College of Information Technology and Computer Studies

Would you like to react to this message? Create an account in a few clicks or log in to continue.

3 posters

    OpenVPN VZ VPS Bash Script for CentOS

    Admin
    Admin
    Newbie
    Newbie


    Posts : 70
    Join date : 2012-10-19

    OpenVPN VZ VPS Bash Script for CentOS Empty OpenVPN VZ VPS Bash Script for CentOS

    Post by Admin Wed Nov 07, 2012 3:37 pm


    Kayo na bahala mag isip dito at panu mapagana sa XP.,NO SPOON FEEDING

    #!/bin/bash
    #

    echo "############################################# ###"
    echo "Should work on various rpm-based Linux distos."
    echo "Tested on CentOS ditros version 5 to 5.5"
    echo
    echo "Make sure to message your provider and have them enable"
    echo "TUN, PPP, IPtables, and NAT modules prior to setting up OpenVPN."
    echo
    echo "You need to set up the server before creating more client keys."
    echo "A separate client keyset is required per connection or machine."
    echo "When creating certificated you can put \".\" to skip a field for all fields"
    echo "except for \"Common Name\" and password fields."
    echo "############################################# ###"
    echo
    echo
    echo "############################################# ###"
    echo "Select on option:"
    echo "1) Set up new OpenVPN server AND create one client"
    echo "2) Create additional clients"
    echo "############################################# ###"
    read x
    if test $x -eq 1; then
    echo "Specify server port number that you want the server to use (eg. 54):"
    read p
    echo "Enter client username that you want to create (eg. client1):"
    read c

    # get the venet0:0 IP
    ip=`grep IPADDR /etc/sysconfig/network-scripts/ifcfg-venet0:0 | awk -F= '{print $2}'`

    echo
    echo
    echo "############################################# ###"
    echo "Downloading OpenVPN 2.0.9 and LZO compression library"
    echo "############################################# ###"
    mkdir /etc/ovpn_install
    cd /etc/ovpn_install
    wget [You must be registered and logged in to see this link.]
    wget [You must be registered and logged in to see this link.]

    echo
    echo
    echo "############################################# ###"
    echo "Downloading and Installing Dependencies"
    echo "############################################# ###"
    yum -y install rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel make gcc

    echo
    echo
    echo "############################################# ###"
    echo "Building From Source"
    echo "############################################# ###"
    rpmbuild --rebuild lzo-1.08-4.rf.src.rpm
    rpm -Uvh /usr/src/redhat/RPMS/i386/lzo-*.rpm
    rpmbuild -tb openvpn-2.0.9.tar.gz
    rpm -Uvh /usr/src/redhat/RPMS/i386/openvpn-2.0.9-1.i386.rpm

    echo
    echo
    echo "############################################# ###"
    echo "Creating Server Config"
    echo "\"Common Name\" must be filled."
    echo "Please insert : server"
    echo "############################################# ###"
    cp -r /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/

    # creating server.conf file
    echo "local $ip" > /etc/openvpn/server.conf
    echo "port $p" >> /etc/openvpn/server.conf
    echo "proto udp" >> /etc/openvpn/server.conf
    echo "dev tun" >> /etc/openvpn/server.conf
    echo "ca /etc/openvpn/keys/ca.crt" >> /etc/openvpn/server.conf
    echo "cert /etc/openvpn/keys/server.crt" >> /etc/openvpn/server.conf
    echo "key /etc/openvpn/keys/server.key" >> /etc/openvpn/server.conf
    echo "dh /etc/openvpn/keys/dh1024.pem" >> /etc/openvpn/server.conf
    echo "server 10.9.0.0 255.255.255.0" >> /etc/openvpn/server.conf
    echo "ifconfig-pool-persist ipp.txt" >> /etc/openvpn/server.conf
    echo "push \"redirect-gateway def1\" " >> /etc/openvpn/server.conf
    echo "push \"dhcp-option DNS 8.8.8.8\" " >> /etc/openvpn/server.conf
    echo "push \"dhcp-option DNS 8.8.4.4\" " >> /etc/openvpn/server.conf
    echo "keepalive 5 30" >> /etc/openvpn/server.conf
    echo "comp-lzo" >> /etc/openvpn/server.conf
    echo "persist-key" >> /etc/openvpn/server.conf
    echo "persist-tun" >> /etc/openvpn/server.conf
    echo "status server-tcp.log" >> /etc/openvpn/server.conf
    echo "verb 3" >> /etc/openvpn/server.conf

