FreeBSD mpd VPN服务器安装步骤
FreeBSD mpd VPN服务器安装步骤
发布时间:2016-12-27 来源:查字典编辑
摘要:马上要搬出学校,而学校的资源大多是对教育网开放,考虑到以后的小区多半是电信的adsl接入,没办法,就想到了架个vpn服务器,当然首先想到的是...

马上要搬出学校,而学校的资源大多是对教育网开放,考虑到以后的小区多半是电信的adsl接入,没办法,就想到了架个vpn服务器,当然首先想到的是在freebsd上架设。用goolge搜索了一下,发现搞得人还真多,心情马上好了一截。下面是我的步骤:

1、安装mpd(都说mpd对windows支持最好),很简单

cd /usr/local/ports/net/mpd/

make all install clean

2、配置/usr/local/etc/mpd/mpd.conf

default:

load vpn

vpn:

load client1

#load client2

client1:

new -i ng0 pptp1 pptp1

set ipcp ranges x.x.x.x/32 y.y.y.y1/32

load pptp_def

client2:

new -i ng1 pptp2 pptp2

set ipcp ranges x.x.x.x/32 y.y.y.y2/32

load pptp_def

pptp_def:

set iface disable on-demand

set iface enable proxy-arp

set iface idle 1800

set bundle enable multilink

set link yes acfcomp protocomp

set link no pap chap

set link enable chap

set link keep-alive 10 60

set link mtu 1460

set ipcp yes vjcomp

set ipcp dns x.x.x.y

set bundle enable compression

set ccp yes mppc

set ccp yes mpp-e40

set ccp yes mpp-e128

set ccp yes mpp-stateless

open

3、配置/usr/local/etc/mpd/mpd.links

pptp1:

set link type pptp

set pptp self 对外提供vpn服务的ip

set pptp enable incoming

set pptp disable originate

pptp2:

set link type pptp

set pptp self 对外提供vpn服务的ip

set pptp enable incoming

set pptp disable originate

4、编写启动脚本/usr/local/etc/rc.d/mpd.sh

case $1 in

start)

[ -x /usr/local/sbin/mpd ] &&

[ -f "/usr/local/etc/mpd/mpd.conf" ] &&

/usr/local/sbin/mpd -b &&

echo -n ' mpd'

;;

stop)

killall mpd && echo -n ' mpd'

;;

*)

echo "Usage: `basename $0` {start|stop}"

5、编辑用户/口令文件 /usr/local/etc/mpd/mpd/secret 很简单,照着例子作

好了,现在要做的事做完了。在winxp上创建一个vpn连接,ok,搞定。嘿嘿,还有2个非常重要的点,第一个要将freebsd服务器设置成路由模式也就是说在/etc/rc.conf中gateway_enable="YES" 要加上(网上找的资料都没说着点,完全凭经验),否则不能通过vpn服务器访问内网的其他主机。第二,winxp的防火墙要关掉,为什么不知道,总之不关,就会出现间歇性大量掉包

#pkg_add -rv mpd

#sh mpd_setup.sh config ##修改几个选项 什么用户名了,分配的IP地址了。。

#cat mpd_setup.sh

#!/bin/sh

#

# mpd VPN install script

# Compile by iceblood(Liu Hongguang)

# E-mail:iceblood@163.com

# Website:http://www.nettf.net/

#

PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin

TIME=`date '+%Y/%m/%d %H:%M'`

case $1 in

install)

which mpd

if [ "$?" = "0" ]; then

echo "mpd already install."

exit 0

fi

if [ -d /usr/ports/net/mpd ]; then

cd /usr/ports/net/mpd

make clean

if [ "$?" = "1" ]; then

echo "Sorry! mpd install error!!"

exit 1

fi

make install

if [ "$?" = "1" ]; then

echo "Sorry! mpd install error!!"

exit 1

fi

make clean

echo "mpd software install done."

exit 0

fi

echo "Sorry,not ports /usr/ports/net/mpd"

echo "Please use cvsup get ports list."

exit 1

;;

config)

read -p "Please input mpd config patch:[/usr/local/etc/mpd] " MPDPATH

if [ "$MPDPATH" = "" ]; then

MPDPATH=/usr/local/etc/mpd

fi

read -p "Please input VPN max ports(default 5):[1~253] " CLIENT

if [ "$CLIENT" = "" ] || [ "$CLIENT" -lt 1 ] || [ "$CLIENT" -ge 254 ]; then

CLIENT=5

fi

read -p "Please input VPN server IP:[172.168.1.1] " VPNIP

if [ "$VPNIP" = "" ]; then

VPNIP=172.168.1.1

fi

VPNIPA=`echo $VPNIP | awk -F. '{print $1}'`

VPNIPB=`echo $VPNIP | awk -F. '{print $2}'`

VPNIPC=`echo $VPNIP | awk -F. '{print $3}'`

VPNIPD=`echo $VPNIP | awk -F. '{print $4}'`

if [ "$VPNIPA" -ge 255 ] || [ "$VPNIPA" -lt 0 ] || [ "$VPNIPB" -ge 255 ] || [ "$VPNIPB" -lt 0 ] || [ "$VPNIPC" -ge 255 ] || [ "$VPNIPC" -lt 0 ] || [ "$VPNIPD" -ge 255 ] || [ "$VPNIPD" -lt 0 ] ; then

echo "Sorry!!VPN server IP error!!!"

