DD-WRT openvpn loginscript OR Openvpn gui settings?

Vår huvudtjänst.
Post Reply
bluebeacon
Posts: 1
Joined: Mon 6 February 2017, 23:43

DD-WRT openvpn loginscript OR Openvpn gui settings?

Post by bluebeacon »

Hej

Jag har en Netgear R7000 router (Firmware: DD-WRT v3.0-r31160M kongac (01/18/17)

Jag ser att flertalet andra stora vpn leverantörer har färdiga loginscript för openvpn för routrar.

Har ni på integrity det? Har någon användare gjort något?

Eller har någon openppn client gui settings for integrity?

Exempel på färdiga script se nedan
(Man sätter in rätt nycklar, certifikat, openvpn sever, username and password i filen nedan)

--------------------------------------------------------------------------------------------------------
#!/bin/sh

USERNAME="username" # Replace "username" with PureVPN username provided by PureVPN like "purevpn0s123456"
PASSWORD="password" # Replace "password" with PureVPN password provided by PureVPN

# United Kingdom
REMOTE_SERVERS="
remote xxx.purevpn.net 53 # Replace xxx.purevpn.net with desired server address. You can get the server address from .ovpn files you downloaded
"


#### DO NOT CHANGE below this line ####

CA_CRT='-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIJANysBdFD6U2oMA0GCSqGSIb3DQEBBQUAMIGRMQswCQYD
VQQGEwJISzELMAkGA1UECBMCSEsxETAPBgNVBAcTCEhvbmdLb25nMRAwDgYDVQQK
EwdQdXJlVlBOMQswCQYDVQQLEwJJVDEQMA4GA1UEAxMHUHVyZVZQTjEQMA4GA1UE
KRMHUHVyZVZQTjEfMB0GCSqGSIb3DQEJARYQbWFpbEBob3N0LmRvbWFpbjAeFw0x
NDA0MTAwNzI5NDlaFw0yNDA0MDcwNzI5NDlaMIGRMQswCQYDVQQGEwJISzELMAkG
A1UECBMCSEsxETAPBgNVBAcTCEhvbmdLb25nMRAwDgYDVQQKEwdQdXJlVlBOMQsw
CQYDVQQLEwJJVDEQMA4GA1UEAxMHUHVyZVZQTjEQMA4GA1UEKRMHUHVyZVZQTjEf
MB0GCSqGSIb3DQEJARYQbWFpbEBob3N0LmRvbWFpbjCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAJYqtUkQTlf/pHcGXuuII8S3pfI0fwFbs7l/1RP3nX3n
v1vyuvLi7h0jWsgJU0XM7LJywiRFJ8zsMLH7KZnIg7bscb50GY75WIq7C2NnWnnS
7zzyCCm2XD/2xZPym2lVRytpnWJbpemSS6Hdz7xI3q2FmixuBa1t5FeKsXfeaGGg
+ohwLvamnGHJYUYu3Nu0EWVzzy5wgT0c2C5jleGxl3kxRimD8FpnlAVdqyt0ib/f
f9XanaotSopIHUZmpYjT+udRC2+harlNKvOXYgDRl1mpimCvlzEWpZAo8dyBCxWl
xlBIT8OA8rimGi1XviknuOlWu2cGi13Ug8mCG0MjOQ0CAwEAAaOB+TCB9jAdBgNV
HQ4EFgQUt+1vJ2X2ho12PUDhdo2CsSHYXbYwgcYGA1UdIwSBvjCBu4AUt+1vJ2X2
ho12PUDhdo2CsSHYXbahgZekgZQwgZExCzAJBgNVBAYTAkhLMQswCQYDVQQIEwJI
SzERMA8GA1UEBxMISG9uZ0tvbmcxEDAOBgNVBAoTB1B1cmVWUE4xCzAJBgNVBAsT
AklUMRAwDgYDVQQDEwdQdXJlVlBOMRAwDgYDVQQpEwdQdXJlVlBOMR8wHQYJKoZI
hvcNAQkBFhBtYWlsQGhvc3QuZG9tYWluggkA3KwF0UPpTagwDAYDVR0TBAUwAwEB
/zANBgkqhkiG9w0BAQUFAAOCAQEAAhLQQmkKWJdyGqgMSKOWXSKN2WXTDjIdb9bK
Q8uHeq0LYCcPoRh8VYJg2X4UWR/KO9pKaG+iZJw4Jqz4GQJjjJLKHfsWwj790ay0
7U5KT08qmxFaxZUYn663H9b0+Zud1spTsTJjVe1eoRk6IDbbB4OMUzN9zyWEn6er
xi6llIAjQX1qtlBQasmTAbRtbSsCsZAxL2kXysULIdLrQP0iTgMQqqkv5zvpdEKN
3ciKCd8OHEhHOlAwA0/DNy3dg3Et0F2hNMDJhqMpxXsbKtGJ/rzGXQF2geEVzLZA
o42I1wBOSZLTX1fO1gl3gAGS9aYg5o31rrpBKzQewitJgIuc+Q==
-----END CERTIFICATE-----'

