Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- mkdir -p /tmp/etc/vpnc
- echo '
- #!/bin/sh
- #### Set all Variables
- vpn_concentrator=“vpn_server_address” # ip or hostname of ipsec vpn concentrator
- vpn_keepalive_host="youtube.com" #测试VPN是否联通的地址,我用的youtube,你也可以使用其他默认情况下不能访问的地址
- #### 以下参数请按照你的IPSec server来设置
- vpn_groupname=“vpn” # group name hereconnection
- vpn_grouppasswd="vpn_groupname” # group password here
- vpn_username=“vpn_username” # your username here
- vpn_password=“vpn_password” # your password here
- #### Create a local script to split routes
- echo "
- CISCO_SPLIT_INC=0
- CISCO_SPLIT_INC_0_ADDR=10.0.0.0 # IP range to go into first tunnel
- CISCO_SPLIT_INC_0_MASK=255.0.0.0 # Subnet Mask for first tunnel
- CISCO_SPLIT_INC_0_MASKLEN=8 # Mask length
- CISCO_SPLIT_INC_0_PROTOCOL=0
- CISCO_SPLIT_INC_0_SPORT=0
- CISCO_SPLIT_INC_0_DPORT=0
- sh /etc/vpnc/vpnc-script
- " > /tmp/etc/vpnc/vpnc-script-local
- chmod a+x /tmp/etc/vpnc/vpnc-script-local
- #### Create the vpnc.conf file
- echo "
- IPSec gateway $vpn_concentrator
- IPSec ID $vpn_groupname
- IPSec secret $vpn_grouppasswd
- Xauth username $vpn_username
- Xauth password $vpn_password
- Script /etc/vpnc/vpnc-script # points to the local script
- " > /tmp/etc/vpnc/vpnc.conf
- #### Create the vpnc.sh file
- pingtest () {
- sourceIP=$(nvram get lan_ipaddr)
- ping -q -c1 $1 -I $sourceIP >> /dev/null
- if [ "$?" == "0" ]; then
- echo 1 #reachable
- else
- echo 0 #not reachable
- fi
- }
- while [ true ]; do
- # wait until the concentrator is reachable
- while [ "`pingtest $vpn_concentrator`" != "1" ]; do
- echo "Vpnc concentrator $vpn_concentrator is not reachable, sleeping 10"
- sleep 10;
- done
- if [ "`pingtest $vpn_keepalive_host`" == "1" ]; then
- echo "vpn connection active: $vpn_keepalive_host is alive"
- sleep 60;
- else
- echo "vpn connection down: $vpn_keepalive_host is unreachable"
- vpnc-disconnect
- echo "Attempting to start vpnc"
- vpnc /tmp/etc/vpnc/vpnc.conf --dpd-idle 0 --local-port 0
- tundev="`ifconfig |grep tun |cut -b 1-4|tail -n 1`"
- iptables -A FORWARD -o $tundev -j ACCEPT
- iptables -A FORWARD -i $tundev -j ACCEPT
- iptables -t nat -A POSTROUTING -o $tundev -j MASQUERADE
- stopservice dnsmasq
- sleep 1;
- startservice dnsmasq
- fi
- sleep 1;
- done
- return 0;
- ' > /tmp/etc/vpnc/vpnc.sh
- chmod a+x /tmp/etc/vpnc/vpnc.sh
- sh /tmp/etc/vpnc/vpnc.sh
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement