SSH PPP VPN: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
(Die Seite wurde neu angelegt: „cat /usr/local/sbin/vpn-pppd #!/bin/sh #SERVER_HOSTNAME=" gaius -p 22" SERVER_HOSTNAME=" 80.153.192.133 -p 7322" LOCAL_NET=192.168.240.0/20 REMOTE_NET=192.168.150…“)
 
Zeile 1: Zeile 1:
cat /usr/local/sbin/vpn-pppd
+
cat /usr/local/sbin/vpn-pppd
#!/bin/sh
+
#!/bin/sh
#SERVER_HOSTNAME=" gaius -p 22"
+
#SERVER_HOSTNAME=" gaius -p 22"
SERVER_HOSTNAME=" 80.153.192.133 -p 7322"
+
SERVER_HOSTNAME=" 80.153.192.133 -p 7322"
LOCAL_NET=192.168.240.0/20
+
LOCAL_NET=192.168.240.0/20
REMOTE_NET=192.168.150.0/24
+
REMOTE_NET=192.168.150.0/24
SERVER_USERNAME=root
+
SERVER_USERNAME=root
########
+
########
SERVER_IFIPADDR=172.29.29.1
+
SERVER_IFIPADDR=172.29.29.1
CLIENT_IFIPADDR=172.29.29.3
+
CLIENT_IFIPADDR=172.29.29.3
LOCAL_SSH_OPTS="-P"
+
LOCAL_SSH_OPTS="-P"  
 +
 +
PATH=/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin/X11/:
  
PATH=/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin/X11/:
+
PPPD=/usr/sbin/pppd
 +
SSH=/usr/bin/ssh
 +
ROUTE=/sbin/route
 +
ADD_FORT="/sbin/sysctl  -w  net.ipv4.ip_forward=1"
 +
DEl_FORT="/sbin/sysctl  -w  net.ipv4.ip_forward=0"
 +
ADD_SNAT="/sbin/iptables -t nat -A POSTROUTING -s $LOCAL_NET -j MASQUERADE -o eth0"
 +
DEL_SNAT="/sbin/iptables -t nat -D POSTROUTING -s $LOCAL_NET -j MASQUERADE -o eth0"
 +
 +
if ! test -f $PPPD  ; then echo "can't find $PPPD";  exit 3; fi
 +
if ! test -f $SSH  ; then echo "can't find $SSH";  exit 4; fi
 +
 
 +
 +
case "$1" in
 +
  start)
 +
      echo -n "Starting vpn to $SERVER_HOSTNAME: "
 +
    ${PPPD} updetach noauth passive pty "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o Batchmode=yes ${PPPD} nodetach notty noauth" ipparam vpn ${CLIENT_IFIPADDR}:${SERVER_IFIPADDR}
 +
      ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ROUTE} add -net ${LOCAL_NET} gw ${CLIENT_IFIPADDR}
 +
      ${ROUTE} add -net ${REMOTE_NET} gw ${SERVER_IFIPADDR}
 +
      ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ADD_FORT} 
 +
      ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ADD_SNAT}
  
PPPD=/usr/sbin/pppd
+
    # echo "connected."
SSH=/usr/bin/ssh
+
    ;;
ROUTE=/sbin/route
+
ADD_FORT="/sbin/sysctl  -w  net.ipv4.ip_forward=1"
+
  stop)
DEl_FORT="/sbin/sysctl  -w  net.ipv4.ip_forward=0"
+
        # echo -n "Stopping vpn to $SERVER_HOSTNAME: "
ADD_SNAT="/sbin/iptables -t nat -A POSTROUTING -s $LOCAL_NET -j MASQUERADE -o eth0"
+
        ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${DEL_SNAT}
DEL_SNAT="/sbin/iptables -t nat -D POSTROUTING -s $LOCAL_NET -j MASQUERADE -o eth0"
+
        PID=`ps ax | grep "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o" | grep -v ' passive ' | grep -v 'grep ' | awk '{print $1}'`
 +
        if [ "${PID}" != "" ]; then
 +
          kill $PID
 +
          echo "disconnected."
 +
        else
 +
          echo "Failed to find PID for the connection"
 +
        fi
 +
    ;;
  
if ! test -f $PPPD  ; then echo "can't find $PPPD";  exit 3; fi
+
  config)
if ! test -f $SSH  ; then echo "can't find $SSH";   exit 4; fi
+
    echo "SERVER_HOSTNAME=$SERVER_HOSTNAME"
 +
    echo "SERVER_USERNAME=$SERVER_USERNAME"
 +
    echo "SERVER_IFIPADDR=$SERVER_IFIPADDR"
 +
    echo "CLIENT_IFIPADDR=$CLIENT_IFIPADDR"
 +
  ;;
  
 +
  *)
 +
    echo "Usage: vpn {start|stop|config}"
 +
    exit 1
 +
    ;;
 +
esac
  
case "$1" in
+
  exit 0
  start)
 
    echo -n "Starting vpn to $SERVER_HOSTNAME: "
 
    ${PPPD} updetach noauth passive pty "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o Batchmode=yes ${PPPD} nodetach notty noauth" ipparam vpn ${CLIENT_IFIPADDR}:${SERVER_IFIPADDR}
 
    ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ROUTE} add -net ${LOCAL_NET} gw ${CLIENT_IFIPADDR}
 
    ${ROUTE} add -net ${REMOTE_NET} gw ${SERVER_IFIPADDR}
 
    ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ADD_FORT}  
 
    ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ADD_SNAT}
 
 
 
    # echo "connected."
 
    ;;
 
 
 
  stop)
 
        # echo -n "Stopping vpn to $SERVER_HOSTNAME: "
 
        ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${DEL_SNAT}
 
        PID=`ps ax | grep "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o" | grep -v ' passive ' | grep -v 'grep ' | awk '{print $1}'`
 
        if [ "${PID}" != "" ]; then
 
          kill $PID
 
          echo "disconnected."
 
        else
 
          echo "Failed to find PID for the connection"
 
        fi
 
    ;;
 
 
 
  config)
 
    echo "SERVER_HOSTNAME=$SERVER_HOSTNAME"
 
    echo "SERVER_USERNAME=$SERVER_USERNAME"
 
    echo "SERVER_IFIPADDR=$SERVER_IFIPADDR"
 
    echo "CLIENT_IFIPADDR=$CLIENT_IFIPADDR"
 
  ;;
 
 
 
  *)
 
    echo "Usage: vpn {start|stop|config}"
 
    exit 1
 
    ;;
 
esac
 
 
 
exit 0
 

Version vom 25. November 2013, 14:16 Uhr

cat /usr/local/sbin/vpn-pppd
#!/bin/sh
#SERVER_HOSTNAME=" gaius -p 22"
SERVER_HOSTNAME=" 80.153.192.133 -p 7322"
LOCAL_NET=192.168.240.0/20
REMOTE_NET=192.168.150.0/24
SERVER_USERNAME=root
########
SERVER_IFIPADDR=172.29.29.1
CLIENT_IFIPADDR=172.29.29.3
LOCAL_SSH_OPTS="-P" 

PATH=/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin/X11/: 

PPPD=/usr/sbin/pppd
SSH=/usr/bin/ssh
ROUTE=/sbin/route
ADD_FORT="/sbin/sysctl  -w  net.ipv4.ip_forward=1"
DEl_FORT="/sbin/sysctl  -w  net.ipv4.ip_forward=0"
ADD_SNAT="/sbin/iptables -t nat -A POSTROUTING -s $LOCAL_NET -j MASQUERADE -o eth0"
DEL_SNAT="/sbin/iptables -t nat -D POSTROUTING -s $LOCAL_NET -j MASQUERADE -o eth0"

if ! test -f $PPPD  ; then echo "can't find $PPPD";  exit 3; fi
if ! test -f $SSH   ; then echo "can't find $SSH";   exit 4; fi
  

case "$1" in
  start)
     echo -n "Starting vpn to $SERVER_HOSTNAME: "
    ${PPPD} updetach noauth passive pty "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o Batchmode=yes ${PPPD} nodetach notty noauth" ipparam vpn ${CLIENT_IFIPADDR}:${SERVER_IFIPADDR}
     ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ROUTE} add -net ${LOCAL_NET} gw ${CLIENT_IFIPADDR}
     ${ROUTE} add -net ${REMOTE_NET} gw ${SERVER_IFIPADDR}
     ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ADD_FORT}  
     ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ADD_SNAT} 

    # echo "connected."
    ;;

  stop)
        # echo -n "Stopping vpn to $SERVER_HOSTNAME: "
        ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${DEL_SNAT}
        PID=`ps ax | grep "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o" | grep -v ' passive ' | grep -v 'grep ' | awk '{print $1}'`
        if [ "${PID}" != "" ]; then
          kill $PID
          echo "disconnected."
        else
          echo "Failed to find PID for the connection"
        fi
    ;;

  config)
    echo "SERVER_HOSTNAME=$SERVER_HOSTNAME"
    echo "SERVER_USERNAME=$SERVER_USERNAME"
    echo "SERVER_IFIPADDR=$SERVER_IFIPADDR"
    echo "CLIENT_IFIPADDR=$CLIENT_IFIPADDR"
  ;;

  *)
    echo "Usage: vpn {start|stop|config}"
    exit 1
    ;;
esac

exit 0
Abgerufen von „http://wiki.ixheim.de/index.php?title=SSH_PPP_VPN&oldid=3777