Linux && ubuntu 一键安装PPTP VPN
一,CentOS 6.x
#!/bin/bash -x # # drewsymo/VPN # # Installs a PPTP VPN-only system for CentOS # # @package VPN 2.0 # @since VPN 1.0 # @author Drew Morris # ( VPN_IP=`curl ipv4.icanhazip.com>/dev/null 2>&1` VPN_USER="USERNAME" VPN_PASS="USERPASSWD" VPN_LOCAL="192.168.8.1" VPN_REMOTE="192.168.8.151-200" yum -y groupinstall "Development Tools" rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm yum -y install policycoreutils policycoreutils yum -y install ppp pptpd yum -y update mknod /dev/ppp c 108 0 echo "mknod /dev/ppp c 108 0" >> /etc/rc.local echo "1" > /proc/sys/net/ipv4/ip_forward sed -i ‘s/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g‘ /etc/sysctl.conf sysctl -p /etc/sysctl.conf echo "localip $VPN_LOCAL" >> /etc/pptpd.conf # Local IP address of your VPN server echo "remoteip $VPN_REMOTE" >> /etc/pptpd.conf # Scope for your home network echo "ms-dns 8.8.8.8" >> /etc/ppp/options.pptpd # Google DNS Primary echo "ms-dns 209.244.0.3" >> /etc/ppp/options.pptpd # Level3 Primary echo "ms-dns 208.67.222.222" >> /etc/ppp/options.pptpd # OpenDNS Primary echo "$VPN_USER pptpd $VPN_PASS *" >> /etc/ppp/chap-secrets service iptables start echo "iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE" >> /etc/rc.local iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -t nat -A POSTROUTING -s 192.168.8.0/24 -j SNAT --to-source `ifconfig | grep ‘inet addr:‘| grep -v ‘127.0.0.1‘ | cut -d: -f2 | awk ‘NR==1 { print $1}‘` iptables -A FORWARD -p tcp --syn -s 192.168.8.0/24 -j TCPMSS --set-mss 1356 service iptables save service iptables restart service pptpd restart chkconfig pptpd on echo -e ‘\E[37;44m‘"\033[1m Installation Log: /var/log/vpn-installer.log \033[0m" echo -e ‘\E[37;44m‘"\033[1m You can now connect to your VPN via your external IP ($VPN_IP)\033[0m" echo -e ‘\E[37;44m‘"\033[1m Username: $VPN_USER\033[0m" echo -e ‘\E[37;44m‘"\033[1m Password: $VPN_PASS\033[0m" ) 2>&1 | tee /var/log/vpn-installer.log
备注,转发规则,如果你的服务器是云主机,
iptables -t nat -A POSTROUTING -s 192.168.8.0/24 -j SNAT --to-source `ifconfig | grep ‘inet addr:‘| grep -v ‘127.0.0.1‘ | cut -d: -f2 | awk ‘NR==1 { print $1}‘`
这个取值并不是你的外网ip,请直接填写即可。like this
iptables -t nat -A POSTROUTING -s 192.168.8.0/24 -j SNAT --to-source 23.91.98.xx
二,ubuntu 12.xx
#!/bin/bash PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin export PATH clear CUR_DIR=$(pwd) if [ $(id -u) != "0" ]; then printf "Error: You must be root to run this script!" exit 1 fi echo "#############################################################" echo "# PPTP VPN Auto Install" echo "# Env: Debian/Ubuntu" echo "# Created by zombie on 2015.03.23" echo "# Version: 1.0" echo "#############################################################" echo "" apt-get -y update apt-get -y install pptpd cat >>/etc/pptpd.conf<<EOF localip 10.10.10.1 remoteip 10.10.10.2-254 EOF cp /etc/ppp/pptpd-options /etc/ppp/pptpd-options.old cat >/etc/ppp/pptpd-options<<EOF name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 ms-dns 8.8.8.8 ms-dns 8.8.4.4 ms-dns 209.244.0.3 ms-dns 208.67.222.222 proxyarp debug dump lock nobsdcomp novj novjccomp logfile /var/log/pptpd.log EOF cat >>/etc/ppp/chap-secrets<<EOF user * pwd * EOF sed -i ‘s/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g‘ /etc/sysctl.conf sysctl -p iptables-save > /etc/iptables.down.rules iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 1723 -j ACCEPT iptables -A OUTPUT -p tcp --dport 1723 -j ACCEPT iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -j MASQUERADE iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -j SNAT --to-source `ifconfig | grep ‘inet addr:‘| grep -v ‘127.0.0.1‘ | cut -d: -f2 | awk ‘NR==1 { print $1}‘` #iptables -I FORWARD -p tcp --syn -i ppp+ -j TCPMSS --set-mss 1356 iptables -A FORWARD -s 10.0.0.0/8 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS --set-mss 1356 iptables-save > /etc/iptables.up.rules cat >>/etc/ppp/pptpd-options<<EOF pre-up iptables-restore < /etc/iptables.up.rules post-down iptables-restore < /etc/iptables.down.rules EOF /etc/init.d/pptpd restart
备注,如果出现619等报错,排除防火墙规则已开启相应端口的情况下,请查看/etc/ppp/pptpd-options
将 pre-up,post-down,开头字样的段落注释掉即可。
本文出自 “静如夜风” 博客,请务必保留此出处http://siliotto.blog.51cto.com/8887165/1623735
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。