Create l2tp.sh
This commit is contained in:
NewName
117
l2tp.sh
Normal file
117
l2tp.sh
Normal file
@@ -0,0 +1,117 @@
|
||||
#!/bin/bash
|
||||
|
||||
# 颜色代码
|
||||
GREEN='\033[0;32m'
|
||||
RED='\033[0;31m'
|
||||
NC='\033[0m'
|
||||
|
||||
# 检查Root权限
|
||||
if [[ $EUID -ne 0 ]]; then
|
||||
echo -e "${RED}必须以root权限运行此脚本${NC}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# 生成随机字符串
|
||||
generate_random_string() {
|
||||
tr -dc 'A-Za-z0-9' < /dev/urandom | head -c "$1"
|
||||
}
|
||||
|
||||
# 主安装函数
|
||||
install_l2tp_vpn() {
|
||||
# 配置参数
|
||||
VPN_SERVER_IP=$(curl -s http://ipinfo.io/ip)
|
||||
VPN_PSK=$(generate_random_string 16)
|
||||
VPN_USERNAME=$(generate_random_string 8)
|
||||
VPN_PASSWORD=$(generate_random_string 12)
|
||||
|
||||
# 更新和安装依赖
|
||||
apt-get update
|
||||
apt-get install -y strongswan xl2tpd ppp
|
||||
|
||||
# IPsec配置
|
||||
cat > /etc/ipsec.conf << EOF
|
||||
config setup
|
||||
charondebug="all"
|
||||
uniqueids=never
|
||||
|
||||
conn l2tp-psk
|
||||
authby=secret
|
||||
left=%defaultroute
|
||||
leftid=$VPN_SERVER_IP
|
||||
leftauth=psk
|
||||
leftprotoport=17/1701
|
||||
leftsendcert=never
|
||||
right=%any
|
||||
rightauth=psk
|
||||
rightprotoport=17/1701
|
||||
rightsourceip=10.0.0.0/24
|
||||
auto=add
|
||||
EOF
|
||||
|
||||
cat > /etc/ipsec.secrets << EOF
|
||||
: PSK "$VPN_PSK"
|
||||
EOF
|
||||
|
||||
# xl2tpd配置
|
||||
cat > /etc/xl2tpd/xl2tpd.conf << EOF
|
||||
[global]
|
||||
port = 1701
|
||||
|
||||
[lns default]
|
||||
ip range = 10.0.0.2-10.0.0.254
|
||||
local ip = 10.0.0.1
|
||||
require chap = yes
|
||||
refuse pap = yes
|
||||
require authentication = yes
|
||||
name = L2TPServer
|
||||
ppp debug = yes
|
||||
pppoptfile = /etc/ppp/options.xl2tpd
|
||||
length bit = yes
|
||||
EOF
|
||||
|
||||
cat > /etc/ppp/options.xl2tpd << EOF
|
||||
ipcp-accept-local
|
||||
ipcp-accept-remote
|
||||
require-mschap-v2
|
||||
ms-dns 8.8.8.8
|
||||
ms-dns 1.1.1.1
|
||||
noccp
|
||||
auth
|
||||
hide-password
|
||||
nodefaultroute
|
||||
usepeerdns
|
||||
name l2tpd
|
||||
plugin /usr/lib/pppd/*/libplugin.so
|
||||
EOF
|
||||
|
||||
cat > /etc/ppp/chap-secrets << EOF
|
||||
$VPN_USERNAME * $VPN_PASSWORD *
|
||||
EOF
|
||||
|
||||
# 设置权限
|
||||
chmod 600 /etc/ipsec.secrets /etc/ppp/chap-secrets
|
||||
|
||||
# 重启服务(使用完整路径)
|
||||
/usr/sbin/service strongswan-starter restart
|
||||
/usr/sbin/service xl2tpd restart
|
||||
|
||||
# 输出配置信息
|
||||
echo -e "${GREEN}================================================================"
|
||||
echo -e "L2TP/IPsec VPN连接详情:"
|
||||
echo -e "服务器IP: $VPN_SERVER_IP"
|
||||
echo -e "用户名: $VPN_USERNAME"
|
||||
echo -e "密码: $VPN_PASSWORD"
|
||||
echo -e "预共享密钥: $VPN_PSK"
|
||||
echo -e "================================================================${NC}"
|
||||
|
||||
# 保存连接信息到文件
|
||||
cat > /root/vpn_credentials.txt << EOF
|
||||
服务器IP: $VPN_SERVER_IP
|
||||
用户名: $VPN_USERNAME
|
||||
密码: $VPN_PASSWORD
|
||||
预共享密钥: $VPN_PSK
|
||||
EOF
|
||||
}
|
||||
|
||||
# 执行安装
|
||||
install_l2tp_vpn
|
||||
Reference in New Issue
Block a user