Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- # openvpn ptp (point-to-point) tunnel - server
- # tomato ref: https://bit.ly/2DrmODq
- # v1.0.0
- LOCAL_PORT="22810" # listening port of openvpn server
- INT_IP="192.168.61.43" # target of vps port forward
- WAN_IF="$(ip route | awk '/^default/{print $NF}')"
- OVPN_DIR="/tmp/ovpn_ptp" # default working directory
- [ -d $OVPN_DIR ] || mkdir -p $OVPN_DIR
- # --------------------------- begin ovpn-start.sh ---------------------------- #
- cat << EOF > $OVPN_DIR/ovpn-start.sh
- #!/bin/sh
- modprobe tun
- killall -q openvpn && sleep 3
- openvpn --config $OVPN_DIR/openvpn.conf
- EOF
- chmod +x $OVPN_DIR/ovpn-start.sh
- # ---------------------------- end ovpn-start.sh ----------------------------- #
- # ---------------------------- begin openvpn.conf ---------------------------- #
- cat << EOF > $OVPN_DIR/openvpn.conf
- daemon
- dev tun0
- proto udp4
- port $LOCAL_PORT
- ifconfig 10.8.0.1 10.8.0.2
- script-security 2
- up $OVPN_DIR/up.sh
- down $OVPN_DIR/down.sh
- route-up $OVPN_DIR/route-up.sh
- route-pre-down $OVPN_DIR/route-down.sh
- secret $OVPN_DIR/static.key 0
- #user nobody
- #group nogroup
- cipher aes-256-cbc
- auth sha256
- auth-nocache
- persist-tun
- persist-key
- keepalive 10 60
- ping-timer-rem
- comp-lzo no
- verb 4
- EOF
- # ----------------------------- end openvpn.conf ----------------------------- #
- # ----------------------------- begin static.key ----------------------------- #
- cat << "EOF" > $OVPN_DIR/static.key
- #
- # 2048 bit OpenVPN static key
- #
- -----BEGIN OpenVPN Static key V1-----
- 5b4cdb0114d8d499ad97210a1c2fd7ea
- 1f1ede99c506109ba0df8c84a0b6d824
- 75b9d5def574883f5883532d09f244ed
- 8fd21d44b43da99536ab5e8592441f50
- 0063ff4d2280f302f39147cd5d9c21b8
- 37f3a2102cdeff9746a192ffa6f87f24
- 2770677ea3a0af3a30a630d24350a605
- c9cf6715dab985ba5105739dc61f1111
- 3e368b64287e9fe0d7e48284e10be4c1
- 4965de0f60554a5a9753bb14f3008462
- 2ae6c86f3710a122bc3954eb20688697
- 5d3e1ed2d19fe930c997aac121888376
- 4bdfc2d462cd23000fb221b6702de7e6
- a7b5c718b5e5d351e401a35d8b66e407
- a4b467e1c9095003e5db52ae4d3574b1
- 1be6e37867ef2455d5cbed8b8a614245
- -----END OpenVPN Static key V1-----
- EOF
- chmod 600 $OVPN_DIR/static.key
- # ------------------------------ end static.key ------------------------------ #
- # ------------------------------- begin up.sh -------------------------------- #
- cat << EOF > $OVPN_DIR/up.sh
- #!/bin/sh
- # open openvpn service port
- iptables -I INPUT -i $WAN_IF -p udp --dport $LOCAL_PORT -j ACCEPT
- # allow traffic in from the openvpn tunnel
- iptables -I INPUT -i tun0 -j ACCEPT
- iptables -I FORWARD -i tun0 -j ACCEPT
- EOF
- chmod +x $OVPN_DIR/up.sh
- # -------------------------------- end up.sh --------------------------------- #
- # ------------------------------ begin down.sh ------------------------------- #
- cat << EOF > $OVPN_DIR/down.sh
- #!/bin/sh
- ipt() { while iptables "\$@" 2>/dev/null; do :; done }
- # flush the firewall rules
- ipt -D INPUT -i $WAN_IF -p udp --dport $LOCAL_PORT -j ACCEPT
- ipt -D INPUT -i tun0 -j ACCEPT
- ipt -D FORWARD -i tun0 -j ACCEPT
- EOF
- chmod +x $OVPN_DIR/down.sh
- # ------------------------------- end down.sh -------------------------------- #
- # ---------------------------- begin route-up.sh ----------------------------- #
- cat << EOF > $OVPN_DIR/route-up.sh
- #!/bin/sh
- ip route flush table 200 2>/dev/null
- ip route add default via \$ifconfig_remote dev tun0 table 200
- ip route flush cache
- ip rule add from $INT_IP table 200
- EOF
- chmod +x $OVPN_DIR/route-up.sh
- # ----------------------------- end route-up.sh ------------------------------ #
- # --------------------------- begin route-down.sh ---------------------------- #
- cat << EOF > $OVPN_DIR/route-down.sh
- #!/bin/sh
- ip route flush table 200 2>/dev/null
- ip route flush cache
- ip rule del from $INT_IP table 200
- EOF
- chmod +x $OVPN_DIR/route-down.sh
- # ---------------------------- end route-down.sh ----------------------------- #
- # begin openvpn execution and verify connection
- cd $OVPN_DIR && sh -x ./ovpn-start.sh && ping 10.8.0.2
Add Comment
Please, Sign In to add comment