AUTH_KEY='-----BEGIN OpenVPN Static key V1-----
e30af995f56d07426d9ba1f824730521
d4283db4b4d0cdda9c6e8759a3799dcb
7939b6a5989160c9660de0f6125cbb1f
585b41c074b2fe88ecfcf17eab9a33be
1352379cdf74952b588fb161a93e13df
9135b2b29038231e02d657a6225705e6
868ccb0c384ed11614690a1894bfbeb2
74cebf1fe9c2329bdd5c8a40fe882062
4d2ea7540cd79ab76892db51fc371a3a
c5fc9573afecb3fffe3281e61d72e915
79d9b03d8cbf7909b3aebf4d90850321
ee6b7d0a7846d15c27d8290e031e951e
19438a4654663cad975e138f5bc5af89
c737ad822f27e19057731f41e1e254cc
9c95b7175c622422cde9f1f2cfd3510a
dd94498b4d7133d3729dd214a16b27fb
-----END OpenVPN Static key V1-----'

OPVPNENABLE=`nvram get openvpncl_enable | awk '$1 == "0" {print $1}'`

if [ "$OPVPNENABLE" != 0 ]
then
nvram set openvpncl_enable=0
nvram commit
fi

sleep 30
mkdir /tmp/purevpncl; cd /tmp/purevpncl
echo -e "$USERNAME\n$PASSWORD" > userpass.conf
echo "$CA_CRT" > ca.crt; echo "$AUTH_KEY" > auth.key
echo "#!/bin/sh" > route-up.sh; echo -e "#!/bin/sh\nsleep 2" > route-down.sh
echo "#!/bin/sh
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I INPUT -i tun0 -j REJECT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE" > /tmp/.rc_firewall
chmod 644 ca.crt; chmod 600 auth.key userpass.conf; chmod 700 route-up.sh route-down.sh
chmod 700 /tmp/.rc_firewall
sleep 30
echo "client
dev tun
proto udp
script-security 2
hand-window 60
verb 3
mute 5
mtu-disc yes
cipher aes-256-cbc
auth sha1
comp-lzo adaptive
tun-mtu 1500
resolv-retry infinite
nobind
persist-key
persist-tun
keepalive 20 120
reneg-sec 0
log purevpn.log
ca ca.crt
tls-auth auth.key 1
daemon
auth-user-pass userpass.conf
remote-random
$REMOTE_SERVERS" > openvpn.conf
ln -s /tmp/purevpncl/purevpn.log /tmp/purevpn.log
/tmp/.rc_firewall
(killall openvpn; openvpn --config /tmp/purevpncl/openvpn.conf --route-up /tmp/purevpncl/route-up.sh --down-pre /tmp/purevpncl/route-down.sh) &

exit 0
Payerl
Posts: 44
Joined: Wed 8 February 2017, 07:16

Re: DD-WRT openvpn loginscript OR Openvpn gui settings?

Post by Payerl »

Jag har aldrig gjort en setup på DD-WRT (funderade på det ett tag dock) men om det skriptet som du postat är korrekt så är det inte omöjligt att det funkar om du byter ut användarnamn, lösenord, vpn-server samt certifikat.. Vågar definitift inte lova nåt dock! Kan inte hjälpa till vid eventuella problem heller tyvärr!
Lycka till!
surfvpn
Posts: 1
Joined: Wed 8 February 2017, 08:32

Re: DD-WRT openvpn loginscript OR Openvpn gui settings?

