Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- export DEBUG= # uncomment/comment to enable/disable debugging mode
- # http://www.dd-wrt.com/phpBB2/viewtopic.php?t=280165
- SERVER="man-c01.ipvanish.com"
- PROTOCOL="udp" # You can use tcp or udp, but make sure the letters are lowercase.
- PORT="443" # You can select port 443 for either tcp or udp. Port 1194 also works for udp.
- USER="72ibanez@gmail.com" # Replace MYUSERNAME with your IPVanish Username.
- PASS="Justice1995" # Replace MYPASSWORD with your IPVanish Password.
- # This script will cause the entire router startup sequence to be about 2 minutes.
- ntpclient pool.ntp.org
- stopservice process_monitor
- startservice process_monitor
- sleep 30
- mkdir /tmp/openvpncl
- echo client > /tmp/openvpncl/openvpn.conf &&
- echo dev tun >> /tmp/openvpncl/openvpn.conf &&
- echo proto "$PROTOCOL" >> /tmp/openvpncl/openvpn.conf &&
- echo remote "$SERVER" "$PORT" >> /tmp/openvpncl/openvpn.conf &&
- echo resolv-retry infinite >> /tmp/openvpncl/openvpn.conf &&
- echo nobind >> /tmp/openvpncl/openvpn.conf &&
- echo persist-key >> /tmp/openvpncl/openvpn.conf &&
- echo persist-tun >> /tmp/openvpncl/openvpn.conf &&
- echo persist-remote-ip >> /tmp/openvpncl/openvpn.conf &&
- echo tun-mtu 1500 >> /tmp/openvpncl/openvpn.conf &&
- echo ca /tmp/openvpncl/ca.crt >> /tmp/openvpncl/openvpn.conf &&
- echo tls-remote "$SERVER" >> /tmp/openvpncl/openvpn.conf &&
- echo auth-user-pass /tmp/auth.conf >> /tmp/openvpncl/openvpn.conf &&
- echo comp-lzo >> /tmp/openvpncl/openvpn.conf &&
- echo verb 4 >> /tmp/openvpncl/openvpn.conf &&
- echo auth SHA256 >> /tmp/openvpncl/openvpn.conf &&
- echo cipher AES-256-CBC >> /tmp/openvpncl/openvpn.conf &&
- echo keysize 256 >> /tmp/openvpncl/openvpn.conf &&
- echo tls-cipher DHE-RSA-AES256-SHA >> /tmp/openvpncl/openvpn.conf &&
- echo script-security 3 system >> /tmp/openvpncl/openvpn.conf
- echo log /tmp/openvpncl/openvpn.log >> /tmp/openvpncl/openvpn.conf
- echo daemon >> /tmp/openvpncl/openvpn.conf
- echo status-version 3 >> /tmp/openvpncl/openvpn.conf
- echo status /tmp/openvpncl/status.log 5 >> /tmp/openvpncl/openvpn.conf
- echo -e "$USER\n$PASS" > /tmp/auth.conf
- chmod 600 /tmp/auth.conf
- echo -----BEGIN CERTIFICATE----- > /tmp/openvpncl/ca.crt
- echo MIIErTCCA5WgAwIBAgIJAMYKzSS8uPKDMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYD >> /tmp/openvpncl/ca.crt
- echo VQQGEwJVUzELMAkGA1UECBMCRkwxFDASBgNVBAcTC1dpbnRlciBQYXJrMREwDwYD >> /tmp/openvpncl/ca.crt
- echo VQQKEwhJUFZhbmlzaDEVMBMGA1UECxMMSVBWYW5pc2ggVlBOMRQwEgYDVQQDEwtJ >> /tmp/openvpncl/ca.crt
- echo UFZhbmlzaCBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBpcHZhbmlzaC5jb20w >> /tmp/openvpncl/ca.crt
- echo HhcNMTIwMTExMTkzMjIwWhcNMTcwMTEwMTkzMjIwWjCBlTELMAkGA1UEBhMCVVMx >> /tmp/openvpncl/ca.crt
- echo CzAJBgNVBAgTAkZMMRQwEgYDVQQHEwtXaW50ZXIgUGFyazERMA8GA1UEChMISVBW >> /tmp/openvpncl/ca.crt
- echo YW5pc2gxFTATBgNVBAsTDElQVmFuaXNoIFZQTjEUMBIGA1UEAxMLSVBWYW5pc2gg >> /tmp/openvpncl/ca.crt
- echo Q0ExIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAaXB2YW5pc2guY29tMIIBIjANBgkq >> /tmp/openvpncl/ca.crt
- echo hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9DBWNr/IKOuY3TmDP5x7vYZR0DGxLbX >> /tmp/openvpncl/ca.crt
