#LOOSERHELPER ROOT frissites forrasok telepites openvpn easy-rsa [ "$(sysctl -a | grep 'ipv4.ip_forward =' | awk '{print $3}' >/dev/null)" = '0'] && [ -f /etc/sysctl.conf ] && \ [ -n "$(grep 'ipv4.ip_forward' /etc/sysctl.conf 2>/dev/null ] && sed -i 's|.*net.ipv4.ip_forward=.*|net.ipv4.ip_forward=1|' /etc/sysctl.conf [ "$(sysctl -a | grep 'ipv4.ip_forward =' | awk '{print $3}' >/dev/null)" = '0'] && [ ! -f /etc/sysctl.conf ] && \ [ ! -n "$(grep 'ipv4.ip_forward' /etc/sysctl.d/*.conf 2>/dev/null ] && echo "net.ipv4.ip_forward=1" > /etc/sysctl.d/ip_forward.conf sysctl -p [ ! -d /etc/easy-rsa ] && cp -r /usr/share/easy-rsa /etc cd /etc/easy-rsa ; easyrsa init-pki ; easyrsa build-ca; easyrsa gen-dh; easyrsa build-server-full server nopass openvpn --genkey secret /etc/easy-rsa/pki/ta.key ;easyrsa gen-crl # client definied? cp -rp /etc/easy-rsa/pki/{ca.crt,dh.pem,ta.key,crl.pem,issued,private} /etc/openvpn mkdir -o /var/log/openvpn ; chown openvpn:openvpn /var/log/openvpn # client easyrsa build-client-full clientname nopass mkdir -p /etc/openvpn/client cp -rp /etc/easy-rsa/pki/{ca.crt,issued/clientname.crt,private/clientname.key} /etc/openvpn/client/ cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf /etc/openvpn/server.conf.sample cat >/etc/openvpn/server.conf<<'EOF' port 1194 proto udp4 dev tun ca ca.crt cert issued/server.crt key private/server.key # This file should be kept secret dh dh.pem topology subnet server 172.16.20.0 255.255.255.0 ifconfig-pool-persist /var/log/openvpn/ipp.txt push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 208.67.220.220" client-to-client keepalive 10 120 tls-auth ta.key 0 # This file is secret cipher AES-256-CBC persist-key persist-tun status /var/log/openvpn/openvpn-status.log log-append /var/log/openvpn/openvpn.log verb 3 explicit-exit-notify 1 auth SHA512 EOF echo"Tűzfal beállítása szükséges! A 943/tcp porton lehet kezelni, a 1194/udp portnak nyitva kel lennie!" echo "A tesztelés idejére kapcsold le a tűzfalat, hogy kizárd ezt a hibalehetőséget!" sleep 4 echo "Képernyőkép készült, hogy később is meg tudd nézni a kimenetet..."