API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 2nd, 2018
55
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.94 KB | None | 0 0
raw download clone embed print report
  1. opkg update; opkg install openvpn-mbedtls luci-app-openvpn
  2. cat << 'EOF' > /etc/openvpn/pia-login.pem
  3. username
  4. password
  5. EOF
  6. cat << 'EOF' > /etc/openvpn/pia-crl-2048.pem
  7. -----BEGIN X509 CRL-----
  8. MIICWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQI
  9. EwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRl
  10. cm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAw
  11. HgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0
  12. ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRl
  13. aW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZa
  14. MCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG
  15. 9w0BAQ0FAAOCAQEAQZo9X97ci8EcPYu/uK2HB152OZbeZCINmYyluLDOdcSvg6B5
  16. jI+ffKN3laDvczsG6CxmY3jNyc79XVpEYUnq4rT3FfveW1+Ralf+Vf38HdpwB8EW
  17. B4hZlQ205+21CALLvZvR8HcPxC9KEnev1mU46wkTiov0EKc+EdRxkj5yMgv0V2Re
  18. ze7AP+NQ9ykvDScH4eYCsmufNpIjBLhpLE2cuZZXBLcPhuRzVoU3l7A9lvzG9mjA
  19. 5YijHJGHNjlWFqyrn1CfYS6koa4TGEPngBoAziWRbDGdhEgJABHrpoaFYaL61zqy
  20. MR6jC0K2ps9qyZAN74LEBedEfK7tBOzWMwr58A==
  21. -----END X509 CRL-----
  22. EOF
  23. cat << 'EOF' > /etc/openvpn/pia-ca-2048.crt
  24. -----BEGIN CERTIFICATE-----
  25. MIIFqzCCBJOgAwIBAgIJAKZ7D5Yv87qDMA0GCSqGSIb3DQEBDQUAMIHoMQswCQYD
  26. VQQGEwJVUzELMAkGA1UECBMCQ0ExEzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNV
  27. BAoTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIElu
  28. dGVybmV0IEFjY2VzczEgMB4GA1UEAxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3Mx
  29. IDAeBgNVBCkTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkB
  30. FiBzZWN1cmVAcHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbTAeFw0xNDA0MTcxNzM1
  31. MThaFw0zNDA0MTIxNzM1MThaMIHoMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex
  32. EzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNVBAoTF1ByaXZhdGUgSW50ZXJuZXQg
  33. QWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UE
  34. AxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBCkTF1ByaXZhdGUgSW50
  35. ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkBFiBzZWN1cmVAcHJpdmF0ZWludGVy
  36. bmV0YWNjZXNzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPXD
  37. L1L9tX6DGf36liA7UBTy5I869z0UVo3lImfOs/GSiFKPtInlesP65577nd7UNzzX
  38. lH/P/CnFPdBWlLp5ze3HRBCc/Avgr5CdMRkEsySL5GHBZsx6w2cayQ2EcRhVTwWp
  39. cdldeNO+pPr9rIgPrtXqT4SWViTQRBeGM8CDxAyTopTsobjSiYZCF9Ta1gunl0G/
  40. 8Vfp+SXfYCC+ZzWvP+L1pFhPRqzQQ8k+wMZIovObK1s+nlwPaLyayzw9a8sUnvWB
  41. /5rGPdIYnQWPgoNlLN9HpSmsAcw2z8DXI9pIxbr74cb3/HSfuYGOLkRqrOk6h4RC
  42. OfuWoTrZup1uEOn+fw8CAwEAAaOCAVQwggFQMB0GA1UdDgQWBBQv63nQ/pJAt5tL
  43. y8VJcbHe22ZOsjCCAR8GA1UdIwSCARYwggESgBQv63nQ/pJAt5tLy8VJcbHe22ZO
  44. sqGB7qSB6zCB6DELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRMwEQYDVQQHEwpM
  45. b3NBbmdlbGVzMSAwHgYDVQQKExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4G
