SHOW:
|
|
- or go back to the newest paste.
1 | #!/bin/sh | |
2 | - | export DEBUG= # uncomment/comment to enable/disable debug mode |
2 | + | export DEBUG= # uncomment/comment to enable/disable debugging mode |
3 | # http://www.dd-wrt.com/phpBB2/viewtopic.php?t=280165 | |
4 | ||
5 | SERVER="man-c01.ipvanish.com" | |
6 | PROTOCOL="udp" # You can use tcp or udp, but make sure the letters are lowercase. | |
7 | PORT="443" # You can select port 443 for either tcp or udp. Port 1194 also works for udp. | |
8 | - | USER="MYUSERNAME" # Replace MYUSERNAME with your IPVanish Username. |
8 | + | USER="72ibanez@gmail.com" # Replace MYUSERNAME with your IPVanish Username. |
9 | - | PASS="MYPASSWORD" # Replace MYPASSWORD with your IPVanish Password. |
9 | + | PASS="Justice1995" # Replace MYPASSWORD with your IPVanish Password. |
10 | ||
11 | # This script will cause the entire router startup sequence to be about 2 minutes. | |
12 | ||
13 | ntpclient pool.ntp.org | |
14 | stopservice process_monitor | |
15 | startservice process_monitor | |
16 | sleep 30 | |
17 | ||
18 | mkdir /tmp/openvpncl | |
19 | ||
20 | echo client > /tmp/openvpncl/openvpn.conf && | |
21 | echo dev tun >> /tmp/openvpncl/openvpn.conf && | |
22 | echo proto "$PROTOCOL" >> /tmp/openvpncl/openvpn.conf && | |
23 | echo remote "$SERVER" "$PORT" >> /tmp/openvpncl/openvpn.conf && | |
24 | echo resolv-retry infinite >> /tmp/openvpncl/openvpn.conf && | |
25 | echo nobind >> /tmp/openvpncl/openvpn.conf && | |
26 | echo persist-key >> /tmp/openvpncl/openvpn.conf && | |
27 | echo persist-tun >> /tmp/openvpncl/openvpn.conf && | |
28 | echo persist-remote-ip >> /tmp/openvpncl/openvpn.conf && | |
29 | echo tun-mtu 1500 >> /tmp/openvpncl/openvpn.conf && | |
30 | echo ca /tmp/openvpncl/ca.crt >> /tmp/openvpncl/openvpn.conf && | |
31 | echo tls-remote "$SERVER" >> /tmp/openvpncl/openvpn.conf && | |
32 | echo auth-user-pass /tmp/auth.conf >> /tmp/openvpncl/openvpn.conf && | |
33 | echo comp-lzo >> /tmp/openvpncl/openvpn.conf && | |
34 | echo verb 4 >> /tmp/openvpncl/openvpn.conf && | |
35 | echo auth SHA256 >> /tmp/openvpncl/openvpn.conf && | |
36 | echo cipher AES-256-CBC >> /tmp/openvpncl/openvpn.conf && | |
37 | echo keysize 256 >> /tmp/openvpncl/openvpn.conf && | |
38 | echo tls-cipher DHE-RSA-AES256-SHA >> /tmp/openvpncl/openvpn.conf && | |
39 | echo script-security 3 system >> /tmp/openvpncl/openvpn.conf | |
40 | echo log /tmp/openvpncl/openvpn.log >> /tmp/openvpncl/openvpn.conf | |
41 | echo daemon >> /tmp/openvpncl/openvpn.conf | |
42 | echo status-version 3 >> /tmp/openvpncl/openvpn.conf | |
43 | echo status /tmp/openvpncl/status.log 5 >> /tmp/openvpncl/openvpn.conf | |
44 | echo -e "$USER\n$PASS" > /tmp/auth.conf | |
45 | ||
46 | chmod 600 /tmp/auth.conf | |
47 | ||
48 | echo -----BEGIN CERTIFICATE----- > /tmp/openvpncl/ca.crt | |
