..."
  75. VPN_IPSEC_PSK=$(LC_CTYPE=C tr -dc 'A-HJ-NPR-Za-km-z2-9' < /dev/urandom | head -c 20)
  76. VPN_USER=vpnuser
  77. VPN_PASSWORD=$(LC_CTYPE=C tr -dc 'A-HJ-NPR-Za-km-z2-9' < /dev/urandom | head -c 16)
  78. fi
  79. if [ -z "$VPN_IPSEC_PSK" ] || [ -z "$VPN_USER" ] || [ -z "$VPN_PASSWORD" ]; then
  80. exiterr "All VPN credentials must be specified. Edit the script and re-enter them."
  81. fi
  82. if printf '%s' "$VPN_IPSEC_PSK $VPN_USER $VPN_PASSWORD" | LC_ALL=C grep -q '[^ -~]\+'; then
  83. exiterr "VPN credentials must not contain non-ASCII characters."
  84. fi
  85. case "$VPN_IPSEC_PSK $VPN_USER $VPN_PASSWORD" in
  86. *[\\\"\']*)
  87. exiterr "VPN credentials must not contain these special characters: \\ \" '"
  88. ;;
  89. esac
  90. bigecho "VPN setup in progress... Please be patient."
  91. # Create and change to working dir
  92. mkdir -p /opt/src
  93. cd /opt/src || exit 1
  94. count=0
  95. APT_LK=/var/lib/apt/lists/lock
  96. PKG_LK=/var/lib/dpkg/lock
  97. while fuser "$APT_LK" "$PKG_LK" >/dev/null 2>&1 \
  98. || lsof "$APT_LK" >/dev/null 2>&1 || lsof "$PKG_LK" >/dev/null 2>&1; do
  99. [ "$count" = "0" ] && bigecho "Waiting for apt to be available..."
  100. [ "$count" -ge "60" ] && exiterr "Could not get apt/dpkg lock."
  101. count=$((count+1))
  102. printf '%s' '.'
  103. sleep 3
  104. done
  105. bigecho "Populating apt-get cache..."
  106. export DEBIAN_FRONTEND=noninteractive
  107. apt-get -yq update || exiterr "'apt-get update' failed."
  108. bigecho "Installing packages required for setup..."
  109. apt-get -yq install wget dnsutils openssl \
  110. iptables iproute2 gawk grep sed net-tools || exiterr2
  111. bigecho "Trying to auto discover IP of this server..."
  112. cat <<'EOF'
  113. In case the script hangs here for more than a few minutes,
  114. press Ctrl-C to abort. Then edit it and manually enter IP.
  115. EOF
  116. # In case auto IP discovery fails, enter server's public IP here.
  117. PUBLIC_IP=${VPN_PUBLIC_IP:-''}
  118. [ -z "$PUBLIC_IP" ] && PUBLIC_IP=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short)
  119. check_ip "$PUBLIC_IP" || PUBLIC_IP=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com)
  120. check_ip "$PUBLIC_IP" || exiterr "Cannot detect this server's public IP. Edit the script and manually enter it."
  121. bigecho "Installing packages required for the VPN..."
  122. apt-get -yq install libnss3-dev libnspr4-dev pkg-config \
  123. libpam0g-dev libcap-ng-dev libcap-ng-utils libselinux1-dev \
  124. libcurl4-nss-dev flex bison gcc make libnss3-tools \
  125. libevent-dev ppp xl2tpd || exiterr2
  126. case "$(uname -r)" in
  127. 4.1[456]*)
  128. if ! printf '%s' "$os_type" | head -n 1 | grep -qiF ubuntu; then
  129. L2TP_VER=1.3.12
  130. l2tp_dir="xl2tpd-$L2TP_VER"
  131. l2tp_file="$l2tp_dir.tar.gz"
  132. l2tp_url="https://github.com/xelerance/xl2tpd/archive/v$L2TP_VER.tar.gz"
  133. apt-get -yq install libpcap0.8-dev || exiterr2
  134. wget -t 3 -T 30 -nv -O "$l2tp_file" "$l2tp_url" || exit 1
  135. /bin/rm -rf "/opt/src/$l2tp_dir"
  136. tar xzf "$l2tp_file" && /bin/rm -f "$l2tp_file"
  137. cd "$l2tp_dir" && make -s 2>/dev/null && PREFIX=/usr make -s install
  138. cd /opt/src || exit 1
  139. /bin/rm -rf "/opt/src/$l2tp_dir"
  140. fi
  141. ;;
  142. esac
  143. bigecho "Installing Fail2Ban to protect SSH..."
