(转载)一键安装pptpd服务
相关代码如下
#!/bin/bash
# Setup Simple PPTP VPN server for CentOS
# Copyright (C) 2015-2016 Danyl Zhang <1475811550@qq.com> and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#定义帮助信息函数
printhelp() {
echo "
Usage: ./CentOS-pptp-setup.sh [OPTION]
If you are using custom password , Make sure its more than 8 characters. Otherwise it will generate random password for you.
If you trying set password only. It will generate Default user with Random password.
example: ./CentOS-pptp-setup.sh -u myusr -p mypass
Use without parameter [ ./CentOS-pptp-setup.sh ] to use default username and Random password
-u, --username Enter the Username
-p, --password Enter the Password
"
}
#对输入信息进行判断
while [ "$1" != "" ]; do
case "$1" in
-u | --username ) NAME=$2; shift 2 ;;
-p | --password ) PASS=$2; shift 2 ;;
-h | --help ) echo "$(printhelp)"; exit; shift; break ;;
esac
done
# Check if user is root,脚本必须在root用户下执行
[ $(id -u) != "0" ] && { echo -e "\033[31mError: You must be root to run this script\033[0m"; exit 1; }
#定义路径,清空显示屏幕
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
clear
#如果没有curl,就下载它
[ ! -e '/usr/bin/curl' ] && yum -y install curl
#定义相关变量,下面要用到
VPN_IP=`curl ipv4.icanhazip.com` #通过curl这个地址,可以获取服务器的出口公网IP
VPN_LOCAL="192.168.2.1" #pptp服务器端IP,可以设置为服务器上绑定的任意一个IP地址
VPN_REMOTE="192.168.2.10-100" #客户端成功连接VPN后获取的IP地址范围(可以和pptp服务器在同一内网段内,但是建议不要设置和PPTP服务器内网一样的网段)
clear
#下面要下载一下安装包,在epel源中,需要先确认epel源的配置
if [ -f /etc/redhat-release -a -n "`grep ' 7\.' /etc/redhat-release`" ];then #判断系统是否为centos7
#CentOS_REL=7
if [ ! -e /etc/yum.repos.d/epel.repo ];then
cat > /etc/yum.repos.d/epel.repo << EOF
[epel]
name=Extra Packages for Enterprise Linux 7 - \$basearch
#baseurl=http://download.fedoraproject.org/pub/epel/7/\$basearch
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=\$basearch
failovermethod=priority
enabled=1
gpgcheck=0
EOF
fi
for Package in wget make openssl gcc-c++ ppp pptpd iptables iptables-services #下载指定安装包
do
yum -y install $Package
done
echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf #修改转发设置
elif [ -f /etc/redhat-release -a -n "`grep ' 6\.' /etc/redhat-release`" ];then #如果系统是centos6
#CentOS_REL=6
for Package in wget make openssl gcc-c++ iptables ppp
do
yum -y install $Package
done
sed -i 's@net.ipv4.ip_forward.*@net.ipv4.ip_forward = 1@g' /etc/sysctl.conf
rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
yum -y install pptpd
else
echo -e "\033[31mDoes not support this OS, Please contact the author! \033[0m" #如果是其他系统就提醒并退出
exit 1
fi
sysctl -p #使转发设置生效
#-z检查/etc/pptpf.conf中相关参数是否已经设置了,然后把设置的相关参数导入到/etc/pptpd.conf中
[ -z "`grep '^localip' /etc/pptpd.conf`" ] && echo "localip $VPN_LOCAL" >> /etc/pptpd.conf # Local IP address of your VPN server
[ -z "`grep '^remoteip' /etc/pptpd.conf`" ] && echo "remoteip $VPN_REMOTE" >> /etc/pptpd.conf # Scope for your home network
#检查并设置dns服务器
if [ -z "`grep '^ms-dns' /etc/ppp/options.pptpd`" ];then
echo "ms-dns 8.8.8.8" >> /etc/ppp/options.pptpd
echo "ms-dns 209.244.0.3" >> /etc/ppp/options.pptpd
fi
#no liI10oO chars in password
LEN=$(echo ${#PASS}) #检查密码是否设置
if [ -z "$PASS" ] || [ $LEN -lt 8 ] || [ -z "$NAME"]
#如果密码字符串为0(就是没有设置)或小于8位或跟要设置的用户名相同,那么就重新设置
then
P1=`cat /dev/urandom | tr -cd abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789 | head -c 3`
P2=`cat /dev/urandom | tr -cd abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789 | head -c 3`
P3=`cat /dev/urandom | tr -cd abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789 | head -c 3`
PASS="$P1-$P2-$P3" #生成一个11位的随机密码
fi
if [ -z "$NAME" ]
then
NAME="vpn" #如果用户名没有设置,就默认为vpn
fi
cat >> /etc/ppp/chap-secrets <<END #将账号密码导出到/etc/ppp/chap-secrets中
$NAME pptpd $PASS *
END
ETH=`route | grep default | awk '{print $NF}'` #获取默认的出口网卡名
#设置iptables规则
[ -z "`grep '1723 -j ACCEPT' /etc/sysconfig/iptables`" ] && iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 1723 -j ACCEPT #打开1723端口
[ -z "`grep 'gre -j ACCEPT' /etc/sysconfig/iptables`" ] && iptables -I INPUT 5 -p gre -j ACCEPT #放行gre隧道连接
iptables -t nat -A POSTROUTING -o $ETH -j MASQUERADE
iptables -I FORWARD -p tcp --syn -i ppp+ -j TCPMSS --set-mss 1356
#保存刚才设置的iptables规则,注释掉(删除)相关规则
service iptables save
sed -i 's@^-A INPUT -j REJECT --reject-with icmp-host-prohibited@#-A INPUT -j REJECT --reject-with icmp-host-prohibited@' /etc/sysconfig/iptables
sed -i 's@^-A FORWARD -j REJECT --reject-with icmp-host-prohibited@#-A FORWARD -j REJECT --reject-with icmp-host-prohibited@' /etc/sysconfig/iptables
#设置iptables服务重启,开机运行
service iptables restart
chkconfig iptables on
#设置pptpd服务重启,开机运行
service pptpd restart
chkconfig pptpd on
clear
echo -e "You can now connect to your VPN via your external IP \033[32m${VPN_IP}\033[0m"
echo -e "Username: \033[32m${NAME}\033[0m"
echo -e "Password: \033[32m${PASS}\033[0m"脚本里面的注释内容有一些是我自己加进去的,方便理解。在使用的时候可以直接用wget下载,或者直接去原地址copy
参考地址:
- Centos7搭建pptp VPN一键安装脚本
- CentOS 7 安装VPN Server 和 Client
- Centos下PPTP环境部署记录
- 如何在windows上配置连接pptpd
脚本在github上的地址:https://github.com/DanylZhang/VPS/blob/master/CentOS-pptp-setup.sh
亲测可用,可以放心用啊。
4312
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