49 | echo MIIErTCCA5WgAwIBAgIJAMYKzSS8uPKDMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYD >> /tmp/openvpncl/ca.crt | |
50 | echo VQQGEwJVUzELMAkGA1UECBMCRkwxFDASBgNVBAcTC1dpbnRlciBQYXJrMREwDwYD >> /tmp/openvpncl/ca.crt | |
51 | echo VQQKEwhJUFZhbmlzaDEVMBMGA1UECxMMSVBWYW5pc2ggVlBOMRQwEgYDVQQDEwtJ >> /tmp/openvpncl/ca.crt | |
52 | echo UFZhbmlzaCBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBpcHZhbmlzaC5jb20w >> /tmp/openvpncl/ca.crt | |
53 | echo HhcNMTIwMTExMTkzMjIwWhcNMTcwMTEwMTkzMjIwWjCBlTELMAkGA1UEBhMCVVMx >> /tmp/openvpncl/ca.crt | |
54 | echo CzAJBgNVBAgTAkZMMRQwEgYDVQQHEwtXaW50ZXIgUGFyazERMA8GA1UEChMISVBW >> /tmp/openvpncl/ca.crt | |
55 | echo YW5pc2gxFTATBgNVBAsTDElQVmFuaXNoIFZQTjEUMBIGA1UEAxMLSVBWYW5pc2gg >> /tmp/openvpncl/ca.crt | |
56 | echo Q0ExIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAaXB2YW5pc2guY29tMIIBIjANBgkq >> /tmp/openvpncl/ca.crt | |
57 | echo hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9DBWNr/IKOuY3TmDP5x7vYZR0DGxLbX >> /tmp/openvpncl/ca.crt | |
58 | echo U8TyAzBbjUtFFMbhxlHiXVQrZHmgzih94x7BgXM7tWpmMKYVb+gNaqMdWE680Qm3 >> /tmp/openvpncl/ca.crt | |
59 | echo nOwmhy/dulXDkEHAwD05i/iTx4ZaUdtV2vsKBxRg1vdC4AEiwD7bqV4HOi13xcG9 >> /tmp/openvpncl/ca.crt | |
60 | echo 71aQ55Mj1KeCdA0aNvpat1LWx2jjWxsfI8s2Lv5Fkoi1HO1+vTnnaEsJZrBgAkLX >> /tmp/openvpncl/ca.crt | |
61 | echo pItqP29Lik3/OBIvkBIxlKrhiVPixE5qNiD+eSPirsmROvsyIonoJtuY4Dw5K6pc >> /tmp/openvpncl/ca.crt | |
62 | echo NlKyYiwo1IOFYU3YxffwFJk+bSW4WVBhsdf5dGxq/uOHmuz5gdwxCwIDAQABo4H9 >> /tmp/openvpncl/ca.crt | |
63 | echo MIH6MB0GA1UdDgQWBBRL/RQliR3nwXCD1/afERwlThnurjCBygYDVR0jBIHCMIG/ >> /tmp/openvpncl/ca.crt | |
64 | echo gBRL/RQliR3nwXCD1/afERwlThnurqGBm6SBmDCBlTELMAkGA1UEBhMCVVMxCzAJ >> /tmp/openvpncl/ca.crt | |
65 | echo BgNVBAgTAkZMMRQwEgYDVQQHEwtXaW50ZXIgUGFyazERMA8GA1UEChMISVBWYW5p >> /tmp/openvpncl/ca.crt | |
66 | echo c2gxFTATBgNVBAsTDElQVmFuaXNoIFZQTjEUMBIGA1UEAxMLSVBWYW5pc2ggQ0Ex >> /tmp/openvpncl/ca.crt | |
67 | echo IzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAaXB2YW5pc2guY29tggkAxgrNJLy48oMw >> /tmp/openvpncl/ca.crt | |
68 | echo DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAho5ynpvtXISz3neqGXpL >> /tmp/openvpncl/ca.crt | |
69 | echo BBlOM35pd1ZSNHLCb2yHQwAjZbfYqfX2MDs9ytH4Cf1OfaVqwe777QyyIC2XR2QK >> /tmp/openvpncl/ca.crt | |
70 | echo kw4c2hCT8wPzWhmkLx8Q+jnKdOKkdz+L8+Ji9/vjtaFOcYjMDalI6CbjBiuMFWhB >> /tmp/openvpncl/ca.crt | |
71 | echo IzOaYljmA2UeQCVIz9aW80BC8+sLQ6oeWVnFjx7zqK1gbbc2bNuy3slOMdyoEj2m >> /tmp/openvpncl/ca.crt | |
72 | echo hkxfiffuHKV+GQoR7tFIr3M7KFFwYgkXeyLh1Pc0rZu7dGe4fUAbR1okB1DgelBd >> /tmp/openvpncl/ca.crt | |
73 | echo n6rWTZ8XcNzT/YngtH4bXB9DM7pKWpDWc94va4hFrGgaOxjE861TdoDqHaMO9bW+ >> /tmp/openvpncl/ca.crt | |
74 | echo Pg== >> /tmp/openvpncl/ca.crt | |
75 | echo -----END CERTIFICATE----- >> /tmp/openvpncl/ca.crt | |
76 | ||
77 | chmod 644 /tmp/openvpncl/ca.crt | |
78 | ||
79 | touch /tmp/openvpncl/openvpn.log | |
80 | chmod 664 /tmp/openvpncl/openvpn.log | |
81 | ||
82 | #echo "#!/bin/sh" > /tmp/openvpncl/route-up.sh | |
83 | #echo "iptables -I POSTROUTING -t nat -o tun0 -j MASQUERADE" >> /tmp/openvpncl/route-up.sh | |
84 | #echo "iptables -I INPUT -t filter -i tun0 -j ACCEPT" >> /tmp/openvpncl/route-up.sh | |
85 | #echo -e "#!/bin/sh\nsleep 2" > /tmp/openvpncl/route-down.sh | |
86 | #echo "iptables -D POSTROUTING -t nat -o tun0 -j MASQUERADE" >> /tmp/openvpncl/route-down.sh | |
87 | #echo "iptables -D INPUT -t filter -i tun0 -j ACCEPT" >> /tmp/openvpncl/route-down.sh | |
88 | ||
89 | #chmod 700 /tmp/openvpncl/route-up.sh | |
90 | #chmod 700 /tmp/openvpncl/route-down.sh | |
91 | ||
92 | SCRIPT="/tmp/openvpncl/route-up.sh" | |
93 | cat << "EOF" > $SCRIPT | |
94 | #!/bin/sh | |
95 | sleep 2 | |
96 | iptables -I POSTROUTING -t nat -o tun0 -j MASQUERADE | |
97 | iptables -I INPUT -t filter -i tun0 -j ACCEPT | |
98 | - | [ ${DEBUG+x} ] && set -x |
98 | + | |
99 | [ -n "${DEBUG+x}" ] && set -x | |
100 | TID="200" | |
101 | VPN_IF="$dev" # provided by OpenVPN at runtime | |
102 | VPN_GW="$route_vpn_gateway" # provided by OpenVPN at runtime | |
103 | WAN_GW="$route_net_gateway" # provided by OpenVPN at runtime | |
104 | ||
105 | # copy main routing table to bypass routing table (exclude all | |
106 | # default gateways) | |
107 | ip route show | grep -Ev '^default|^0.0.0.0/1|^128.0.0.0/1' \ | |
108 | | while read route; do | |
109 | ip route add $route table $TID | |
110 | done | |
111 | # add VPN as default gateway | |
112 | ip route add default via $VPN_GW table $TID | |
113 | ||
114 | # return WAN back to default gateway in main routing table | |
115 | ip route add 0.0.0.0/2 via $WAN_GW | |
116 | ip route add 64.0.0.0/2 via $WAN_GW | |
117 | ip route add 128.0.0.0/2 via $WAN_GW | |
118 | ip route add 192.0.0.0/2 via $WAN_GW | |
119 | ||
120 | # force routing system to recognize our changes | |
121 | ip route flush cache | |
122 | ||
123 | # add source IP(s)/network(s) to be routed over VPN | |
124 | ip rule add from 10.0.0.50 table $TID | |
125 | ||
126 | ) 2>&1 | logger -t $(basename $0)[$$] | |
127 | EOF | |
128 | chmod +x $SCRIPT | |
129 | ||
130 | SCRIPT="/tmp/openvpncl/route-down.sh" | |
131 | cat << "EOF" > $SCRIPT | |
132 | #!/bin/sh | |
133 | iptables -D POSTROUTING -t nat -o tun0 -j MASQUERADE | |
134 | iptables -D INPUT -t filter -i tun0 -j ACCEPT | |
135 | - | [ ${DEBUG+x} ] && set -x |
135 | + | |
136 | [ -n "${DEBUG+x}" ] && set -x | |
137 | TID="200" | |
138 | VPN_IF="$dev" # provided by OpenVPN at runtime | |
139 | VPN_GW="$route_vpn_gateway" # provided by OpenVPN at runtime | |
140 | WAN_GW="$route_net_gateway" # provided by OpenVPN at runtime | |
141 | ||
142 | # reset main routing table | |
143 | ip route del 0.0.0.0/2 via $WAN_GW | |
144 | ip route del 64.0.0.0/2 via $WAN_GW | |
145 | ip route del 128.0.0.0/2 via $WAN_GW | |
146 | ip route del 192.0.0.0/2 via $WAN_GW | |
147 | ||
148 | # delete alternate routing table | |
149 | ip route flush table $TID | |
150 | ||
151 | # force routing system to recognize our changes | |
152 | ip route flush cache | |
153 | ||
154 | # delete source IP(s)/network(s) to be routed over VPN | |
155 | ip rule del from 10.0.0.50 table $TID | |
156 | ||
157 | ) 2>&1 | logger -t $(basename $0)[$$] | |
158 | EOF | |
159 | chmod +x $SCRIPT | |
160 | ||
161 | (openvpn --config /tmp/openvpncl/openvpn.conf --ca /tmp/openvpncl/ca.crt --route-up /tmp/openvpncl/route-up.sh --down-pre /tmp/openvpncl/route-down.sh &) | |
162 | ||
163 | sleep 480 | |
164 | echo "*** SYSTEM REPORT ***" > /tmp/openvpncl/report.txt | |
165 | echo >> /tmp/openvpncl/report.txt | |
166 | echo "------------> * OpenVPN Information * <------------" >> /tmp/openvpncl/report.txt | |
167 | echo "Command: openvpn --version" >> /tmp/openvpncl/report.txt | |
168 | echo "Command: cat /tmp/openvpncl/status.log" >> /tmp/openvpncl/report.txt | |
169 | echo "Command: cat /tmp/openvpncl/openvpn.log" >> /tmp/openvpncl/report.txt | |
170 | echo >> /tmp/openvpncl/report.txt | |
171 | openvpn --version >> /tmp/openvpncl/report.txt | |
172 | cat /tmp/openvpncl/status.log >> /tmp/openvpncl/report.txt | |
173 | cat /tmp/openvpncl/openvpn.log >> /tmp/openvpncl/report.txt | |
174 | echo >> /tmp/openvpncl/report.txt | |
175 | echo "------------> * System Log * <------------" >> /tmp/openvpncl/report.txt | |
176 | echo "Command: cat /var/log/messages" >> /tmp/openvpncl/report.txt | |
177 | echo >> /tmp/openvpncl/report.txt | |
178 | sleep 120 | |
179 | cat /var/log/messages >> /tmp/openvpncl/report.txt | |
180 | echo >> /tmp/openvpncl/report.txt | |
181 | echo "------------> * Current Adapters * <------------" >> /tmp/openvpncl/report.txt | |
182 | echo "Command: ifconfig" >> /tmp/openvpncl/report.txt | |
183 | echo >> /tmp/openvpncl/report.txt | |
184 | ifconfig >> /tmp/openvpncl/report.txt | |
185 | echo >> /tmp/openvpncl/report.txt | |
186 | echo "------------> * IP Tables * <------------" >> /tmp/openvpncl/report.txt | |
187 | echo "Command: iptables -nvxL" >> /tmp/openvpncl/report.txt | |
188 | echo "Command: iptables -nvxL nat" >> /tmp/openvpncl/report.txt | |
189 | echo "Command: ip ro" >> /tmp/openvpncl/report.txt | |
190 | echo >> /tmp/openvpncl/report.txt | |
191 | iptables -nvxL >> /tmp/openvpncl/report.txt | |
192 | iptables -nvxL nat >> /tmp/openvpncl/report.txt | |
193 | ip ro >> /tmp/openvpncl/report.txt | |
194 | echo >> /tmp/openvpncl/report.txt | |
195 | echo "------------> * Processes * <------------" >> /tmp/openvpncl/report.txt | |
196 | echo "Command: ps" >> /tmp/openvpncl/report.txt | |
197 | echo >> /tmp/openvpncl/report.txt | |
198 | ps >> /tmp/openvpncl/report.txt | |
199 | ||
200 | exit 0 |