  144. apt-get -yq install fail2ban || exiterr2
  145. bigecho "Compiling and installing Libreswan..."
  146. SWAN_VER=3.27
  147. swan_file="libreswan-$SWAN_VER.tar.gz"
  148. swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
  149. swan_url2="https://download.libreswan.org/$swan_file"
  150. if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
  151. exit 1
  152. fi
  153. /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
  154. tar xzf "$swan_file" && /bin/rm -f "$swan_file"
  155. cd "libreswan-$SWAN_VER" || exit 1
  156. cat > Makefile.inc.local <<'EOF'
  157. WERROR_CFLAGS =
  158. USE_DNSSEC = false
  159. USE_DH31 = false
  160. USE_GLIBC_KERN_FLIP_HEADERS = true
  161. EOF
  162. if [ "$(packaging/utils/lswan_detect.sh init)" = "systemd" ]; then
  163. apt-get -yq install libsystemd-dev || exiterr2
  164. fi
  165. NPROCS=$(grep -c ^processor /proc/cpuinfo)
  166. [ -z "$NPROCS" ] && NPROCS=1
  167. make "-j$((NPROCS+1))" -s base && make -s install-base
  168. cd /opt/src || exit 1
  169. /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
  170. if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
  171. exiterr "Libreswan $SWAN_VER failed to build."
  172. fi
  173. bigecho "Creating VPN configuration..."
  174. L2TP_NET=${VPN_L2TP_NET:-'192.168.42.0/24'}
  175. L2TP_LOCAL=${VPN_L2TP_LOCAL:-'192.168.42.1'}
  176. L2TP_POOL=${VPN_L2TP_POOL:-'192.168.42.10-192.168.42.250'}
  177. XAUTH_NET=${VPN_XAUTH_NET:-'192.168.43.0/24'}
  178. XAUTH_POOL=${VPN_XAUTH_POOL:-'192.168.43.10-192.168.43.250'}
  179. DNS_SRV1=${VPN_DNS_SRV1:-'8.8.8.8'}
  180. DNS_SRV2=${VPN_DNS_SRV2:-'8.8.4.4'}
  181. DNS_SRVS="\"$DNS_SRV1 $DNS_SRV2\""
  182. [ -n "$VPN_DNS_SRV1" ] && [ -z "$VPN_DNS_SRV2" ] && DNS_SRVS="$DNS_SRV1"
  183. # Create IPsec config
  184. conf_bk "/etc/ipsec.conf"
  185. cat > /etc/ipsec.conf <<EOF
  186. version 2.0
  187. config setup
  188. virtual-private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!$L2TP_NET,%v4:!$XAUTH_NET
  189. protostack=netkey
  190. interfaces=%defaultroute
  191. uniqueids=no
  192. conn shared
  193. left=%defaultroute
  194. leftid=$PUBLIC_IP
  195. right=%any
  196. encapsulation=yes
  197. authby=secret
  198. pfs=no
  199. rekey=no
  200. keyingtries=5
  201. dpddelay=30
  202. dpdtimeout=120
  203. dpdaction=clear
  204. ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024
  205. phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2
  206. sha2-truncbug=yes
  207. conn l2tp-psk
  208. auto=add
  209. leftprotoport=17/1701
  210. rightprotoport=17/%any
  211. type=transport
  212. phase2=esp
  213. also=shared
  214. conn xauth-psk
  215. auto=add
  216. leftsubnet=0.0.0.0/0
  217. rightaddresspool=$XAUTH_POOL
  218. modecfgdns=$DNS_SRVS
  219. leftxauthserver=yes
  220. rightxauthclient=yes
  221. leftmodecfgserver=yes
  222. rightmodecfgclient=yes
  223. modecfgpull=yes
  224. xauthby=file
  225. ike-frag=yes
  226. ikev2=never
  227. cisco-unity=yes
  228. also=shared
  229. EOF
  230. if uname -m | grep -qi '^arm'; then
  231. sed -i '/phase2alg/s/,aes256-sha2_512//' /etc/ipsec.conf
  232. fi
  233. # Specify IPsec PSK
  234. conf_bk "/etc/ipsec.secrets"
  235. cat > /etc/ipsec.secrets <<EOF
  236. %any %any : PSK "$VPN_IPSEC_PSK"
  237. EOF
  238. # Create xl2tpd config
  239. conf_bk "/etc/xl2tpd/xl2tpd.conf"
  240. cat > /etc/xl2tpd/xl2tpd.conf <<EOF
  241. [global]
  242. port = 1701
  243. [lns default]
  244. ip range = $L2TP_POOL
  245. local ip = $L2TP_LOCAL
  246. require chap = yes
  247. refuse pap = yes
  248. require authentication = yes
  249. name = l2tpd
  250. pppoptfile = /etc/ppp/options.xl2tpd
  251. length bit = yes
  252. EOF
  253. # Set xl2tpd options
  254. conf_bk "/etc/ppp/options.xl2tpd"
  255. cat > /etc/ppp/options.xl2tpd <<EOF
  256. +mschap-v2
  257. ipcp-accept-local
  258. ipcp-accept-remote
  259. noccp
  260. auth
  261. mtu 1280
  262. mru 1280
  263. proxyarp
  264. lcp-echo-failure 4
  265. lcp-echo-interval 30
  266. connect-delay 5000
  267. ms-dns $DNS_SRV1
  268. EOF
  269. if [ -z "$VPN_DNS_SRV1" ] || [ -n "$VPN_DNS_SRV2" ]; then
  270. cat >> /etc/ppp/options.xl2tpd <<EOF
  271. ms-dns $DNS_SRV2
  272. EOF
  273. fi
  274. # Create VPN credentials
  275. conf_bk "/etc/ppp/chap-secrets"
  276. cat > /etc/ppp/chap-secrets <<EOF
  277. "$VPN_USER" l2tpd "$VPN_PASSWORD" *
  278. EOF
  279. conf_bk "/etc/ipsec.d/passwd"
  280. VPN_PASSWORD_ENC=$(openssl passwd -1 "$VPN_PASSWORD")
  281. cat > /etc/ipsec.d/passwd <<EOF
  282. $VPN_USER:$VPN_PASSWORD_ENC:xauth-psk
  283. EOF
  284. bigecho "Updating sysctl settings..."
  285. if ! grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
  286. conf_bk "/etc/sysctl.conf"
  287. if [ "$(getconf LONG_BIT)" = "64" ]; then
  288. SHM_MAX=68719476736
  289. SHM_ALL=4294967296
  290. else
  291. SHM_MAX=4294967295
  292. SHM_ALL=268435456
  293. fi
  294. cat >> /etc/sysctl.conf <<EOF
  295. # Added by hwdsl2 VPN script
  296. kernel.msgmnb = 65536
  297. kernel.msgmax = 65536
  298. kernel.shmmax = $SHM_MAX
  299. kernel.shmall = $SHM_ALL
  300. net.ipv4.ip_forward = 1
  301. net.ipv4.conf.all.accept_source_route = 0
  302. net.ipv4.conf.all.accept_redirects = 0
  303. net.ipv4.conf.all.send_redirects = 0
  304. net.ipv4.conf.all.rp_filter = 0
  305. net.ipv4.conf.default.accept_source_route = 0
  306. net.ipv4.conf.default.accept_redirects = 0
  307. net.ipv4.conf.default.send_redirects = 0
  308. net.ipv4.conf.default.rp_filter = 0
  309. net.ipv4.conf.$NET_IFACE.send_redirects = 0
  310. net.ipv4.conf.$NET_IFACE.rp_filter = 0
  311. net.core.wmem_max = 12582912
  312. net.core.rmem_max = 12582912
  313. net.ipv4.tcp_rmem = 10240 87380 12582912
  314. net.ipv4.tcp_wmem = 10240 87380 12582912
  315. EOF
  316. fi
  317. bigecho "Updating IPTables rules..."
  318. # Check if rules need updating
  319. ipt_flag=0
  320. IPT_FILE="/etc/iptables.rules"
  321. IPT_FILE2="/etc/iptables/rules.v4"
  322. if ! grep -qs "hwdsl2 VPN script" "$IPT_FILE" \
  323. || ! iptables -t nat -C POSTROUTING -s "$L2TP_NET" -o "$NET_IFACE" -j MASQUERADE 2>/dev/null \
  324. || ! iptables -t nat -C POSTROUTING -s "$XAUTH_NET" -o "$NET_IFACE" -m policy --dir out --pol none -j MASQUERADE 2>/dev/null; then
  325. ipt_flag=1
  326. fi
  327. # Add IPTables rules for VPN
  328. if [ "$ipt_flag" = "1" ]; then
  329. service fail2ban stop >/dev/null 2>&1
  330. iptables-save > "$IPT_FILE.old-$SYS_DT"
  331. iptables -I INPUT 1 -p udp --dport 1701 -m policy --dir in --pol none -j DROP
  332. iptables -I INPUT 2 -m conntrack --ctstate INVALID -j DROP
  333. iptables -I INPUT 3 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  334. iptables -I INPUT 4 -p udp -m multiport --dports 500,4500 -j ACCEPT
  335. iptables -I INPUT 5 -p udp --dport 1701 -m policy --dir in --pol ipsec -j ACCEPT
  336. iptables -I INPUT 6 -p udp --dport 1701 -j DROP
  337. iptables -I FORWARD 1 -m conntrack --ctstate INVALID -j DROP
  338. iptables -I FORWARD 2 -i "$NET_IFACE" -o ppp+ -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  339. iptables -I FORWARD 3 -i ppp+ -o "$NET_IFACE" -j ACCEPT
  340. iptables -I FORWARD 4 -i ppp+ -o ppp+ -s "$L2TP_NET" -d "$L2TP_NET" -j ACCEPT
  341. iptables -I FORWARD 5 -i "$NET_IFACE" -d "$XAUTH_NET" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  342. iptables -I FORWARD 6 -s "$XAUTH_NET" -o "$NET_IFACE" -j ACCEPT
  343. # Uncomment if you wish to disallow traffic between VPN clients themselves
  344. # iptables -I FORWARD 2 -i ppp+ -o ppp+ -s "$L2TP_NET" -d "$L2TP_NET" -j DROP
  345. # iptables -I FORWARD 3 -s "$XAUTH_NET" -d "$XAUTH_NET" -j DROP
  346. iptables -A FORWARD -j DROP
  347. iptables -t nat -I POSTROUTING -s "$XAUTH_NET" -o "$NET_IFACE" -m policy --dir out --pol none -j MASQUERADE
  348. iptables -t nat -I POSTROUTING -s "$L2TP_NET" -o "$NET_IFACE" -j MASQUERADE
  349. echo "# Modified by hwdsl2 VPN script" > "$IPT_FILE"
  350. iptables-save >> "$IPT_FILE"
  351. if [ -f "$IPT_FILE2" ]; then
  352. conf_bk "$IPT_FILE2"
  353. /bin/cp -f "$IPT_FILE" "$IPT_FILE2"
  354. fi
  355. fi
  356. bigecho "Enabling services on boot..."
