CentOS7一键VPN脚本
时间:2015-05-15 12:16 来源:linux.it.net.cn 作者:IT
安装PPTP脚本
------------------------------------------------------------------
#!/bin/bash
yum -y update
wget -c http://dl.fedoraproject.org/pub/epel/7/x86_64/p/pptpd-1.4.0-2.el7.x86_64.rpm
yum -y install pptpd-1.4.0-2.el7.x86_64.rpm
cp -rf /etc/pptpd.conf /etc/pptpd.conf.bak
cat >> /etc/pptpd.conf << EOF
localip 192.168.144.1
remoteip 192.168.144.2-254
EOF
cp -rf /etc/ppp/options.pptpd /etc/ppp/options.pptpd.bak
cat >> /etc/ppp/options.pptpd <<EOF
ms-dns 8.8.8.8
ms-dns 8.8.4.4
EOF
yum -y install ppp
cp -rf /etc/ppp/chap-secrets /etc/ppp/chap-secrets.bak
cat >> /etc/ppp/chap-secrets << EOF
vpn pptpd 123456 *
EOF
cp -rf /etc/rc.d/rc.local /etc/rc.d/rc.local.bak
cat >> /etc/rc.d/rc.local <<EOF
iptables -A INPUT -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.144.0/24 -j MASQUERADE
iptables -A INPUT -p tcp -m multiport --dport 1723 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
systemctl restart pptpd
EOF
chmod +x /etc/rc.d/rc.local
iptables -A INPUT -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.144.0/24 -j MASQUERADE
iptables -A INPUT -p tcp --dport 1723 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
systemctl restart pptpd
systemctl enable pptpd
echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
echo "Success! And the VPN account is:"
echo "Method:PPTP"
echo "User:vpn"
echo "Password:123456"
echo "If you want modify, with vim tool at /etc/ppp/chap-secrets"
echo "Good luck!"
-------------------------------------------------------------
安装L2tp脚本
----------------------------------------------------------
#!/bin/bash
yum -y update
yum -y install openswan net-tools
mv /etc/ipsec.conf /etc/ipsec.conf.bak
cat >> /etc/ipsec.conf << EOF
config setup
protostack=netkey
dumpdir=/var/run/pluto/
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:100.64.0.0/10,%v6:fd00::/8,%v6:fe80::/10
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=YOUR_IPADDR
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
EOF
mv /etc/ipsec.secrets /etc/ipsec.secrets.bak
cat >> /etc/ipsec.secrets << EOF
include /etc/ipsec.d/*.secrets
YOUR_IPADDR %any: PSK "www.so-love.com"
EOF
echo "+++++++++++++++++++++++++++"
echo "Shell Test that your ip is:"
echo $(ifconfig | awk -F'[ ]+|:' '/inet/{if($3!~/^192.168|^172.16|^10|^127|^0/&&$3~/.{1,3}\..{1,3}\..{1,3}\..{1,3}/) print $3}')
sed -i "s/YOUR_IPADDR/$(ifconfig | awk -F'[ ]+|:' '/inet/{if($3!~/^192.168|^172.16|^10|^127|^0/&&$3~/.{1,3}\..{1,3}\..{1,3}\..{1,3}/) print $3}')/g" /etc/ipsec.conf
sed -i "s/YOUR_IPADDR/$(ifconfig | awk -F'[ ]+|:' '/inet/{if($3!~/^192.168|^172.16|^10|^127|^0/&&$3~/.{1,3}\..{1,3}\..{1,3}\..{1,3}/) print $3}')/g" /etc/ipsec.secrets
echo "+++++++++++++++++++++++++++"
echo 1 > /proc/sys/net/ipv4/ip_forward
for each in /proc/sys/net/ipv4/conf/*
do
echo 0 > $each/accept_redirects
echo 0 > $each/send_redirects
done
#cp -rf /etc/sysctl.conf /etc/sysctl.conf.bak
#echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
#sysctl -p
systemctl restart ipsec.service
