CentOS 6、7下pptp vpn一键安装脚本 | Linux运维笔记

之前有折腾过《CentOS 6、7下IPSEC/L2TP VPN一键安装脚本》,不稳定、不支持IOS,因此换成pptp,并已经添加到《lnmp一键安装包》。这个脚本可以单独使用,直接复制或下载执行即可,不用依赖安装包的其它脚本。

有任何问题请回帖:http://bbs.linuxeye.com/thread-197-1-1.html

CentOS 6、7下pptp vpn一键安装脚本,如下(vpn_centos.sh):

<span class="com">#!/bin/bash</span><span class="pln"></p><p></span><span class="com">#</span><span class="pln"></p><p></span><span class="com"># Author:&nbsp; yeho &lt;lj2007331 AT gmail.com&gt;</span><span class="pln"></p><p></span><span class="com"># Blog:&nbsp; http://blog.linuxeye.com</span><span class="pln"></p><p></span><span class="com">#</span><span class="pln"></p><p></span><span class="com"># Installs a PPTP VPN-only system for CentOS</span><span class="pln"></p><p></span><span class="com"># Check if user is root</span><span class="pln"></p><p></span><span class="pun">[</span><span class="pln"> $</span><span class="pun">(</span><span class="pln">id </span><span class="pun">-</span><span class="pln">u</span><span class="pun">)</span><span class="pln"> </span><span class="pun">!=</span><span class="pln"> </span><span class="str">"0"</span><span class="pln"> </span><span class="pun">]</span><span class="pln"> </span><span class="pun">&amp;&amp;</span><span class="pln"> echo </span><span class="str">"Error: You must be root to run this script"</span><span class="pln"> </span><span class="pun">&amp;&amp;</span><span class="pln"> exit </span><span class="lit">1</span><span class="pln"></p><p>export PATH</span><span class="pun">=/</span><span class="pln">usr</span><span class="pun">/</span><span class="kwd">local</span><span class="pun">/</span><span class="pln">sbin</span><span class="pun">:/</span><span class="pln">usr</span><span class="pun">/</span><span class="kwd">local</span><span class="pun">/</span><span class="pln">bin</span><span class="pun">:/</span><span class="pln">sbin</span><span class="pun">:/</span><span class="pln">bin</span><span class="pun">:/</span><span class="pln">usr</span><span class="pun">/</span><span class="pln">sbin</span><span class="pun">:/</span><span class="pln">usr</span><span class="pun">/</span><span class="pln">bin</p><p>clear</p><p>printf </span><span class="str">"</p><p>#######################################################################</p><p>#&nbsp;&nbsp;&nbsp; </span><span class="wp_keywordlink"><span class="str">LNMP</span></span><span class="str">/</span><span class="wp_keywordlink"><span class="str">LAMP</span></span><span class="str">/LANMP for CentOS/RadHat 5+ Debian 6+ and Ubuntu 12+&nbsp;&nbsp;&nbsp; #</p><p># For more information please visit http://blog.linuxeye.com/31.html&nbsp; #</p><p>#######################################################################</p><p>"</span><span class="pln"></p><p></span><span class="pun">[</span><span class="pln"> </span><span class="pun">!</span><span class="pln"> </span><span class="pun">-</span><span class="pln">e </span><span class="str">'/usr/bin/curl'</span><span class="pln"> </span><span class="pun">]</span><span class="pln"> </span><span class="pun">&amp;&amp;</span><span class="pln"> yum </span><span class="pun">-</span><span class="pln">y install curl</p><p>VPN_IP</span><span class="pun">=</span><span class="str">`curl ipv4.icanhazip.com`</span><span class="pln"></p><p>VPN_USER</span><span class="pun">=</span><span class="str">"linuxeye"</span><span class="pln"></p><p>VPN_PASS</span><span class="pun">=</span><span class="str">"linuxeye"</span><span class="pln"></p><p>VPN_LOCAL</span><span class="pun">=</span><span class="str">"192.168.0.150"</span><span class="pln"></p><p>VPN_REMOTE</span><span class="pun">=</span><span class="str">"192.168.0.151-200"</span><span class="pln"></p><p></span><span class="kwd">while</span><span class="pln"> </span><span class="pun">:</span><span class="pln"></p><p></span><span class="kwd">do</span><span class="pln"></p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; echo</p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; read </span><span class="pun">-</span><span class="pln">p </span><span class="str">"Please input username: "</span><span class="pln"> VPN_USER </p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="pun">[</span><span class="pln"> </span><span class="pun">-</span><span class="pln">n </span><span class="str">"$VPN_USER"</span><span class="pln"> </span><span class="pun">]</span><span class="pln"> </span><span class="pun">&amp;&amp;</span><span class="pln"> </span><span class="kwd">break</span><span class="pln"></p><p></span><span class="kwd">done</span><span class="pln"></p><p></span><span class="kwd">while</span><span class="pln"> </span><span class="pun">:</span><span class="pln"></p><p></span><span class="kwd">do</span><span class="pln"></p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; echo</p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; read </span><span class="pun">-</span><span class="pln">p </span><span class="str">"Please input password: "</span><span class="pln"> VPN_PASS</p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="pun">[</span><span class="pln"> </span><span class="pun">-</span><span class="pln">n </span><span class="str">"$VPN_PASS"</span><span class="pln"> </span><span class="pun">]</span><span class="pln"> </span><span class="pun">&amp;&amp;</span><span class="pln"> </span><span class="kwd">break</span><span class="pln"></p><p></span><span class="kwd">done</span><span class="pln"></p><p>clear</p><p></span><span class="kwd">if</span><span class="pln"> </span><span class="pun">[</span><span class="pln"> </span><span class="pun">-</span><span class="pln">n </span><span class="str">"`grep 'CentOS </span><span class="wp_keywordlink"><span class="str">Linux</span></span><span class="str"> release 7' /etc/redhat-release`"</span><span class="pln"> </span><span class="pun">];</span><span class="kwd">then</span><span class="pln"></p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="com">#CentOS_REL=7</span><span class="pln"></p><p>&nbsp;&nbsp; &nbsp;</span><span class="kwd">if</span><span class="pln"> </span><span class="pun">[</span><span class="pln"> </span><span class="pun">!</span><span class="pln"> </span><span class="pun">-</span><span class="pln">e </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">yum</span><span class="pun">.</span><span class="pln">repos</span><span class="pun">.</span><span class="pln">d</span><span class="pun">/</span><span class="pln">epel</span><span class="pun">.</span><span class="pln">repo </span><span class="pun">];</span><span class="kwd">then</span><span class="pln"></p><p>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;cat </span><span class="pun">&gt;</span><span class="pln"> </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">yum</span><span class="pun">.</span><span class="pln">repos</span><span class="pun">.</span><span class="pln">d</span><span class="pun">/</span><span class="pln">epel</span><span class="pun">.</span><span class="pln">repo </span><span class="pun">&lt;&lt;</span><span class="pln"> EOF</p><p></span><span class="pun">[</span><span class="pln">epel</span><span class="pun">]</span><span class="pln"></p><p>name</span><span class="pun">=</span><span class="typ">Extra</span><span class="pln"> </span><span class="typ">Packages</span><span class="pln"> </span><span class="kwd">for</span><span class="pln"> </span><span class="typ">Enterprise</span><span class="pln"> </span><span class="typ">Linux</span><span class="pln"> </span><span class="lit">7</span><span class="pln"> </span><span class="pun">-</span><span class="pln"> \$basearch</p><p></span><span class="com">#baseurl=http://download.fedoraproject.org/pub/epel/7/\$basearch</span><span class="pln"></p><p>mirrorlist</span><span class="pun">=</span><span class="pln">https</span><span class="pun">://</span><span class="pln">mirrors</span><span class="pun">.</span><span class="pln">fedoraproject</span><span class="pun">.</span><span class="pln">org</span><span class="pun">/</span><span class="pln">metalink</span><span class="pun">?</span><span class="pln">repo</span><span class="pun">=</span><span class="pln">epel</span><span class="pun">-</span><span class="lit">7</span><span class="pun">&amp;</span><span class="pln">arch</span><span class="pun">=</span><span class="pln">\$basearch</p><p>failovermethod</span><span class="pun">=</span><span class="pln">priority</p><p>enabled</span><span class="pun">=</span><span class="lit">1</span><span class="pln"></p><p>gpgcheck</span><span class="pun">=</span><span class="lit">0</span><span class="pln"></p><p>EOF</p><p></span><span class="kwd">fi</span><span class="pln"></p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="kwd">for</span><span class="pln"> </span><span class="typ">Package</span><span class="pln"> </span><span class="kwd">in</span><span class="pln"> wget make openssl gcc</span><span class="pun">-</span><span class="pln">c</span><span class="pun">++</span><span class="pln"> ppp pptpd iptables iptables</span><span class="pun">-</span><span class="pln">services </p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="kwd">do</span><span class="pln"></p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; yum </span><span class="pun">-</span><span class="pln">y install $Package</p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="kwd">done</span><span class="pln"></p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; echo </span><span class="str">'net.ipv4.ip_forward = 1'</span><span class="pln"> </span><span class="pun">&gt;&gt;</span><span class="pln"> </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">sysctl</span><span class="pun">.