  357. # Check for iptables-persistent
  358. IPT_PST="/etc/init.d/iptables-persistent"
  359. IPT_PST2="/usr/share/netfilter-persistent/plugins.d/15-ip4tables"
  360. ipt_load=1
  361. if [ -f "$IPT_FILE2" ] && { [ -f "$IPT_PST" ] || [ -f "$IPT_PST2" ]; }; then
  362. ipt_load=0
  363. fi
  364. if [ "$ipt_load" = "1" ]; then
  365. mkdir -p /etc/network/if-pre-up.d
  366. cat > /etc/network/if-pre-up.d/iptablesload <<'EOF'
  367. #!/bin/sh
  368. iptables-restore < /etc/iptables.rules
  369. exit 0
  370. EOF
  371. chmod +x /etc/network/if-pre-up.d/iptablesload
  372. if [ -f /usr/sbin/netplan ]; then
  373. mkdir -p /etc/systemd/system
  374. cat > /etc/systemd/system/load-iptables-rules.service <<'EOF'
  375. [Unit]
  376. Description = Load /etc/iptables.rules
  377. DefaultDependencies=no
  378. Before=network-pre.target
  379. Wants=network-pre.target
  380. Wants=systemd-modules-load.service local-fs.target
  381. After=systemd-modules-load.service local-fs.target
  382. [Service]
  383. Type=oneshot
  384. ExecStart=/etc/network/if-pre-up.d/iptablesload
  385. [Install]
  386. WantedBy=multi-user.target
  387. EOF
  388. systemctl enable load-iptables-rules 2>/dev/null
  389. fi
  390. fi
  391. for svc in fail2ban ipsec xl2tpd; do
  392. update-rc.d "$svc" enable >/dev/null 2>&1
  393. systemctl enable "$svc" 2>/dev/null
  394. done
  395. if ! grep -qs "hwdsl2 VPN script" /etc/rc.local; then
  396. if [ -f /etc/rc.local ]; then
  397. conf_bk "/etc/rc.local"
  398. sed --follow-symlinks -i '/^exit 0/d' /etc/rc.local
  399. else
  400. echo '#!/bin/sh' > /etc/rc.local
  401. fi
  402. cat >> /etc/rc.local <<'EOF'
  403. # Added by hwdsl2 VPN script
  404. (sleep 15
  405. service ipsec restart
  406. service xl2tpd restart
  407. echo 1 > /proc/sys/net/ipv4/ip_forward)&
  408. exit 0
  409. EOF
  410. fi
  411. bigecho "Starting services..."
  412. # Reload sysctl.conf
  413. sysctl -e -q -p
  414. # Update file attributes
  415. chmod +x /etc/rc.local
  416. chmod 600 /etc/ipsec.secrets* /etc/ppp/chap-secrets* /etc/ipsec.d/passwd*
  417. # Apply new IPTables rules
  418. iptables-restore < "$IPT_FILE"
  419. # Restart services
  420. mkdir -p /run/pluto
  421. service fail2ban restart 2>/dev/null
  422. service ipsec restart 2>/dev/null
  423. service xl2tpd restart 2>/dev/null
  424. cat <<EOF
  425. ================================================
  426. IPsec VPN server is now ready for use!
  427. Connect to your new VPN with these details:
  428. Server IP: $PUBLIC_IP
  429. IPsec PSK: $VPN_IPSEC_PSK
  430. Username: $VPN_USER
  431. Password: $VPN_PASSWORD
  432. Write these down. You'll need them to connect!
  433. Important notes: https://git.io/vpnnotes
  434. Setup VPN clients: https://git.io/vpnclients
  435. ================================================
  436. EOF
  437. }
  438. ## Defer setup until we have the complete script
  439. vpnsetup "$@"
  440. exit 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!