exit 1

fi

cat << MPDCONFIG > $MPDPATH/mpd.conf

# Create by iceblood mpd_setup.sh scripts

# by $TIME

# Script compile by iceblood

# E-mail:iceblood@163.com

# Website:http://www.nettf.net/

MPDCONFIG

echo "default:" >> $MPDPATH/mpd.conf

echo " load pptp" >> $MPDPATH/mpd.conf

echo "pptp:" >> $MPDPATH/mpd.conf

NUM=0

while [ "$NUM" -lt "$CLIENT" ]; do

echo " load pptp$NUM" >> $MPDPATH/mpd.conf

NUM=`expr $NUM + 1`

done

NUM=0

CLIENTIPD=0

while [ "$NUM" -lt "$CLIENT" ]; do

CLIENTIPD=`expr $CLIENTIPD + 1`

if [ "$CLIENTIPD" != "$VPNIPD" ]; then

echo "pptp$NUM:" >> $MPDPATH/mpd.conf

echo " new -i ng$NUM pptp$NUM pptp$NUM" >> $MPDPATH/mpd.conf

echo " set ipcp ranges $VPNIPA.$VPNIPB.$VPNIPC.$VPNIPD/32 $VPNIPA.$VPNIPB.$VPNIPC.$CLIENTIPD/32" >> $MPDPATH/mpd.conf

echo " load pptp_config" >> $MPDPATH/mpd.conf

NUM=`expr $NUM + 1`

fi

done

read -p "Please input idle time at disconnect:[0] " IDLE

if [ "$IDLE" = "" ] || [ "$IDLE" -lt 0 ] || [ "$IDLE" -gt 86400 ]; then

IDLE=0

fi

read -p "Please input client DNS ipaddress:[127.0.0.1] " DNSIP

if [ "$DNSIP" = "" ]; then

DNSIP=127.0.0.1

fi

cat << MPDCONFIG >> $MPDPATH/mpd.conf

pptp_config:

set iface disable on-demand

set iface enable proxy-arp

set bundle enable compression

set bundle yes crypt-reqd

set iface idle $IDLE

set iface enable tcpmssfix

set bundle enable multilink

set link yes acfcomp protocomp

set link no pap chap

set link enable chap-msv2

set link keep-alive 10 60

set link mtu 1460

set ipcp yes vjcomp

set ipcp dns $DNSIP

set ccp yes mppc

set ccp yes mpp-e40

set ccp yes mpp-e128

set ccp yes mpp-stateless

MPDCONFIG

cat << MPDLINKS > $MPDPATH/mpd.links

# Create by iceblood mpd_setup.sh scripts

# by $TIME

# Script compile by iceblood

# E-mail:iceblood@163.com

MPDLINKS

NUM=0

while [ "$NUM" -lt "$CLIENT" ]; do

cat << MPDLINKS >> $MPDPATH/mpd.links

pptp$NUM:

set link type pptp

set pptp self 0.0.0.0

set pptp enable incoming

set pptp disable originate

MPDLINKS

NUM=`expr $NUM + 1`

done

read -p "Please VPN client username:[test] " VPNUSER

read -p "Please VPN client password:[password] " VPNPASS

if [ "$VPNUSER" = "" ]; then

VPNUSER=test

fi

if [ "$VPNPASS" = "" ]; then

VPNPASS=password

fi

echo "$VPNUSER $VPNPASS" > $MPDPATH/mpd.secret

chmod 600 $MPDPATH/mpd.secret

cat << DONE

MPD configure file set done.

Please check you kernel has:

#PPTP server set

options NETGRAPH

options NETGRAPH_PPTPGRE

options NETGRAPH_SOCKET

options NETGRAPH_KSOCKET

options NETGRAPH_IFACE

options NETGRAPH_PPP

options NETGRAPH_BPF

options NETGRAPH_VJC

options NETGRAPH_MPPC_ENCRYPTION

and start mpd service.

Please edit "$MPDPATH/mpd.secret" file, add or delete vpn client user.

DONE

;;

*)

cat << HELP

$0 {install|config}

install Install mpd package.

config Configure mpd vpn.

Script compile by iceblood

iceblood@163.com

HELP

;;

esac

exit 0

推荐文章
猜你喜欢
附近的人在看
推荐阅读
拓展阅读
相关阅读
网友关注
最新Unix/BSD学习
热门Unix/BSD学习
操作系统子分类