</span><span class="pln">conf</p><p></span><span class="kwd">elif</span><span class="pln"> </span><span class="pun">[</span><span class="pln"> </span><span class="pun">-</span><span class="pln">n </span><span class="str">"`grep 'CentOS release 6' /etc/redhat-release`"</span><span class="pln"> </span><span class="pun">];</span><span class="kwd">then</span><span class="pln"></p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="com">#CentOS_REL=6</span><span class="pln"></p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="kwd">for</span><span class="pln"> </span><span class="typ">Package</span><span class="pln"> </span><span class="kwd">in</span><span class="pln"> wget make openssl gcc</span><span class="pun">-</span><span class="pln">c</span><span class="pun">++</span><span class="pln"> iptables ppp </p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="kwd">do</span><span class="pln"></p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; yum </span><span class="pun">-</span><span class="pln">y install $Package</p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="kwd">done</span><span class="pln"></p><p>&nbsp;&nbsp; &nbsp;sed </span><span class="pun">-</span><span class="pln">i </span><span class="str">'s@net.ipv4.ip_forward.*@net.ipv4.ip_forward = 1@g'</span><span class="pln"> </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">sysctl</span><span class="pun">.</span><span class="pln">conf</p><p>&nbsp;&nbsp; &nbsp;rpm </span><span class="pun">-</span><span class="typ">Uvh</span><span class="pln"> http</span><span class="pun">://</span><span class="pln">poptop</span><span class="pun">.</span><span class="pln">sourceforge</span><span class="pun">.</span><span class="pln">net</span><span class="pun">/</span><span class="pln">yum</span><span class="pun">/</span><span class="pln">stable</span><span class="pun">/</span><span class="pln">rhel6</span><span class="pun">/</span><span class="pln">pptp</span><span class="pun">-</span><span class="pln">release</span><span class="pun">-</span><span class="pln">current</span><span class="pun">.</span><span class="pln">noarch</span><span class="pun">.</span><span class="pln">rpm</p><p>&nbsp;&nbsp; &nbsp;yum </span><span class="pun">-</span><span class="pln">y install pptpd</p><p></span><span class="kwd">else</span><span class="pln"></p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; echo </span><span class="pun">-</span><span class="pln">e </span><span class="str">"\033[31mDoes not support this OS, Please contact the author! \033[0m"</span><span class="pln"></p><p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; exit </span><span class="lit">1</span><span class="pln"></p><p></span><span class="kwd">fi</span><span class="pln"></p><p>echo </span><span class="str">"1"</span><span class="pln"> </span><span class="pun">&gt;</span><span class="pln"> </span><span class="pun">/</span><span class="pln">proc</span><span class="pun">/</span><span class="pln">sys</span><span class="pun">/</span><span class="pln">net</span><span class="pun">/</span><span class="pln">ipv4</span><span class="pun">/</span><span class="pln">ip_forward</p><p>sysctl </span><span class="pun">-</span><span class="pln">p </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">sysctl</span><span class="pun">.</span><span class="pln">conf</p><p></span><span class="pun">[</span><span class="pln"> </span><span class="pun">-</span><span class="pln">z </span><span class="str">"`grep '^localip' /etc/pptpd.conf`"</span><span class="pln"> </span><span class="pun">]</span><span class="pln"> </span><span class="pun">&amp;&amp;</span><span class="pln"> echo </span><span class="str">"localip $VPN_LOCAL"</span><span class="pln"> </span><span class="pun">&gt;&gt;</span><span class="pln"> </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">pptpd</span><span class="pun">.</span><span class="pln">conf </span><span class="com"># Local IP address of your VPN server</span><span class="pln"></p><p></span><span class="pun">[</span><span class="pln"> </span><span class="pun">-</span><span class="pln">z </span><span class="str">"`grep '^remoteip' /etc/pptpd.conf`"</span><span class="pln"> </span><span class="pun">]</span><span class="pln"> </span><span class="pun">&amp;&amp;</span><span class="pln"> echo </span><span class="str">"remoteip $VPN_REMOTE"</span><span class="pln"> </span><span class="pun">&gt;&gt;</span><span class="pln"> </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">pptpd</span><span class="pun">.</span><span class="pln">conf </span><span class="com"># Scope for your home network</span><span class="pln"></p><p></span><span class="kwd">if</span><span class="pln"> </span><span class="pun">[</span><span class="pln"> </span><span class="pun">-</span><span class="pln">z </span><span class="str">"`grep '^ms-dns' /etc/ppp/options.pptpd`"</span><span class="pln"> </span><span class="pun">];</span><span class="kwd">then</span><span class="pln"></p><p>&nbsp;&nbsp; &nbsp;echo </span><span class="str">"ms-dns 8.8.8.8"</span><span class="pln"> </span><span class="pun">&gt;&gt;</span><span class="pln"> </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">ppp</span><span class="pun">/</span><span class="pln">options</span><span class="pun">.</span><span class="pln">pptpd </span><span class="com"># Google DNS Primary</span><span class="pln"></p><p>&nbsp;&nbsp; &nbsp;echo </span><span class="str">"ms-dns 209.244.0.3"</span><span class="pln"> </span><span class="pun">&gt;&gt;</span><span class="pln"> </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">ppp</span><span class="pun">/</span><span class="pln">options</span><span class="pun">.</span><span class="pln">pptpd </span><span class="com"># Level3 Primary</span><span class="pln"></p><p>&nbsp;&nbsp; &nbsp;echo </span><span class="str">"ms-dns 208.67.222.222"</span><span class="pln"> </span><span class="pun">&gt;&gt;</span><span class="pln"> </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">ppp</span><span class="pun">/</span><span class="pln">options</span><span class="pun">.</span><span class="pln">pptpd </span><span class="com"># OpenDNS Primary</span><span class="pln"></p><p></span><span class="kwd">fi</span><span class="pln"></p><p>echo </span><span class="str">"$VPN_USER pptpd $VPN_PASS *"</span><span class="pln"> </span><span class="pun">&gt;&gt;</span><span class="pln"> </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">ppp</span><span class="pun">/</span><span class="pln">chap</span><span class="pun">-</span><span class="pln">secrets</p><p>ETH</span><span class="pun">=</span><span class="str">`route | grep default | awk '{print $NF}'`</span><span class="pln"></p><p></span><span class="pun">[</span><span class="pln"> </span><span class="pun">-</span><span class="pln">z </span><span class="str">"`grep '1723 -j ACCEPT' /etc/sysconfig/iptables`"</span><span class="pln"> </span><span class="pun">]</span><span class="pln"> </span><span class="pun">&amp;&amp;</span><span class="pln"> iptables </span><span class="pun">-</span><span class="pln">I INPUT </span><span class="lit">4</span><span class="pln"> </span><span class="pun">-</span><span class="pln">p tcp </span><span class="pun">-</span><span class="pln">m state </span><span class="pun">--</span><span class="pln">state NEW </span><span class="pun">-</span><span class="pln">m tcp </span><span class="pun">--</span><span class="pln">dport </span><span class="lit">1723</span><span class="pln"> </span><span class="pun">-</span><span class="pln">j ACCEPT</p><p></span><span class="pun">[</span><span class="pln"> </span><span class="pun">-</span><span class="pln">z </span><span class="str">"`grep 'gre -j ACCEPT' /etc/sysconfig/iptables`"</span><span class="pln"> </span><span class="pun">]</span><span class="pln"> </span><span class="pun">&amp;&amp;</span><span class="pln"> iptables </span><span class="pun">-</span><span class="pln">I INPUT </span><span class="lit">5</span><span class="pln"> </span><span class="pun">-</span><span class="pln">p gre </span><span class="pun">-</span><span class="pln">j ACCEPT </p><p>iptables </span><span class="pun">-</span><span class="pln">t nat </span><span class="pun">-</span><span class="pln">A POSTROUTING </span><span class="pun">-</span><span class="pln">o $ETH </span><span class="pun">-</span><span class="pln">j MASQUERADE</p><p>service iptables save</p><p>sed </span><span class="pun">-</span><span class="pln">i </span><span class="str">'s@^-A INPUT -j REJECT --reject-with icmp-host-prohibited@#-A INPUT -j REJECT --reject-with icmp-host-prohibited@'</span><span class="pln"> </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">sysconfig</span><span class="pun">/</span><span class="pln">iptables </p><p>sed </span><span class="pun">-</span><span class="pln">i </span><span class="str">'s@^-A FORWARD -j REJECT --reject-with icmp-host-prohibited@#-A FORWARD -j REJECT --reject-with icmp-host-prohibited@'</span><span class="pln"> </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">sysconfig</span><span class="pun">/</span><span class="pln">iptables </p><p>service iptables restart</p><p>service pptpd restart</p><p>chkconfig pptpd on</p><p>clear</p><p>echo </span><span class="pun">-</span><span class="pln">e </span><span class="str">"You can now connect to your VPN via your external IP \033[32m${VPN_IP}\033[0m"</span><span class="pln"></p><p>echo </span><span class="pun">-</span><span class="pln">e </span><span class="str">"Username: \033[32m${VPN_USER}\033[0m"</span><span class="pln"></p><p>echo </span><span class="pun">-</span><span class="pln">e </span><span class="str">"Password: \033[32m${VPN_PASS}\033[0m"</span><span class="pln"></p><p></span>

参考:https://github.com/drewsymo/VPN

来源URL:https://blog.linuxeye.com/412.html