- echo U8TyAzBbjUtFFMbhxlHiXVQrZHmgzih94x7BgXM7tWpmMKYVb+gNaqMdWE680Qm3 >> /tmp/openvpncl/ca.crt
- echo nOwmhy/dulXDkEHAwD05i/iTx4ZaUdtV2vsKBxRg1vdC4AEiwD7bqV4HOi13xcG9 >> /tmp/openvpncl/ca.crt
- echo 71aQ55Mj1KeCdA0aNvpat1LWx2jjWxsfI8s2Lv5Fkoi1HO1+vTnnaEsJZrBgAkLX >> /tmp/openvpncl/ca.crt
- echo pItqP29Lik3/OBIvkBIxlKrhiVPixE5qNiD+eSPirsmROvsyIonoJtuY4Dw5K6pc >> /tmp/openvpncl/ca.crt
- echo NlKyYiwo1IOFYU3YxffwFJk+bSW4WVBhsdf5dGxq/uOHmuz5gdwxCwIDAQABo4H9 >> /tmp/openvpncl/ca.crt
- echo MIH6MB0GA1UdDgQWBBRL/RQliR3nwXCD1/afERwlThnurjCBygYDVR0jBIHCMIG/ >> /tmp/openvpncl/ca.crt
- echo gBRL/RQliR3nwXCD1/afERwlThnurqGBm6SBmDCBlTELMAkGA1UEBhMCVVMxCzAJ >> /tmp/openvpncl/ca.crt
- echo BgNVBAgTAkZMMRQwEgYDVQQHEwtXaW50ZXIgUGFyazERMA8GA1UEChMISVBWYW5p >> /tmp/openvpncl/ca.crt
- echo c2gxFTATBgNVBAsTDElQVmFuaXNoIFZQTjEUMBIGA1UEAxMLSVBWYW5pc2ggQ0Ex >> /tmp/openvpncl/ca.crt
- echo IzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAaXB2YW5pc2guY29tggkAxgrNJLy48oMw >> /tmp/openvpncl/ca.crt
- echo DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAho5ynpvtXISz3neqGXpL >> /tmp/openvpncl/ca.crt
- echo BBlOM35pd1ZSNHLCb2yHQwAjZbfYqfX2MDs9ytH4Cf1OfaVqwe777QyyIC2XR2QK >> /tmp/openvpncl/ca.crt
- echo kw4c2hCT8wPzWhmkLx8Q+jnKdOKkdz+L8+Ji9/vjtaFOcYjMDalI6CbjBiuMFWhB >> /tmp/openvpncl/ca.crt
- echo IzOaYljmA2UeQCVIz9aW80BC8+sLQ6oeWVnFjx7zqK1gbbc2bNuy3slOMdyoEj2m >> /tmp/openvpncl/ca.crt
- echo hkxfiffuHKV+GQoR7tFIr3M7KFFwYgkXeyLh1Pc0rZu7dGe4fUAbR1okB1DgelBd >> /tmp/openvpncl/ca.crt
- echo n6rWTZ8XcNzT/YngtH4bXB9DM7pKWpDWc94va4hFrGgaOxjE861TdoDqHaMO9bW+ >> /tmp/openvpncl/ca.crt
- echo Pg== >> /tmp/openvpncl/ca.crt
- echo -----END CERTIFICATE----- >> /tmp/openvpncl/ca.crt
- chmod 644 /tmp/openvpncl/ca.crt
- touch /tmp/openvpncl/openvpn.log
- chmod 664 /tmp/openvpncl/openvpn.log
- #echo "#!/bin/sh" > /tmp/openvpncl/route-up.sh
- #echo "iptables -I POSTROUTING -t nat -o tun0 -j MASQUERADE" >> /tmp/openvpncl/route-up.sh
- #echo "iptables -I INPUT -t filter -i tun0 -j ACCEPT" >> /tmp/openvpncl/route-up.sh
- #echo -e "#!/bin/sh\nsleep 2" > /tmp/openvpncl/route-down.sh
- #echo "iptables -D POSTROUTING -t nat -o tun0 -j MASQUERADE" >> /tmp/openvpncl/route-down.sh
- #echo "iptables -D INPUT -t filter -i tun0 -j ACCEPT" >> /tmp/openvpncl/route-down.sh
- #chmod 700 /tmp/openvpncl/route-up.sh
- #chmod 700 /tmp/openvpncl/route-down.sh
- SCRIPT="/tmp/openvpncl/route-up.sh"
- cat << "EOF" > $SCRIPT
- #!/bin/sh
- sleep 2
- iptables -I POSTROUTING -t nat -o tun0 -j MASQUERADE
- iptables -I INPUT -t filter -i tun0 -j ACCEPT
- (
- [ -n "${DEBUG+x}" ] && set -x
- TID="200"
- VPN_IF="$dev" # provided by OpenVPN at runtime
- VPN_GW="$route_vpn_gateway" # provided by OpenVPN at runtime
- WAN_GW="$route_net_gateway" # provided by OpenVPN at runtime
- # copy main routing table to bypass routing table (exclude all
- # default gateways)
- ip route show | grep -Ev '^default|^0.0.0.0/1|^128.0.0.0/1' \
- | while read route; do
- ip route add $route table $TID
- done
- # add VPN as default gateway
- ip route add default via $VPN_GW table $TID
- # return WAN back to default gateway in main routing table
- ip route add 0.0.0.0/2 via $WAN_GW
- ip route add 64.0.0.0/2 via $WAN_GW
- ip route add 128.0.0.0/2 via $WAN_GW
