Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
al linux
IPSEC
提交
54e6c124
I
IPSEC
项目概览
al linux
/
IPSEC
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
I
IPSEC
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
54e6c124
编写于
9月 11, 2020
作者:
al linux
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
上传新文件
上级
7bfd8307
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
134 addition
and
0 deletion
+134
-0
extras/add_vpn_user.sh
extras/add_vpn_user.sh
+134
-0
未找到文件。
extras/add_vpn_user.sh
0 → 100644
浏览文件 @
54e6c124
#!/bin/sh
#
# Script to add/update an VPN user for both IPsec/L2TP and Cisco IPsec
#
# Copyright (C) 2018-2020 Lin Song <linsongui@gmail.com>
#
# This work is licensed under the Creative Commons Attribution-ShareAlike 3.0
# Unported License: http://creativecommons.org/licenses/by-sa/3.0/
#
# Attribution required: please include my name in any derivative and let me
# know how you have improved it!
export
PATH
=
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
SYS_DT
=
$(
date
+%F-%T |
tr
':'
'_'
)
exiterr
()
{
echo
"Error:
$1
"
>
&2
;
exit
1
;
}
conf_bk
()
{
/bin/cp
-f
"
$1
"
"
$1
.old-
$SYS_DT
"
2>/dev/null
;
}
add_vpn_user
()
{
if
[
"
$(
id
-u
)
"
!=
0
]
;
then
exiterr
"Script must be run as root. Try 'sudo sh
$0
'"
fi
if
[
!
-f
"/etc/ppp/chap-secrets"
]
||
[
!
-f
"/etc/ipsec.d/passwd"
]
;
then
cat
1>&2
<<
'
EOF
'
Error: File /etc/ppp/chap-secrets and/or /etc/ipsec.d/passwd do not exist!
Your must first set up the VPN server before adding VPN users.
See: https://github.com/hwdsl2/setup-ipsec-vpn
EOF
exit
1
fi
if
!
grep
-qs
"hwdsl2 VPN script"
/etc/sysctl.conf
;
then
cat
1>&2
<<
'
EOF
'
Error: This script can only be used with VPN servers created using:
https://github.com/hwdsl2/setup-ipsec-vpn
EOF
exit
1
fi
VPN_USER
=
$1
VPN_PASSWORD
=
$2
if
[
-z
"
$VPN_USER
"
]
||
[
-z
"
$VPN_PASSWORD
"
]
;
then
cat
1>&2
<<
EOF
Usage: sudo sh
$0
'username_to_add' 'password_to_add'
EOF
exit
1
fi
if
printf
'%s'
"
$VPN_USER
$VPN_PASSWORD
"
|
LC_ALL
=
C
grep
-q
'[^ -~]\+'
;
then
exiterr
"VPN credentials must not contain non-ASCII characters."
fi
case
"
$VPN_USER
$VPN_PASSWORD
"
in
*
[
\\\"\'
]
*
)
exiterr
"VPN credentials must not contain these special characters:
\\
\"
'"
;;
esac
clear
cat
<<
EOF
Welcome! This script will add or update an VPN user account
for both IPsec/L2TP and IPsec/XAuth (Cisco IPsec).
If the username you specified matches an existing VPN user,
that user will be updated with the new password.
Please double check before continuing!
================================================
VPN user to add or update:
Username:
$VPN_USER
Password:
$VPN_PASSWORD
Write these down. You'll need them to connect!
================================================
EOF
printf
"Do you want to continue? [y/N] "
read
-r
response
case
$response
in
[
yY][eE][sS]|[yY]
)
echo
echo
"Adding or updating VPN user..."
echo
;;
*
)
echo
"Abort. No changes were made."
exit
1
;;
esac
# Backup config files
conf_bk
"/etc/ppp/chap-secrets"
conf_bk
"/etc/ipsec.d/passwd"
# Add or update VPN user
sed
-i
"/^
\"
$VPN_USER
\"
/d"
/etc/ppp/chap-secrets
cat
>>
/etc/ppp/chap-secrets
<<
EOF
"
$VPN_USER
" l2tpd "
$VPN_PASSWORD
" *
EOF
# shellcheck disable=SC2016
sed
-i
'/^'
"
$VPN_USER
"
':\$1\$/d'
/etc/ipsec.d/passwd
VPN_PASSWORD_ENC
=
$(
openssl passwd
-1
"
$VPN_PASSWORD
"
)
cat
>>
/etc/ipsec.d/passwd
<<
EOF
$VPN_USER
:
$VPN_PASSWORD_ENC
:xauth-psk
EOF
# Update file attributes
chmod
600 /etc/ppp/chap-secrets
*
/etc/ipsec.d/passwd
*
cat
<<
'
EOF
'
Done!
NOTE: All VPN users will share the same IPsec PSK.
If you forgot the PSK, check /etc/ipsec.secrets.
EOF
}
## Defer until we have the complete script
add_vpn_user
"
$@
"
exit
0
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录