Guest User

Untitled

a guest
Mar 25th, 2011
1,418
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/sh
  2.  
  3. # Login Info
  4. PPTP_USER=<vpn_user_name>
  5. PPTP_PASSWORD=<vpn_password>
  6.  
  7. # PPTP Server Info
  8. PPTP_DOMAIN=<vpn_domain>
  9. PPTP_SERVER=<vpn_server_name_or_ip>
  10. PPPD_OPTIONS=
  11. DEF_GATEWAY=No
  12.  
  13. ADD_SUBNETS=<vpn_extra_subnets_space_delimited_and_quoted>
  14.         # for example, "192.168.100.0 192.168.101.0"
  15.         # this is needed if you're not using default
  16.         # gateway from VPN network,
  17.         # and your VPN network has multiple subnets.
  18.  
  19. UNIT=5 # anything but 0
  20.  
  21. # Do not change anything below unless you know what you're doing...
  22.  
  23. SCRIPTS_PATH=/tmp/ppp/ppp$UNIT
  24. FIRE_PATH=/tmp/config
  25. DNSMASQ_CUSTOM=/etc/dnsmasq.custom
  26. TMPF=/tmp/$(date '+%y%d%m%H%M%S')
  27.  
  28. _up()
  29. {
  30.     if [ x$IFNAME == x ]; then
  31.         return 0
  32.     fi
  33.  
  34.     logger -p 6 -t 'pptp-vpn['$$']' 'PPP link '$IFNAME' is up: server IP '$IPREMOTE', local IP '$IPLOCAL
  35.  
  36.     echo "IP-UP: " $IFNAME $IPREMOTE $IPLOCAL
  37.  
  38.     echo $IFNAME > $SCRIPTS_PATH/link
  39.  
  40.     ifconfig $IFNAME arp multicast up
  41.  
  42.     nvram set ppp${UNIT}_get_ip=$IPLOCAL
  43.     nvram set ppp${UNIT}_gateway=$IPREMOTE
  44.  
  45.     if [ x$PPTP_DOMAIN != x ]; then
  46.         echo "rebind-domain-ok=$PPTP_DOMAIN" > $TMPF
  47.         [ -n $DNS1 ] && echo "server=/$PPTP_DOMAIN/$DNS1" >> $TMPF
  48.     else
  49.         echo "rebind-domain-ok=$PPTP_SERVER" > $TMPF
  50.     fi
  51.     echo "server=/$PPTP_SERVER/#" >> $TMPF
  52.  
  53.     # configure routes via remote gateway
  54.     if [ x$IPREMOTE != x ]; then
  55.  
  56.         # reset IP address of the interface for MASQ to flush the conntrack entries
  57.         ifconfig $IFNAME add 0.0.0.0
  58.         ifconfig ppp5 add $IPLOCAL dstaddr $IPREMOTE netmask 255.255.255.255
  59.  
  60.         # delete existing routes
  61.         route del default   dev $IFNAME
  62.         route del $IPREMOTE dev $IFNAME
  63.  
  64.         # add routes to the gateway and to itself
  65.         route add $IPREMOTE metric 0 dev $IFNAME
  66.         route add $IPLOCAL  metric 0 dev $IFNAME
  67.  
  68.         # add routes to DNS servers
  69.         [ -n $DNS1 ] && route add $DNS1 gw $IPREMOTE metric 0 dev $IFNAME
  70.         [ -n $DNS2 ] && route add $DNS2 gw $IPREMOTE metric 0 dev $IFNAME
  71.  
  72.         # add route to the gateway subnet
  73.         route add -net ${IPREMOTE%'.'*}.0 gw $IPREMOTE netmask 255.255.255.0 metric 0 dev $IFNAME
  74.        
  75.         # setup default gateway
  76.         metric_ppp=1
  77.         metric_wan=0
  78.         if [ "$DEF_GATEWAY" == "Yes" ]; then
  79.             metric_ppp=0
  80.             metric_wan=1
  81.         fi
  82.         # reset the default gateway route via physical interface
  83.         route del default gw $(nvram get wan_gateway) dev $(nvram get wan_ifname)
  84.         route del $(nvram get wan_gateway) dev $(nvram get wan_ifname)
  85.         route add $(nvram get wan_gateway) metric 0 dev $(nvram get wan_ifname)
  86.         route add default gw $(nvram get wan_gateway) metric $metric_wan dev $(nvram get wan_ifname)
  87.         # add PPTP default gateway
  88.         route add default gw $IPREMOTE metric $metric_ppp dev $IFNAME
  89.  
  90.         # add routes to additional subnets if any
  91.         for subnet in $ADD_SUBNETS
  92.         do
  93.             route add -net $subnet gw $IPREMOTE netmask 255.255.255.0 metric 0 dev $IFNAME
  94.         done
  95.  
  96.         # remove route to the gateway - no longer needed
  97.         route del $IPREMOTE dev $IFNAME
  98.     fi
  99.  
  100.     # firewall script
  101.     mkdir -p $FIRE_PATH
  102.     echo '#!/bin/sh
  103.     if [ -f /var/run/ppp'$UNIT'.pid ] && [ -n $(cat /var/run/ppp'$UNIT'.pid) ]; then
  104.     iptables -t nat -A PREROUTING -d '$IPLOCAL' -j WANPREROUTING
  105.     iptables -t nat -A PREROUTING -i '$IFNAME' -d '$(nvram get lan_ipaddr)'/'$(nvram get lan_netmask)' -j DROP
  106.     iptables -t nat -A POSTROUTING -o '$IFNAME' -j MASQUERADE
  107.     iptables -I INPUT -i br0 -d '$IPLOCAL' -j DROP
  108.     iptables -A FORWARD -i '$IFNAME' -j wanin
  109.     iptables -A FORWARD -o '$IFNAME' -j wanout
  110.     iptables -A FORWARD -i '$IFNAME' -j upnp
  111.  