- ip route add 192.0.0.0/2 via $WAN_GW
- # force routing system to recognize our changes
- ip route flush cache
- # add source IP(s)/network(s) to be routed over VPN
- ip rule add from 10.0.0.50 table $TID
- ) 2>&1 | logger -t $(basename $0)[$$]
- EOF
- chmod +x $SCRIPT
- SCRIPT="/tmp/openvpncl/route-down.sh"
- cat << "EOF" > $SCRIPT
- #!/bin/sh
- iptables -D POSTROUTING -t nat -o tun0 -j MASQUERADE
- iptables -D INPUT -t filter -i tun0 -j ACCEPT
- (
- [ -n "${DEBUG+x}" ] && set -x
- TID="200"
- VPN_IF="$dev" # provided by OpenVPN at runtime
- VPN_GW="$route_vpn_gateway" # provided by OpenVPN at runtime
- WAN_GW="$route_net_gateway" # provided by OpenVPN at runtime
- # reset main routing table
- ip route del 0.0.0.0/2 via $WAN_GW
- ip route del 64.0.0.0/2 via $WAN_GW
- ip route del 128.0.0.0/2 via $WAN_GW
- ip route del 192.0.0.0/2 via $WAN_GW
- # delete alternate routing table
- ip route flush table $TID
- # force routing system to recognize our changes
- ip route flush cache
- # delete source IP(s)/network(s) to be routed over VPN
- ip rule del from 10.0.0.50 table $TID
- ) 2>&1 | logger -t $(basename $0)[$$]
- EOF
- chmod +x $SCRIPT
- (openvpn --config /tmp/openvpncl/openvpn.conf --ca /tmp/openvpncl/ca.crt --route-up /tmp/openvpncl/route-up.sh --down-pre /tmp/openvpncl/route-down.sh &)
- sleep 480
- echo "*** SYSTEM REPORT ***" > /tmp/openvpncl/report.txt
- echo >> /tmp/openvpncl/report.txt
- echo "------------> * OpenVPN Information * <------------" >> /tmp/openvpncl/report.txt
- echo "Command: openvpn --version" >> /tmp/openvpncl/report.txt
- echo "Command: cat /tmp/openvpncl/status.log" >> /tmp/openvpncl/report.txt
- echo "Command: cat /tmp/openvpncl/openvpn.log" >> /tmp/openvpncl/report.txt
- echo >> /tmp/openvpncl/report.txt
- openvpn --version >> /tmp/openvpncl/report.txt
- cat /tmp/openvpncl/status.log >> /tmp/openvpncl/report.txt
- cat /tmp/openvpncl/openvpn.log >> /tmp/openvpncl/report.txt
- echo >> /tmp/openvpncl/report.txt
- echo "------------> * System Log * <------------" >> /tmp/openvpncl/report.txt
- echo "Command: cat /var/log/messages" >> /tmp/openvpncl/report.txt
- echo >> /tmp/openvpncl/report.txt
- sleep 120
- cat /var/log/messages >> /tmp/openvpncl/report.txt
- echo >> /tmp/openvpncl/report.txt
- echo "------------> * Current Adapters * <------------" >> /tmp/openvpncl/report.txt
- echo "Command: ifconfig" >> /tmp/openvpncl/report.txt
- echo >> /tmp/openvpncl/report.txt
- ifconfig >> /tmp/openvpncl/report.txt
- echo >> /tmp/openvpncl/report.txt
- echo "------------> * IP Tables * <------------" >> /tmp/openvpncl/report.txt
- echo "Command: iptables -nvxL" >> /tmp/openvpncl/report.txt
- echo "Command: iptables -nvxL nat" >> /tmp/openvpncl/report.txt
- echo "Command: ip ro" >> /tmp/openvpncl/report.txt
- echo >> /tmp/openvpncl/report.txt
- iptables -nvxL >> /tmp/openvpncl/report.txt
- iptables -nvxL nat >> /tmp/openvpncl/report.txt
- ip ro >> /tmp/openvpncl/report.txt
- echo >> /tmp/openvpncl/report.txt
- echo "------------> * Processes * <------------" >> /tmp/openvpncl/report.txt
- echo "Command: ps" >> /tmp/openvpncl/report.txt
- echo >> /tmp/openvpncl/report.txt
- ps >> /tmp/openvpncl/report.txt
- exit 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement