记录日常工作关于系统运维,虚拟化云计算,数据库,网络安全等各方面问题。
 
0

CentOS6/Centos5 PPTPD VPN一键安装包
发表者:admin分类:网络安全2015-10-25 18:55:36 阅读[2405]

CentOS PPTPD VPN一键安装包

系统要求:CentOS 5 32bit/64bit。

安装方法,登陆SSH后输入以下命令:

CentOS 5.X专用:

wget http://www.huzs.net/soft/pptp_onekey/pptpd5.sh

sh pptpd5.sh

CentOS 6.X专用:

wget http://www.huzs.net/soft/pptp_onekey/pptpd6.sh

sh pptpd6.sh

安装完成后会提示vpn用户名和密码。

VPN用户管理:
直接编辑文件:,按照相同格式添加用户名和密码即可。


vi /etc/ppp/chap-secrets


以下是Centos6 安装 PPTP.sh 脚本源码:


yum remove -y pptpd ppp
iptables --flush POSTROUTING --table nat
iptables --flush FORWARD
rm -rf /etc/pptpd.conf
rm -rf /etc/ppp

rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel5/pptp-release-current.noarch.rpm
yum --enablerepo=poptop-stable install pptpd

mknod /dev/ppp c 108 0
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "mknod /dev/ppp c 108 0" >> /etc/rc.local
echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> /etc/rc.local
echo "localip 172.16.22.254" >> /etc/pptpd.conf
echo "remoteip 172.16.22.1-253" >> /etc/pptpd.conf
echo "ms-dns 8.8.8.8" >> /etc/ppp/options.pptpd
echo "ms-dns 8.8.4.4" >> /etc/ppp/options.pptpd

pass=`openssl rand 6 -base64`
if [ "$1" != "" ]
then pass=$1
fi
read -p "User: " user
echo "${user} pptpd ${pass} *" >> /etc/ppp/chap-secrets

iptables -t nat -A POSTROUTING -s 172.16.22.0/24 -j SNAT --to-source `ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk 'NR==1 { print $1}'`
iptables -A FORWARD -p tcp --syn -s 172.16.22.0/24 -j TCPMSS --set-mss 1356
service iptables save

chkconfig iptables on
chkconfig pptpd on
service iptables start
service pptpd start

echo "VPN username is ${user}, VPN password is ${pass}"



下面是Centos6 pptp vpn 安装脚本代码:

yum remove pptpd ppp -y
iptables --flush POSTROUTING --table nat
iptables --flush FORWARD
rm -f /etc/pptpd.conf
rm -f /etc/ppp
arch=`uname -m`
yum -y install make libpcap iptables gcc-c++ logrotate tar cpio perl pam tcp_wrappers dkms kernel_ppp_mppe ppp
wget http://www.huzs.net/soft/pptp_onekey/pptpd-1.4.0-1.el6.$arch.rpm
rpm -Uvh pptpd-1.4.0-1.el6.$arch.rpm

mknod /dev/ppp c 108 0
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "mknod /dev/ppp c 108 0" >> /etc/rc.local
echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> /etc/rc.local
echo "localip 172.16.22.254" >> /etc/pptpd.conf
echo "remoteip 172.16.22.1-253" >> /etc/pptpd.conf
echo "ms-dns 8.8.8.8" >> /etc/ppp/options.pptpd
echo "ms-dns 8.8.4.4" >> /etc/ppp/options.pptpd
 
#pass=`openssl rand 6 -base64`
#if [ "$1" != "" ]
#then pass=$1
#fi

echo "vpn pptpd www.micoder.cc *" >> /etc/ppp/chap-secrets
 
iptables -t nat -A POSTROUTING -s 172.16.22.0/24 -j SNAT --to-source `ifconfig  | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk 'NR==1 { print $1}'`
iptables -A FORWARD -p tcp --syn -s 172.16.22.0/24 -j TCPMSS --set-mss 1356
service iptables save
chkconfig iptables on
chkconfig pptpd on
service iptables restart
service pptpd start

echo "恭喜您,VPN PPTP已经安装完成, 用户名:vpn   密码:www.micoder.cc"
echo "编辑此文件以添加删除用户: vi /etc/ppp/chap-secrets"




CentOS5执行如下命令

wget http://www.vipkj.net/soft/Linux/pptpd/centos5_pptpd.sh
chmod +x centos5_pptpd.sh
./centos5_pptpd.sh

CentOS6执行如下命令

wget http://www.vipkj.net/soft/Linux/pptpd/centos6_pptpd.sh
chmod +x centos6_pptpd.sh
./centos6_pptpd.sh

安装成功后,会在最后提示你VPN登录帐号和密码。

VPN service is installed, your username is 后面的是账户名
password is 后面的是密码

你也可以通过修改 /etc/ppp/chap-secrets 文件来修改你的账户和密码。


下面是防火墙配置iptables信息,有些VPS虚拟机,有两个IP,自己注意修改下。

[root@vultr opt]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Fri Nov 27 12:00:17 2015
*filter
:INPUT ACCEPT [2:85]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [90:8917]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -m state --state ESTABLISHED -j ACCEPT
-A FORWARD -s 172.16.22.0/24 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS --set-mss 1356
COMMIT
# Completed on Fri Nov 27 12:00:17 2015
# Generated by iptables-save v1.4.7 on Fri Nov 27 12:00:17 2015
*nat
:PREROUTING ACCEPT [5:265]
:POSTROUTING ACCEPT [3:251]
:OUTPUT ACCEPT [3:251]
-A POSTROUTING -s 172.16.22.0/24 -j SNAT --to-source 45.32.254.247
COMMIT
# Completed on Fri Nov 27 12:00:17 2015

 


转载请标明出处【CentOS6/Centos5 PPTPD VPN一键安装包】。

《www.micoder.cc》 虚拟化云计算,系统运维,安全技术服务.

Tags: [阅读全文...]
网站已经关闭评论