ipsec verify
# tail -f /var/log/secure
wget -c http://dl.fedoraproject.org/pub/epel/testing/7/x86_64/x/xl2tpd-1.3.6-7.el7.x86_64.rpm
yum install -y xl2tpd-1.3.6-7.el7.x86_64.rpm
mv /etc/xl2tpd/xl2tpd.conf /etc/xl2tpd/xl2tpd.conf.bak
cat >> /etc/xl2tpd/xl2tpd.conf << EOF
[global]
[lns default]
ip range = 192.168.1.128-192.168.1.254
local ip = 192.168.1.99
require chap = yes
refuse pap = yes
require authentication = yes
name = LinuxVPNserver
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
EOF
yum -y install ppp
mv /etc/ppp/options.xl2tpd /etc/ppp/options.xl2tpd.bak
cat >> /etc/ppp/options.xl2tpd << EOF
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
crtscts
idle 1800
mtu 1410
mru 1410
nodefaultroute
debug
lock
proxyarp
connect-delay 5000
EOF
mv /etc/ppp/chap-secrets /etc/ppp/chap-secrets.bak
cat >> /etc/ppp/chap-secrets << EOF
# Secrets for authentication using CHAP
# client server secret IP addresses
vpn l2tpd 123456 *
EOF
cat >> /etc/rc.d/rc.local <<EOF
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
for each in /proc/sys/net/ipv4/conf/*
do
echo 0 > $each/accept_redirects
echo 0 > $each/send_redirects
done
systemctl restart ipsec.service
ps -ef | grep 'xl2tpd' || /usr/sbin/xl2tpd
EOF
chmod +x /etc/rc.d/rc.local
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
/usr/sbin/xl2tpd
echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
echo "Success! And the VPN account is:"
echo "Method:L2TP"
echo "User:vpn"
echo "Password:123456"
echo "PSK:www.so-love.com"
echo "If you want modify, with vim tool at /etc/ppp/chap-secrets"
echo "Good luck!"
(责任编辑:IT)
安装PPTP脚本
------------------------------------------------------------------
#!/bin/bash
yum -y update
wget -c http://dl.fedoraproject.org/pub/epel/7/x86_64/p/pptpd-1.4.0-2.el7.x86_64.rpm
yum -y install pptpd-1.4.0-2.el7.x86_64.rpm
cp -rf /etc/pptpd.conf /etc/pptpd.conf.bak
cat >> /etc/pptpd.conf << EOF
localip 192.168.144.1
remoteip 192.168.144.2-254
EOF
cp -rf /etc/ppp/options.pptpd /etc/ppp/options.pptpd.bak
cat >> /etc/ppp/options.pptpd <<EOF
ms-dns 8.8.8.8
ms-dns 8.8.4.4
EOF
yum -y install ppp
cp -rf /etc/ppp/chap-secrets /etc/ppp/chap-secrets.bak
cat >> /etc/ppp/chap-secrets << EOF
vpn pptpd 123456 *
EOF
cp -rf /etc/rc.d/rc.local /etc/rc.d/rc.local.bak
cat >> /etc/rc.d/rc.local <<EOF
iptables -A INPUT -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.144.0/24 -j MASQUERADE
iptables -A INPUT -p tcp -m multiport --dport 1723 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
systemctl restart pptpd
EOF
chmod +x /etc/rc.d/rc.local
iptables -A INPUT -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.144.0/24 -j MASQUERADE
iptables -A INPUT -p tcp --dport 1723 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
systemctl restart pptpd
systemctl enable pptpd
echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
echo "Success! And the VPN account is:"
echo "Method:PPTP"
echo "User:vpn"
echo "Password:123456"
echo "If you want modify, with vim tool at /etc/ppp/chap-secrets"
echo "Good luck!"