    cd /etc/openvpn/easy-rsa/2.0/
    source ./vars
    ./vars
    ./clean-all

    echo
    echo
    echo "############################################# ###"
    echo "Building Certifcate Authority"
    echo "\"Common Name\" must be filled."
    echo "############################################# ###"
    ./build-ca

    echo
    echo
    echo "############################################# ###"
    echo "Building Server Certificate"
    echo "\"Common Name\" must be filled."
    echo "Please insert : server"
    echo "############################################# ###"
    ./build-key-server server
    ./build-dh

    cp /etc/openvpn/easy-rsa/2.0/keys /etc/openvpn/keys -R

    echo
    echo
    echo "############################################# ###"
    echo "Starting Server"
    echo "############################################# ###"
    service openvpn start

    echo
    echo
    echo "############################################# ###"
    echo "Forwarding IPv4 and Enabling It On-boot"
    echo "############################################# ###"
    echo 1 > /proc/sys/net/ipv4/ip_forward
    # saves ipv4 forwarding and and enables it on-boot
    sed -e 's/\(net.ipv4.ip_forward =\) 0/\1 1/g' /etc/sysctl.conf > /etc/tempsysclt
    cat /etc/tempsysclt > /etc/sysctl.conf
    rm -f /etc/tempsysclt

    echo
    echo
    echo "############################################# ###"
    echo "Updating IPtables Routing and Enabling It On-boot"
    echo "############################################# ###"
    tunip=`/sbin/ifconfig tun0 | grep 'inet addr:' | cut -d: -f2| cut -d' ' -f1`
    iptables -t nat -A POSTROUTING -s $tunip/24 -j SNAT --to $ip
    # saves iptables routing rules and enables them on-boot
    /sbin/service iptables save
    chkconfig iptables on

    echo
    echo
    echo "############################################# ###"
    echo "Building certificate for client $c"
    echo "\"Common Name\" must be filled."
    echo "Please insert like same cert : $c"
    echo "############################################# ###"
    ./build-key $c

    echo "client " > /etc/openvpn/keys/$c.ovpn
    echo "dev tun " >> /etc/openvpn/keys/$c.ovpn
    echo "proto udp " >> /etc/openvpn/keys/$c.ovpn
    echo "remote $ip $p " >> /etc/openvpn/keys/$c.ovpn
    echo "resolv-retry infinite " >> /etc/openvpn/keys/$c.ovpn
    echo "nobind " >> /etc/openvpn/keys/$c.ovpn
    echo "persist-key " >> /etc/openvpn/keys/$c.ovpn
    echo "persist-tun " >> /etc/openvpn/keys/$c.ovpn
    echo "ca ca.crt " >> /etc/openvpn/keys/$c.ovpn
    echo "cert $c.crt " >> /etc/openvpn/keys/$c.ovpn
    echo "key $c.key " >> /etc/openvpn/keys/$c.ovpn
    echo "comp-lzo " >> /etc/openvpn/keys/$c.ovpn
    echo "verb 3 " >> /etc/openvpn/keys/$c.ovpn

    cp /etc/openvpn/easy-rsa/2.0/keys/$c.crt /etc/openvpn/keys
    cp /etc/openvpn/easy-rsa/2.0/keys/$c.key /etc/openvpn/keys

    cd /etc/openvpn/keys/
    tar czf clientkeys.tgz ca.crt $c.crt $c.key $c.ovpn

    echo
    echo
    echo "############################################# ###"
    echo "OpenVPN server successfully installed."
    echo "One client keyset for $c generated."
    echo "To connect:"
    echo "1) Download /etc/openvpn/keys/clientkeys.tgz using SCP client such as WinSCP."
    echo "2) Create a folder named VPN in C:\Program Files\OpenVPN\config directory"
    echo "3) Extract the contents of clientkeys.tgz to the VPN folder."
    echo "4) Start openvpn-gui, right click the tray icon and click Connect."
    echo
    echo "To generate additonal client keysets, run the script again with option #2."
    echo "############################################# ###"

