Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

edit

  • Loading branch information...
commit 125d7369a494bc79c283b28d1343662e1baf3e47 1 parent b91f003
@Tassandar authored
Showing with 63 additions and 59 deletions.
  1. +63 −59 openvpn-ipv6.sh
View
122 openvpn-ipv6.sh 100644 → 100755
@@ -5,19 +5,19 @@ ip=`ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ pr
ipv6=`ifconfig |grep "inet6 addr"| cut -d " " -f13 | cut -d/ -f1| head -n 1`
apt-get install build-essential libssl-dev git-core
-
+addgroup nobody
cd /tmp
wget http://www.oberhumer.com/opensource/lzo/download/lzo-2.04.tar.gz
tar zxf lzo-2.04.tar.gz
cd lzo-2.04 && ./configure && make && make install
cd ..
-git clone git@github.com:Tassandar/Openvpn-ipv6-patched.git
+git clone https://Tassandar@github.com/Tassandar/Openvpn-ipv6-patched.git
cd ./Openvpn-ipv6-patched && ./configure && make && make install
-cd .. && cp -r ./openvpn-2.1.1/easy-rsa/ -r /etc/openvpn
-cd /etc/openvpn/easy-rsa/2.0/
+cp -r ./easy-rsa/* -r /etc/openvpn
+cd /etc/openvpn/2.0/
chmod +rwx *
-. ../vars
+. ./vars
./clean-all
source ./vars
@@ -29,22 +29,20 @@ echo "Wouldn't recommend setting a password here"
echo "Then you'd have to type in the password each time openVPN starts/restarts"
echo "####################################"
./build-key-server server
-./build-dh
-
-cp keys/{ca.crt,ca.key,server.crt,server.key,dh1024.pem} /etc/openvpn/
-
clear
echo "####################################"
echo "Feel free to accept default values"
echo "This is your client key, you may set a password here but it's not required"
echo "####################################"
-./build-key client1
+./build-key client1
+
+./build-dh
client="
client
-remote $ip 1194
+remote $ip 8888
dev tun
proto udp
resolv-retry infinite
@@ -61,7 +59,7 @@ mute 20"
client6="
client
-remote $ipv6 1196
+remote $ipv6 9999
dev tun
proto udp6
resolv-retry infinite
@@ -69,75 +67,81 @@ persist-key
persist-tun
comp-lzo
ca ca.crt
-cert client1-ipv6.crt
-key client1-ipv6.key
+cert client1.crt
+key client1.key
dhcp-option DNS 10.3.1.1
verb 3
mute 20"
-./build-key client1-ipv6
-
cd keys/
echo "$client" > $HOSTNAME.ovpn
echo "$client6" > $HOSTNAME.ipv6.ovpn
-tar czf keys.tgz ca.crt ca.key client1.crt client1.csr client1.key client1-ipv6.crt client1-ipv6.csr client1-ipv6.key $HOSTNAME.ovpn
+cp ./{ca.crt,ca.key,server*.crt,server*.key,dh1024.pem} /etc/openvpn/
+tar czf keys.tgz ca.crt ca.key client*.crt client*.csr client*.key $HOSTNAME*.ovpn
+mv keys.tgz /root/
-mv keys.tgz /tmp/
+mkdir /etc/openvpn/2.0/conf
-opvpn4='
-dev tun
-port 1194
+opvpn4="local $ip
+port 8888
proto udp
+dev tun
+ca /etc/openvpn/2.0/keys/ca.crt
+cert /etc/openvpn/2.0/keys/server.crt
+key /etc/openvpn/2.0/keys/server.key # This file should be kept secret
+dh /etc/openvpn/2.0/keys/dh1024.pem
server 10.3.0.0 255.255.255.0
-ifconfig-pool-persist ipp.txt
-ca ca.crt
-cert server.crt
-key server.key
-dh dh1024.pem
-push "route 10.3.0.0 255.255.255.0"
-push "dhcp-option DNS 10.3.0.1"
-push "dhcp-option DNS 8.8.8.8"
-push "dhcp-option DNS 8.8.4.4"
-push "redirect-gateway"
+ifconfig-pool-persist /etc/openvpn/ipp-udp.txt
+push \"redirect-gateway def1 bypass-dhcp\"
+push \"dhcp-option DNS 10.3.0.1\"
+push \"dhcp-option DNS 8.8.8.8\"
+push \"dhcp-option DNS 8.8.4.4\"
+keepalive 10 120
+cipher AES-128-CBC # AES
comp-lzo
-keepalive 10 60
-ping-timer-rem
-persist-tun
-persist-key
+;max-clients 100
user nobody
group nobody
+persist-key
+persist-tun
+status openvpn-status-udp.log
+log /etc/openvpn/openvpn-udp.log
+;log-append openvpn.log
verb 3
-daemon'
+"
-opvpn6='
-dev tun
-port 1196
+opvpn6="local $ipv6
+port 9999
proto udp6
+dev tun
+ca /etc/openvpn/2.0/keys/ca.crt
+cert /etc/openvpn/2.0/keys/server.crt
+key /etc/openvpn/2.0/keys/server.key # This file should be kept secret
+dh /etc/openvpn/2.0/keys/dh1024.pem
server 10.3.1.0 255.255.255.0
-ifconfig-pool-persist ipp6.txt
-ca ca.crt
-cert server.crt
-key server.key
-dh dh1024.pem
-push "route 10.3.1.0 255.255.255.0"
-push "dhcp-option DNS 10.3.1.1"
-push "dhcp-option DNS 8.8.8.8"
-push "dhcp-option DNS 8.8.4.4"
-push "redirect-gateway"
+ifconfig-pool-persist /etc/ipp-udp6.txt
+push \"redirect-gateway def1 bypass-dhcp\"
+push \"dhcp-option DNS 10.3.1.1\"
+push \"dhcp-option DNS 8.8.8.8\"
+push \"dhcp-option DNS 8.8.4.4\"
+keepalive 10 120
+cipher AES-128-CBC # AES
comp-lzo
-keepalive 10 60
-ping-timer-rem
-persist-tun
-persist-key
+;max-clients 100
user nobody
group nobody
+persist-key
+persist-tun
+status /var/log/openvpn-status-udp6.log
+log /etc/openvpn/openvpn-udp6.log
+;log-append openvpn.log
verb 3
-daemon'
+"
-echo "$opvpn4" > /etc/openvpn/openvpn.conf
-echo "$opvpn4" > /etc/openvpn/openvpn6.conf
+echo "$opvpn4" > /etc/openvpn/2.0/conf/openvpn.conf
+echo "$opvpn6" > /etc/openvpn/2.0/conf/openvpn6.conf
sysctl -w net.ipv4.ip_forward=1
@@ -145,11 +149,11 @@ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.3.0.0/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.3.1.0/24 -o eth0 -j MASQUERADE
-service iptables save
-service iptables restart
+openvpn --config /etc/openvpn/2.0/conf/server-udp.conf --daemon &
+openvpn --config /etc/openvpn/2.0/conf/server-udp6.conf --deamon &
echo "OpenVPN has been installed
-Download /tmp/keys.tgz using winscp or other sftp/scp client such as filezilla
+Download /root/keys.tgz using winscp or other sftp/scp client such as filezilla"
Please sign in to comment.
Something went wrong with that request. Please try again.