-------------------------------------------------------------
安装L2tp脚本
----------------------------------------------------------
#!/bin/bash
yum -y update
yum -y install openswan net-tools
mv /etc/ipsec.conf /etc/ipsec.conf.bak
cat >> /etc/ipsec.conf << EOF
config setup
protostack=netkey
dumpdir=/var/run/pluto/
nat_traversal=yes
conn L2TP-PSK-NAT
conn L2TP-PSK-noNAT
EOF
mv /etc/ipsec.secrets /etc/ipsec.secrets.bak
cat >> /etc/ipsec.secrets << EOF
include /etc/ipsec.d/*.secrets
YOUR_IPADDR
EOF
echo "+++++++++++++++++++++++++++"
echo "Shell Test that your ip is:"
echo $(ifconfig | awk -F'[ ]+|:' '/inet/{if($3!~/^192.168|^172.16|^10|^127|^0/&&$3~/.{1,3}\..{1,3}\..{1,3}\..{1,3}/) print $3}')
sed -i "s/YOUR_IPADDR/$(ifconfig | awk -F'[ ]+|:' '/inet/{if($3!~/^192.168|^172.16|^10|^127|^0/&&$3~/.{1,3}\..{1,3}\..{1,3}\..{1,3}/) print $3}')/g" /etc/ipsec.conf
sed -i "s/YOUR_IPADDR/$(ifconfig | awk -F'[ ]+|:' '/inet/{if($3!~/^192.168|^172.16|^10|^127|^0/&&$3~/.{1,3}\..{1,3}\..{1,3}\..{1,3}/) print $3}')/g" /etc/ipsec.secrets
echo "+++++++++++++++++++++++++++"
echo 1 > /proc/sys/net/ipv4/ip_forward
for each in /proc/sys/net/ipv4/conf/*
do
done
#cp -rf /etc/sysctl.conf /etc/sysctl.conf.bak
#echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
#sysctl -p
systemctl restart ipsec.service
ipsec verify
# tail -f /var/log/secure
wget -c http://dl.fedoraproject.org/pub/epel/testing/7/x86_64/x/xl2tpd-1.3.6-7.el7.x86_64.rpm
yum install -y xl2tpd-1.3.6-7.el7.x86_64.rpm
mv /etc/xl2tpd/xl2tpd.conf /etc/xl2tpd/xl2tpd.conf.bak
cat >> /etc/xl2tpd/xl2tpd.conf << EOF
[global]
[lns default]
ip range = 192.168.1.128-192.168.1.254
local ip = 192.168.1.99
require chap = yes
refuse pap = yes
require authentication = yes
name = LinuxVPNserver
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
EOF
yum -y install ppp
mv /etc/ppp/options.xl2tpd /etc/ppp/options.xl2tpd.bak
cat >> /etc/ppp/options.xl2tpd << EOF
ipcp-accept-local
ipcp-accept-remote
ms-dns
ms-dns
noccp
auth
crtscts
idle 1800
mtu 1410
mru 1410
nodefaultroute
debug
lock
proxyarp
connect-delay 5000
EOF
mv /etc/ppp/chap-secrets /etc/ppp/chap-secrets.bak
cat >> /etc/ppp/chap-secrets << EOF
# Secrets for authentication using CHAP
# client
vpn l2tpd 123456 *
EOF
cat >> /etc/rc.d/rc.local <<EOF
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
for each in /proc/sys/net/ipv4/conf/*
do
done
systemctl restart ipsec.service
ps -ef | grep 'xl2tpd' || /usr/sbin/xl2tpd
EOF
chmod +x /etc/rc.d/rc.local
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
/usr/sbin/xl2tpd
echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
echo "Success! And the VPN account is:"
echo "Method:L2TP"
echo "User:vpn"
echo "Password:123456"
echo "PSK:www.so-love.com"
echo "If you want modify, with vim tool at /etc/ppp/chap-secrets"
echo "Good luck!"
(责任编辑:IT) |