    # runs this if option 2 is selected
    elif test $x -eq 2; then
    echo "Enter client username that you want to create (eg. client2):"
    read c

    ip=`grep IPADDR /etc/sysconfig/network-scripts/ifcfg-venet0:0 | awk -F= '{print $2}'`
    p=`grep -n 'port' /etc/openvpn/server.conf | cut -d' ' -f2`

    echo
    echo
    echo "############################################# ###"
    echo "Building certificate for client $c"
    echo "\"Common Name\" must be filled."
    echo "Please insert like same cert : $c"
    echo "############################################# ###"
    cd /etc/openvpn/easy-rsa/2.0
    source ./vars
    ./vars
    ./build-key $c

    echo "client " > /etc/openvpn/keys/$c.ovpn
    echo "dev tun " >> /etc/openvpn/keys/$c.ovpn
    echo "proto udp " >> /etc/openvpn/keys/$c.ovpn
    echo "remote $ip $p " >> /etc/openvpn/keys/$c.ovpn
    echo "resolv-retry infinite " >> /etc/openvpn/keys/$c.ovpn
    echo "nobind " >> /etc/openvpn/keys/$c.ovpn
    echo "persist-key " >> /etc/openvpn/keys/$c.ovpn
    echo "persist-tun " >> /etc/openvpn/keys/$c.ovpn
    echo "ca ca.crt " >> /etc/openvpn/keys/$c.ovpn
    echo "cert $c.crt " >> /etc/openvpn/keys/$c.ovpn
    echo "key $c.key " >> /etc/openvpn/keys/$c.ovpn
    echo "comp-lzo " >> /etc/openvpn/keys/$c.ovpn
    echo "verb 3 " >> /etc/openvpn/keys/$c.ovpn

    cp /etc/openvpn/easy-rsa/2.0/keys/$c.crt /etc/openvpn/keys
    cp /etc/openvpn/easy-rsa/2.0/keys/$c.key /etc/openvpn/keys

    cd /etc/openvpn/keys/
    tar czf clientkeys.tgz ca.crt $c.crt $c.key $c.ovpn

    echo
    echo
    echo "############################################# ###"
    echo "One client keyset for $c generated."
    echo "To connect:"
    echo "1) Download /etc/openvpn/keys/clientkeys.tgz using SCP client such as WinSCP."
    echo "2) Create a folder named VPN in C:\Program Files\OpenVPN\config directory "
    echo "3) Extract the contents of clientkeys.tgz to the VPN folder."
    echo "4) Start openvpn-gui, right click the tray icon and click Connect."
    echo "############################################# ###"

    else
    echo "Invalid selection, quitting."
    exit
    fi
    Co-Admin Kenneth
    Co-Admin Kenneth
    Level 1
    Level 1


    Posts : 206
    Join date : 2012-10-24
    Age : 30
    Location : Metro Manila, Muntinlupa

    OpenVPN VZ VPS Bash Script for CentOS Empty Re: OpenVPN VZ VPS Bash Script for CentOS

    Post by Co-Admin Kenneth Wed Nov 07, 2012 5:21 pm

    aun.... try ko yan,.... What a Face
    Seham
    Seham
    Newbie
    Newbie


    Posts : 97
    Join date : 2012-10-23
    Location : Unknown

    OpenVPN VZ VPS Bash Script for CentOS Empty Re: OpenVPN VZ VPS Bash Script for CentOS

    Post by Seham Wed Nov 07, 2012 7:04 pm

    lagay mu kay notapad then save mu s .cmd or .vbs gagana yan hehe Smile
    Co-Admin Kenneth
    Co-Admin Kenneth
    Level 1
    Level 1


    Posts : 206
    Join date : 2012-10-24
    Age : 30
    Location : Metro Manila, Muntinlupa

    OpenVPN VZ VPS Bash Script for CentOS Empty Re: OpenVPN VZ VPS Bash Script for CentOS

    Post by Co-Admin Kenneth Fri Nov 09, 2012 6:52 am

    ty mod..

    Sponsored content


    OpenVPN VZ VPS Bash Script for CentOS Empty Re: OpenVPN VZ VPS Bash Script for CentOS

    Post by Sponsored content


      Current date/time is Thu Mar 28, 2024 9:18 pm