Merge serveral revisions
This commit is contained in:
hwdsl2
parent
734f561494
commit
d541f0d9b4
16
vpnsetup.sh
16
vpnsetup.sh
@ -1,7 +1,7 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Amazon EC2 user-data file for automatic configuration of IPsec/L2TP VPN
|
||||
# on a Ubuntu server instance. Tested with 14.04 (Trusty) AND 12.04 (Precise).
|
||||
# Amazon EC2 user-data file for automatic configuration of IPsec/L2TP VPN server
|
||||
# on a Ubuntu or Debian instance. Tested with Ubuntu 14.04 & 12.04 and Debian 8 & 7.
|
||||
# With minor modifications, this script *can also be used* on dedicated servers
|
||||
# or any KVM- or XEN-based Virtual Private Server (VPS) from other providers.
|
||||
#
|
||||
@ -30,8 +30,8 @@ if [ "$(uname)" = "Darwin" ]; then
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ "$(lsb_release -si)" != "Ubuntu" ]; then
|
||||
echo "Looks like you aren't running this script on a Ubuntu system."
|
||||
if [ "$(lsb_release -si)" != "Ubuntu" ] && [ "$(lsb_release -si)" != "Debian" ]; then
|
||||
echo "Looks like you aren't running this script on a Ubuntu or Debian system."
|
||||
exit
|
||||
fi
|
||||
|
||||
@ -184,7 +184,7 @@ cat > /etc/ppp/chap-secrets <<EOF
|
||||
$VPN_USER l2tpd $VPN_PASSWORD *
|
||||
EOF
|
||||
|
||||
/bin/cp -f /etc/sysctl.conf /etc/sysctl.conf.old-$(date +%Y-%m-%d-%H:%M:%S)
|
||||
/bin/cp -f /etc/sysctl.conf /etc/sysctl.conf.old-$(date +%Y-%m-%d-%H:%M:%S) 2>/dev/null
|
||||
cat > /etc/sysctl.conf <<EOF
|
||||
kernel.sysrq = 0
|
||||
kernel.core_uses_pid = 1
|
||||
@ -217,7 +217,7 @@ net.ipv4.tcp_rmem= 10240 87380 12582912
|
||||
net.ipv4.tcp_wmem= 10240 87380 12582912
|
||||
EOF
|
||||
|
||||
/bin/cp -f /etc/iptables.rules /etc/iptables.rules.old-$(date +%Y-%m-%d-%H:%M:%S)
|
||||
/bin/cp -f /etc/iptables.rules /etc/iptables.rules.old-$(date +%Y-%m-%d-%H:%M:%S) 2>/dev/null
|
||||
cat > /etc/iptables.rules <<EOF
|
||||
*filter
|
||||
:INPUT ACCEPT [0:0]
|
||||
@ -238,7 +238,7 @@ cat > /etc/iptables.rules <<EOF
|
||||
-A FORWARD -i eth+ -o ppp+ -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
|
||||
-A FORWARD -i ppp+ -o eth+ -j ACCEPT
|
||||
-A FORWARD -j DROP
|
||||
-A ICMPALL -p icmp -f -j DROP
|
||||
-A ICMPALL -p icmp -f -j DROP
|
||||
-A ICMPALL -p icmp --icmp-type 0 -j ACCEPT
|
||||
-A ICMPALL -p icmp --icmp-type 3 -j ACCEPT
|
||||
-A ICMPALL -p icmp --icmp-type 4 -j ACCEPT
|
||||
@ -261,7 +261,7 @@ cat > /etc/network/if-pre-up.d/iptablesload <<EOF
|
||||
exit 0
|
||||
EOF
|
||||
|
||||
/bin/cp -f /etc/rc.local /etc/rc.local.old-$(date +%Y-%m-%d-%H:%M:%S)
|
||||
/bin/cp -f /etc/rc.local /etc/rc.local.old-$(date +%Y-%m-%d-%H:%M:%S) 2>/dev/null
|
||||
cat > /etc/rc.local <<EOF
|
||||
#!/bin/sh -e
|
||||
#
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user