  112.     # QoS rules (not needed)
  113.     # iptables -t mangle -A FORWARD -o '$IFNAME' -j QOSO
  114.     # iptables -t mangle -A OUTPUT -o '$IFNAME' -j QOSO
  115.     # iptables -t mangle -A PREROUTING -i '$IFNAME' -j CONNMARK --restore-mark --mask 0xff
  116.     fi
  117.     ' > "$FIRE_PATH/ppp$UNIT.fire"
  118.     chmod +x "$FIRE_PATH/ppp$UNIT.fire"
  119.  
  120.     mv -f $TMPF $DNSMASQ_CUSTOM
  121.     service routing restart
  122.     service dnsmasq restart
  123.     service firewall restart
  124. }
  125.  
  126. _down()
  127. {
  128.     echo "IP-DOWN"
  129.  
  130.     logger -p 6 -t 'pptp-vpn['$$']' 'PPP link is down, restoring default settings...'
  131.  
  132.     nvram unset ppp${UNIT}_get_ip
  133.     nvram unset ppp${UNIT}_gateway
  134.  
  135.     rm -f $FIRE_PATH/ppp$UNIT.fire
  136.     rm -f $SCRIPTS_PATH/link
  137.     echo "" > $DNSMASQ_CUSTOM
  138.  
  139.     # restore default WAN gateway with metric 0
  140.     route del default gw $(nvram get wan_gateway) dev $(nvram get wan_ifname)
  141.     route del $(nvram get wan_gateway) dev $(nvram get wan_ifname)
  142.     route add $(nvram get wan_gateway) metric 0 dev $(nvram get wan_ifname)
  143.     route add default gw $(nvram get wan_gateway) metric 0 dev $(nvram get wan_ifname)
  144.  
  145.     service routing restart
  146.     service dnsmasq restart
  147.     service firewall restart
  148. }
  149.  
  150. _stop()
  151. {
  152.     echo "Stopping pppd$UNIT..."
  153.  
  154.     killall ppp$UNIT-up
  155.     killall ppp$UNIT-down
  156.     [ -f /var/run/ppp$UNIT.pid ] && kill $(cat /var/run/ppp$UNIT.pid)
  157. }
  158.  
  159. _write_config()
  160. {
  161.     mkdir -p $SCRIPTS_PATH
  162.  
  163.     [ -x "$SCRIPTS_PATH/ppp$UNIT-up" ] || echo '#!/bin/sh
  164. '$0' up' > "$SCRIPTS_PATH/ppp$UNIT-up"
  165.     chmod +x "$SCRIPTS_PATH/ppp$UNIT-up"
  166.  
  167.     [ -x "$SCRIPTS_PATH/ppp$UNIT-down" ] || echo '#!/bin/sh
  168. '$0' down' > "$SCRIPTS_PATH/ppp$UNIT-down"
  169.     chmod +x "$SCRIPTS_PATH/ppp$UNIT-down"
  170.  
  171.     echo "  unit $UNIT
  172.     usepeerdns
  173.     plugin pptp.so
  174.     pptp_server $PPTP_SERVER
  175.     user '$PPTP_USER'
  176.     password '$PPTP_PASSWORD'
  177.     default-asyncmap
  178.     nopcomp
  179.     noaccomp
  180.     novj
  181.     nobsdcomp
  182.     nodeflate
  183.     noauth
  184.     refuse-eap
  185.     maxfail 0
  186.     ip-up-script '$SCRIPTS_PATH/ppp$UNIT-up'
  187.     ip-down-script '$SCRIPTS_PATH/ppp$UNIT-down'
  188.     lcp-echo-interval 15
  189.     lcp-echo-failure 6
  190.     lcp-echo-adaptive
  191.     persist
  192.     holdoff 20
  193.     nomppe-stateful
  194.     mtu 1400" > "$SCRIPTS_PATH/options"
  195. }
  196.  
  197. _start()
  198. {
  199.     echo "Starting pppd$UNIT..."
  200.  
  201.     pppd file "$SCRIPTS_PATH/options"
  202. }
  203.  
  204. _restart()
  205. {
  206.     _stop
  207.     sleep 2
  208.     _write_config
  209.     _start
  210. }
  211.  
  212. _check_run()
  213. {
  214.     if [ ! -f /proc/$(cat /var/run/ppp$UNIT.pid)/exe ]; then
  215.         echo "pppd not running, restarting..."
  216.         _restart
  217.     else
  218.         ifconfig ppp${UNIT} 2>&1 > /dev/null
  219.         if [ $? -eq 1 ]; then
  220.             echo "pppd$UNIT down, restarting..."
  221.             _restart
  222.         fi
  223.     fi
  224. }
  225.  
  226. case $1 in
  227.     start)
  228.         _restart
  229.         ;;
  230.     stop)
  231.         _stop
  232.         ;;
  233.     up)
  234.         _up
  235.         ;;
  236.     down)
  237.         _down
  238.         ;;
  239.     config)
  240.         _write_config
  241.         ;;
  242.     check)
  243.         _check_run
  244.         ;;
  245.   *)
  246.         echo "usage: $0 (start|stop|check|up|down|config)"
  247.         exit 1
  248. esac
  249.  
  250. exit $?
RAW Paste Data