1 #!/bin/bash
2 # Quick and dirty pptp VPN install script
3 # Ubuntu 12+ or Debain 7+
4 # Reference http://jesin.tk/setup-pptp-vpn-server-debian-ubuntu/
5 # Referrence https://github.com/tititake/MyShellScripts/blob/master/ubuntu-pptpd.sh
6
7
8 WANIF=`ip route get 8.8.8.8 | awk '{ for(f=0;f<NF;f++){if($f=="dev"){print $(f+1);exit;}} }'`
9 WANIP=`ip route get 8.8.8.8 | awk '{ print $NF; exit }'`
10 VPNUSER="pptp"
11 VPNPASS="eeettt888"
12
13 function error() {
14 echo -e "\e[0;31m $* \e[0m"
15 exit 1
16 }
17
18 function info() {
19 echo -e "\e[0;32m $* \e[0m"
20 }
21
22 cat /dev/ppp 2>&1 | grep "No such device" > /dev/null || \
23 error "Error : PPP is not enabled, abort."
24 [[ $EUID -eq 0 ]] || error "Error : This script must be run as root!"
25
26 echo "####################################"
27 echo "Server IP : $WANIP"
28 echo "VPN User : $VPNUSER"
29 echo "VPN Password : $VPNPASS"
30 echo "####################################"
31
32 read -p "Press [ENTER] to continue..."
33
34 dpkg-query -l iptables pptpd> /dev/null || ( \
35 apt-get update ; \
36 apt-get install -y iptables pptpd)
37
38 pptpd_conf="
39 option /etc/ppp/pptpd-options
40 logwtmp
41 localip 172.20.1.1
42 remoteip 172.20.1.2-254"
43
44 echo "$pptpd_conf" > /etc/pptpd.conf
45
46 pptpd_options="
47 name pptpd
48 refuse-pap
49 refuse-chap
50 refuse-mschap
51 require-mschap-v2
52 require-mppe-128
53 proxyarp
54 nodefaultroute
55 lock
56 nobsdcomp
57 novj
58 novjccomp
59 nologfd
60 ms-dns 8.8.8.8
61 ms-dns 8.8.4.4"
62
63 echo "$pptpd_options" > /etc/ppp/pptpd-options
64
65 chap_secrets="
66 $VPNUSER * $VPNPASS *
67 "
68 echo "$chap_secrets" > /etc/ppp/chap-secrets
69
70 echo 1 > /proc/sys/net/ipv4/ip_forward
71 grep '^net.ipv4.ip_forward.*=.*1$' /etc/sysctl.conf > /dev/null || \
72 echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
73
74 iptables --list -t nat | grep 172.20.1.0 | grep MASQUERADE > /dev/null || \
75 iptables -t nat -A POSTROUTING -s 172.20.1.0/24 -o $WANIF -j MASQUERADE
76 iptables --list | grep 172.20.1.0 | grep TCPMSS > /dev/null || \
77 iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -s 172.20.1.0/24 -j TCPMSS --clamp-mss-to-pmtu
78
79 iptables-save > /etc/iptables.conf
80 echo '#!/bin/sh' > /etc/network/if-up.d/iptables
81 echo "iptables-restore < /etc/iptables.conf" >> /etc/network/if-up.d/iptables
82 chmod +x /etc/network/if-up.d/iptables
83
84 echo '#!/bin/sh' > /etc/ppp/ip-up.d/set_pptp_mtu
85 echo "ifconfig ppp0 mtu 1500" >> /etc/ppp/ip-up.d/set_pptp_mtu
86 chmod +x /etc/ppp/ip-up.d/set_pptp_mtu
87
88 service pptpd restart
89
90 netstat -anp|grep pptpd|grep 1723 > /dev/null 2>&1 && \
91 info "pptpd service is running, seems everything is OK." || \
92 error "pptpd service is not running, something wrong happend."
Ubuntu下快速安装pptpd