SSH PPP VPN: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Zeile 1: Zeile 1:
cat /usr/local/sbin/vpn-pppd
 
 
  #!/bin/sh
 
  #!/bin/sh
#SERVER_HOSTNAME=" gaius -p 22"
+
#SERVER_HOSTNAME=" gaius -p 22"
  SERVER_HOSTNAME=" 80.153.192.133 -p 7322"
+
test $# -ne 4 && ( echo $0 'start|stop PORT IP NETRANGE' ; exit 1 )
LOCAL_NET=192.168.240.0/20
+
 
REMOTE_NET=192.168.150.0/24
+
SERVER_HOSTNAME=" $3 -p $2"
SERVER_USERNAME=root
+
LOCAL_NET=192.168.240.0/20
########
+
REMOTE_NET="$4"
SERVER_IFIPADDR=172.29.29.1
+
SERVER_USERNAME=root
CLIENT_IFIPADDR=172.29.29.3
+
########
LOCAL_SSH_OPTS="-P"  
+
SERVER_IFIPADDR=172.29.29.1
+
CLIENT_IFIPADDR=172.29.29.3
PATH=/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin/X11/:  
+
LOCAL_SSH_OPTS="-P"
+
 
PPPD=/usr/sbin/pppd
+
PATH=/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin/X11/:
SSH=/usr/bin/ssh
+
 
ROUTE=/sbin/route
+
PPPD=/usr/sbin/pppd
ADD_FORT="/sbin/sysctl  -w  net.ipv4.ip_forward=1"
+
SSH=/usr/bin/ssh
DEl_FORT="/sbin/sysctl  -w  net.ipv4.ip_forward=0"
+
ROUTE=/sbin/route
ADD_SNAT="/sbin/iptables -t nat -A POSTROUTING -s $LOCAL_NET -j MASQUERADE -o eth0"
+
ADD_FORT="/sbin/sysctl  -w  net.ipv4.ip_forward=1"
DEL_SNAT="/sbin/iptables -t nat -D POSTROUTING -s $LOCAL_NET -j MASQUERADE -o eth0"
+
DEl_FORT="/sbin/sysctl  -w  net.ipv4.ip_forward=0"
+
ADD_SNAT="/sbin/iptables -t nat -A POSTROUTING -s $LOCAL_NET -j MASQUERADE -o eth0"
if ! test -f $PPPD  ; then echo "can't find $PPPD";  exit 3; fi
+
DEL_SNAT="/sbin/iptables -t nat -D POSTROUTING -s $LOCAL_NET -j MASQUERADE -o eth0"
if ! test -f $SSH  ; then echo "can't find $SSH";  exit 4; fi
+
 
 
+
if ! test -f $PPPD  ; then echo "can't find $PPPD";  exit 3; fi
+
if ! test -f $SSH  ; then echo "can't find $SSH";  exit 4; fi
case "$1" in
+
 
  start)
+
 
      echo -n "Starting vpn to $SERVER_HOSTNAME: "
+
case "$1" in
    ${PPPD} updetach noauth passive pty "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o Batchmode=yes ${PPPD} nodetach notty noauth" ipparam vpn ${CLIENT_IFIPADDR}:${SERVER_IFIPADDR}
+
  start)
      ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ROUTE} add -net ${LOCAL_NET} gw ${CLIENT_IFIPADDR}
+
    echo -n "Starting vpn to $SERVER_HOSTNAME: "
      ${ROUTE} add -net ${REMOTE_NET} gw ${SERVER_IFIPADDR}
+
    ${PPPD} updetach noauth passive pty "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o Batchmode=yes ${PPPD} nodetach notty noauth" ipparam vpn ${CLIENT_IFIPADDR}:${SERVER_IFIPADDR}
      ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ADD_FORT}
+
    ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ROUTE} add -net ${LOCAL_NET} gw ${CLIENT_IFIPADDR}
      ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ADD_SNAT}  
+
    ${ROUTE} add -net ${REMOTE_NET} gw ${SERVER_IFIPADDR}
+
    ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ADD_FORT}
    # echo "connected."
+
    ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ADD_SNAT}
    ;;
+
 
+
    # echo "connected."
  stop)
+
    ;;
        # echo -n "Stopping vpn to $SERVER_HOSTNAME: "
+
 
        ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${DEL_SNAT}
+
  stop)
        PID=`ps ax | grep "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o" | grep -v ' passive ' | grep -v 'grep ' | awk '{print $1}'`
+
        # echo -n "Stopping vpn to $SERVER_HOSTNAME: "
        if [ "${PID}" != "" ]; then
+
        ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${DEL_SNAT}
          kill $PID
+
        PID=`ps ax | grep "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o" | grep -v ' passive ' | grep -v 'grep ' | awk '{print $1}'`
          echo "disconnected."
+
        if [ "${PID}" != "" ]; then
        else
+
          kill $PID
          echo "Failed to find PID for the connection"
+
          echo "disconnected."
        fi
+
        else
    ;;
+
          echo "Failed to find PID for the connection"
+
        fi
  config)
+
    ;;
    echo "SERVER_HOSTNAME=$SERVER_HOSTNAME"
+
 
    echo "SERVER_USERNAME=$SERVER_USERNAME"
+
  config)
    echo "SERVER_IFIPADDR=$SERVER_IFIPADDR"
+
    echo "SERVER_HOSTNAME=$SERVER_HOSTNAME"
    echo "CLIENT_IFIPADDR=$CLIENT_IFIPADDR"
+
    echo "SERVER_USERNAME=$SERVER_USERNAME"
  ;;
+
    echo "SERVER_IFIPADDR=$SERVER_IFIPADDR"
+
    echo "CLIENT_IFIPADDR=$CLIENT_IFIPADDR"
  *)
+
  ;;
    echo "Usage: vpn {start|stop|config}"
 
      exit 1
 
      ;;
 
esac
 
 
exit 0
 

Version vom 26. November 2013, 16:13 Uhr

#!/bin/sh
  1. SERVER_HOSTNAME=" gaius -p 22"

test $# -ne 4 && ( echo $0 'start|stop PORT IP NETRANGE' ; exit 1 )

SERVER_HOSTNAME=" $3 -p $2" LOCAL_NET=192.168.240.0/20 REMOTE_NET="$4" SERVER_USERNAME=root

SERVER_IFIPADDR=172.29.29.1 CLIENT_IFIPADDR=172.29.29.3 LOCAL_SSH_OPTS="-P"

PATH=/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin/X11/:

PPPD=/usr/sbin/pppd SSH=/usr/bin/ssh ROUTE=/sbin/route ADD_FORT="/sbin/sysctl -w net.ipv4.ip_forward=1" DEl_FORT="/sbin/sysctl -w net.ipv4.ip_forward=0" ADD_SNAT="/sbin/iptables -t nat -A POSTROUTING -s $LOCAL_NET -j MASQUERADE -o eth0" DEL_SNAT="/sbin/iptables -t nat -D POSTROUTING -s $LOCAL_NET -j MASQUERADE -o eth0"

if ! test -f $PPPD ; then echo "can't find $PPPD"; exit 3; fi if ! test -f $SSH ; then echo "can't find $SSH"; exit 4; fi


case "$1" in 

 start)
    echo -n "Starting vpn to $SERVER_HOSTNAME: "
   ${PPPD} updetach noauth passive pty "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o Batchmode=yes ${PPPD} nodetach notty noauth" ipparam vpn ${CLIENT_IFIPADDR}:${SERVER_IFIPADDR}
    ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ROUTE} add -net ${LOCAL_NET} gw ${CLIENT_IFIPADDR}
    ${ROUTE} add -net ${REMOTE_NET} gw ${SERVER_IFIPADDR}
    ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ADD_FORT}
    ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${ADD_SNAT}

   # echo "connected."
   ;;

 stop)
       # echo -n "Stopping vpn to $SERVER_HOSTNAME: "
       ${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} ${DEL_SNAT}
       PID=`ps ax | grep "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o" | grep -v ' passive ' | grep -v 'grep ' | awk '{print $1}'`
       if [ "${PID}" != "" ]; then
         kill $PID
         echo "disconnected."
       else
         echo "Failed to find PID for the connection"
       fi
   ;;

 config)
   echo "SERVER_HOSTNAME=$SERVER_HOSTNAME"
   echo "SERVER_USERNAME=$SERVER_USERNAME"
   echo "SERVER_IFIPADDR=$SERVER_IFIPADDR"
   echo "CLIENT_IFIPADDR=$CLIENT_IFIPADDR"
 ;;
Abgerufen von „http://wiki.ixheim.de/index.php?title=SSH_PPP_VPN&oldid=3852