共计 6816 个字符,预计需要花费 18 分钟才能阅读完成。
本文将介绍以 pptp 方式拨入虚拟网络的 VPN 的方法。
以下操作均在 root 用户下操作完成,并假设你的 Linux 系统已经安装了编译环境。
1、下载 pptp 客户端
wget http://nchc.dl.sourceforge.net/sourceforge/pptpclient/pptp-1.7.1.tar.gz2、解压
tar zxvf pptp-1.7.1.tar.gz3、编译和安装
make && make install4、编辑配置文件,设定拨号名为 guozi
vim /etc/ppp/peers/guozi内容如下:
remotename guozi
linkname guozi
ipparam guozi
pty "pptp www.hifyl.com --nolaunchpppd "
name guozi
usepeerdns
require-mppe
refuse-eap
noauth
其中,myaccount 为用户名
5、编辑 /etc/ppp/chap-secrets
加入用户名和帐号,这里假设 myaccount 的密码为 mypassword
myaccount * mypassword *
6、拨号,运行以下命令
/usr/sbin/pppd call guozi logfd 1 updetach如果以上配置文件正确无误,则可正常拨入虚拟网管的 pptp VPN 网络中了,此时如果用 ifconfig 查看连接情况,可以看到多了一条 ppp0 的连接,并能正确分到 IP 地址了。
7、添加路由
虽然已经拨号上来了,但此时你可能无法正常访问你的 你的虚拟局域网资源了,你必需添加一条路由才行,这里假设你拨号上来的连接名为 ppp0,并此你的虚拟局域网的 IP 段为 192.168.1.0,那么,你需要加入以下命令:
route add -net 192.168.1.0 netmask 255.255.255.0 dev ppp0
至此,在 Linux 系统下以 pptp 方式拨入虚拟网络的 VPN 网络中了。下面将附上一键安装脚本 pptp.sh(为了简单起见,有些不存在的目录可能没做出错处理,读者可自行添加容错代码)。
#!/bin/bash
# centos pptp client set
# Made by Guozi QQ:411239339
pptp_server=''
pptp_user=''
pptp_pass=''
device_name=''
pwd_dir=''
function read_cfg()
{
echo "======VPN client ======"
while [ -z $pptp_server ]
do
read -p "Please input your server ip; " pptp_server
done
echo -e "Your server ip is: $pptp_server"
while [ -z $pptp_user ]
do
read -p "Please input your account: " pptp_user
done
echo -e "Your user name is: $pptp_user"
while [ -z $pptp_pass ]
do
read -p "Please input your password; " pptp_pass
done
echo -e "Your password is: $pptp_pass"
read -p "Please input device name(Default eth0):" device_name
[ -z $device_name ] && device_name="eth0"
}
function test_network()
{
echo -e "Network testing"
ping -c 4 nchc.dl.sourceforge.net >/dev/null
if [ ! $? = 0 ];then
echo "Network is broken Please check your Network settings"
exit 1
else
echo "Network is OK continue!"
fi
}
function compile()
{ if [ -d /root/pptp ]; then
echo -e "Vpn client was installed!!!"
else
echo "downloading Vpn install packet......"
mkdir /root/pptp
cd /root/pptp
wget http://nchc.dl.sourceforge.net/project/pptpclient/pptp/pptp-1.7.1%20\(stable\)/pptp-1.7.1.tar.gz
echo "downloaded success"
tar -zxvf pptp-1.7.1.tar.gz
cd pptp-1.7.1
make && make install
echo "Vpn client installed success!"
fi
cd $pwd_dir
}
function create_configure()
{
head -n 1 /etc/ppp/peers/$pptp_user | grep $pptp_user >/dev/nul 2>&1
if [ ! $? = 0 ];then
cat >>/etc/ppp/peers/$pptp_user <<EOF
remotename $pptp_user
linkname $pptp_user
ipparam $pptp_user
pty "pptp $pptp_server --nolaunchpppd "
name $pptp_user
usepeerdns
require-mppe
refuse-eap
noauth
EOF
fi
cat /etc/ppp/chap-secrets | grep $pptp_user >/dev/nul 2>&1
if [ ! $? = 0 ];then
echo "\"$pptp_user\" * \"$pptp_pass\" *" >>/etc/ppp/chap-secrets
fi
if [ ! -f /usr/sbin/poff ];then
cp ./pon /usr/sbin
cp ./poff /usr/sbin/
chmod 701 /usr/sbin/poff
fi
}
function add_route()
{ ip_seg=$(ifconfig $device_name | grep "inet addr" | awk -F: '{print $2}' | awk '{print $1}')
ip_seg=$(echo $ip_seg | awk 'BEGIN{FS=".";OFS="."}{print $1,$2,$3,0}')
mask=$(ifconfig $device_name | grep "Mask" | awk -F: '{print $4}' | awk '{print $1}')
ifconfig ppp0 2&amp;gt;&amp;amp;1 | grep "RUNNING" > /dev/nul
if [ ! $? = 0 ];then
/usr/sbin/pppd call $pptp_user logfd 1 updetach
route add -net $ip_seg netmask 255.255.255.0 dev ppp0
sleep 1
else
poff > /dev/nul 2>&1
echo -e ""
echo -e "vpn was disconnected!!!"