  46. A1UECxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAMTF1ByaXZhdGUg
  47. SW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQpExdQcml2YXRlIEludGVybmV0IEFjY2Vz
  48. czEvMC0GCSqGSIb3DQEJARYgc2VjdXJlQHByaXZhdGVpbnRlcm5ldGFjY2Vzcy5j
  49. b22CCQCmew+WL/O6gzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBDQUAA4IBAQAn
  50. a5PgrtxfwTumD4+3/SYvwoD66cB8IcK//h1mCzAduU8KgUXocLx7QgJWo9lnZ8xU
  51. ryXvWab2usg4fqk7FPi00bED4f4qVQFVfGfPZIH9QQ7/48bPM9RyfzImZWUCenK3
  52. 7pdw4Bvgoys2rHLHbGen7f28knT2j/cbMxd78tQc20TIObGjo8+ISTRclSTRBtyC
  53. GohseKYpTS9himFERpUgNtefvYHbn70mIOzfOJFTVqfrptf9jXa9N8Mpy3ayfodz
  54. 1wiqdteqFXkTYoSDctgKMiZ6GdocK9nMroQipIQtpnwd4yBDWIyC6Bvlkrq5TQUt
  55. YDQ8z9v+DMO6iwyIDRiU
  56. -----END CERTIFICATE-----
  57. EOF
  58. chmod 0400 /etc/openvpn/pia-login.pem
  59. uci del openvpn.custom_config
  60. uci del openvpn.sample_server
  61. uci del openvpn.sample_client
  62. uci set openvpn.pia='openvpn'
  63. uci set openvpn.pia.enabled='1'
  64. uci set openvpn.pia.client='1'
  65. uci set openvpn.pia.dev_type='tun'
  66. uci set openvpn.pia.dev='ovpnc0'
  67. uci set openvpn.pia.resolv_retry='infinite'
  68. uci set openvpn.pia.nobind='1'
  69. uci set openvpn.pia.persist_key='1'
  70. uci set openvpn.pia.persist_tun='1'
  71. uci set openvpn.pia.tls_client='1'
  72. uci set openvpn.pia.remote_cert_tls='server'
  73. uci set openvpn.pia.ca='/etc/openvpn/pia-ca-2048.crt'
  74. uci set openvpn.pia.crl_verify='/etc/openvpn/pia-crl-2048.pem'
  75. uci set openvpn.pia.auth_user_pass='/etc/openvpn/pia-login.pem'
  76. uci set openvpn.pia.auth_nocache='1'
  77. uci set openvpn.pia.auth_retry='interact'
  78. uci set openvpn.pia.pull_filter='ignore "auth-token"'
  79. uci set openvpn.pia.comp_lzo='yes'
  80. uci set openvpn.pia.verb='1'
  81. uci set openvpn.pia.reneg_sec='0'
  82. uci set openvpn.pia.keepalive='10 60'
  83. uci set openvpn.pia.float='1'
  84. uci set openvpn.pia.auth='SHA1'
  85. uci set openvpn.pia.cipher='AES-128-CBC'
  86. uci set openvpn.pia.disable_occ='1'
  87. uci set openvpn.pia.proto='udp'
  88. uci add_list openvpn.pia.remote='us-seattle.privateinternetaccess.com 1198'
  89. uci set openvpn.pia.mute_replay_warnings='1'
  90. uci commit openvpn
  91. uci set network.pia='interface'
  92. uci set network.pia.proto='none'
  93. uci set network.pia.ifname='ovpnc0'
  94. uci commit network
  95. uci add firewall zone
  96. uci set firewall.@zone[-1].name='pia'
  97. uci set firewall.@zone[-1].network='pia'
  98. uci set firewall.@zone[-1].input='REJECT'
  99. uci set firewall.@zone[-1].forward='REJECT'
  100. uci set firewall.@zone[-1].output='ACCEPT'
  101. uci set firewall.@zone[-1].masq='1'
  102. uci set firewall.@zone[-1].mtu_fix='1'
  103. uci add firewall forwarding
  104. uci set firewall.@forwarding[-1].src='lan'
  105. uci set firewall.@forwarding[-1].dest='pia'
  106. uci commit firewall
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!