echo -e ""
fi
}
read_cfg
test_network
compile
create_configure
#add_route
下面是用于一健拨号的脚本 pon,很简单,就几行代码:
#!/bin/bash
pptp_user=$1
[-z $pptp_user] && echo "Example:pon user_name!" && exit 1
/usr/sbin/pppd call $pptp_user logfd 1 updetach
下面是用于断开拨号的脚本 poff:
#!/bin/sh
if [ -x /usr/bin/kill ]; then
KILL="/usr/bin/kill"
else
KILL="/bin/kill"
fi
SIG=TERM
DONE="stopped"
MODE=""
usage ()
{
cat <<!EOF!
usage: $0 [option] [provider]
options:
-r Cause pppd to drop the line and redial.
-d Toggle the state of pppd's debug option.
-c Cause pppd to renegotiate compression.
-a Stop all pppd's. 'provider' will be ignored.
-h Print this help summary and exit.
-v Print version and exit.
none Stop pppd.
Options may not be combined.
If 'provider' is omitted pppd will be stopped or signalled if and only if
there is exactly one running unless the '-a' option was given. If
'provider' is supplied the pppd controlling the connection to that
provider will be stopped or signalled.
!EOF!
}
# Get option. If there are none replace the "?" that getopts puts in
# FLAG on error with "null".
getopts rdcavh FLAG
if [ "$?" -ne 0 ]; then
FLAG="null"
fi
# Check for additional options. Should be none.
getopts :rdcavh DUMMY
if [ "$?" -eq 0 ]; then
echo "$0: Illegal option -- ${OPTARG}."
exit 1
fi
case $FLAG in
"r") SIG=HUP; DONE=signalled; shift ;;
"d") SIG=USR1; DONE=signalled; shift ;;
"c") SIG=USR2; DONE=signalled; shift ;;
"a") MODE="all"; shift ;;
"v") echo "$0$Revision: 1.1 $_TrickToPrint_RCS_Revision"; exit 0 ;;
"h") usage; exit 0 ;;
"?") exit 1;
esac
# Get the PIDs of all the pppds running. Could also get these from
# /var/run, but pppd doesn't create .pid files until ppp is up.
PIDS=`pidof pppd`
# poff is pointless if pppd isn't running.
if test -z "$PIDS"; then
echo "$0: No pppd is running. None ${DONE}."
exit 1
fi
# Find out how many pppd's are running.
N=`echo "$PIDS" | wc -w`
# If there are no arguments we can't do anything if there is more than one
# pppd running.
if test "$#" -eq 0 -a "$N" -gt 1 -a $FLAG != "a" ; then
echo "$0: More than one pppd running and no "-a" option and
no arguments supplied. Nothing ${DONE}."
exit 1
fi
# If either there are no arguments or '-a' was specified kill all the
# pppd's.
if test "$#" -eq 0 -o "$MODE" = "all" ; then
$KILL -$SIG $PIDS || { echo "$0: $KILL failed. None ${DONE}."
exit 1
}
exit 0
fi
# There is an argument, so kill the pppd started on that provider.
PID=`ps axw | grep "[ /]pppd call $1 *\$" | awk '{print $1}'`
if test -n "$PID" ; then
$KILL -$SIG $PID || { echo "$0: $KILL failed. None ${DONE}."
exit 1
}
else
echo "$0: I could not find a pppd process for provider '$1'. None ${DONE}."
exit 1
fi
exit 0使用方法:
先把上面三个脚本, 分别为 pptp.sh, pon poff, 创建好后,运行如下命令即可创建一个已经建立好连接的接口 ppp0:
chmod a+x pptp.sh
./pptp.sh连接的方法:
# 这里假设你的连接名为 guozi
pon guozi
断开拨号的方法,直接运行如下命令:
poff -a(全文完)