Post by surfvpn »

Jag har ersatt detaljer i scriptet ovan med uppgifter från integritys openvpn-script. Det här är inte testat så kan innehålla misstag:

#!/bin/sh

USERNAME="username" # Replace "username" with your username
PASSWORD="password" # Replace "password" with your password

# 5july Integrity VPN
REMOTE_SERVERS="
remote openvpn.integrity.st 1196
"


#### DO NOT CHANGE below this line ####

CA_CRT='-----BEGIN CERTIFICATE-----
MIID4DCCA0mgAwIBAgIJAJlUl4Z9XWR6MA0GCSqGSIb3DQEBBQUAMIGnMQswCQYD
VQQGEwJTRTEKMAgGA1UECBMBUzESMBAGA1UEBxMJU3RvY2tob2xtMRIwEAYDVQQK
Ewk1anVseS5vcmcxFTATBgNVBAsTDGludGVncml0eXZwbjESMBAGA1UEAxMJaW50
ZWdyaXR5MRYwFAYDVQQpEw1pbnRlZ3JpdHkgdnBuMSEwHwYJKoZIhvcNAQkBFhJh
ZG1pbkBpbnRlZ3JpdHkuc3QwHhcNMTQwNDExMTM1NjE2WhcNMjQwNDA4MTM1NjE2
WjCBpzELMAkGA1UEBhMCU0UxCjAIBgNVBAgTAVMxEjAQBgNVBAcTCVN0b2NraG9s
bTESMBAGA1UEChMJNWp1bHkub3JnMRUwEwYDVQQLEwxpbnRlZ3JpdHl2cG4xEjAQ
BgNVBAMTCWludGVncml0eTEWMBQGA1UEKRMNaW50ZWdyaXR5IHZwbjEhMB8GCSqG
SIb3DQEJARYSYWRtaW5AaW50ZWdyaXR5LnN0MIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQDVM1E3u+7iZAWt7hLNZhZuo5k/BhCwD2ND++AVSkfAgveUCyMsVc5D
ntitIoLZaO7NIXdUx3+APPp/AXcqEj9zFnU7mmDkYWniMTecGSYpOTKD5/320g29
AvgxoOmh7gWRPpUaS98v6M4aNf99W1Z1E46jrP986cZE2HYhi7YHawIDAQABo4IB
EDCCAQwwHQYDVR0OBBYEFHyq0b9HqG7otxiC2J7Nr+CndXw4MIHcBgNVHSMEgdQw
gdGAFHyq0b9HqG7otxiC2J7Nr+CndXw4oYGtpIGqMIGnMQswCQYDVQQGEwJTRTEK
MAgGA1UECBMBUzESMBAGA1UEBxMJU3RvY2tob2xtMRIwEAYDVQQKEwk1anVseS5v
cmcxFTATBgNVBAsTDGludGVncml0eXZwbjESMBAGA1UEAxMJaW50ZWdyaXR5MRYw
FAYDVQQpEw1pbnRlZ3JpdHkgdnBuMSEwHwYJKoZIhvcNAQkBFhJhZG1pbkBpbnRl
Z3JpdHkuc3SCCQCZVJeGfV1kejAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA
A4GBAJewl9yrQnDLBUhdxDQIVEs6EogLgb0rDUOKNbMEiYZIGW3nm0LfVFJQzpLE
QFJ33n5Xbo7PW8hXIHPiKKI0IbdoCsmLBS8mbTVrYQ7R+QfuGvHwSFb7q4YIw3xk
1ZKJR+AWPBR5myBhnPnjW61d2s9pdWTCkB08KpU+RwHnmwnW
-----END CERTIFICATE-----'

AUTH_KEY='-----BEGIN OpenVPN Static key V1-----
a1c745bedd3367edb3ed931b3f8600e1
26d770a602f99118b5a8683f53d92d83
e6566dcdba050d8ca9c828521d43f225
8047f421c05cccb4a7eb08c4d8316558
3775deb99ba4d7b1883bf2a7c6006809
cb39b609254a5a8c8824aa598212fb14
06a20046817aa7082d73b7b24f449658
1e9285eeb4a77387c38af7295c367997
1637f33736d8c34debddadaeeaa9e77e
11b33c81c4f67dbf43fae317913130b6
049273770541ba0e2f09bd47716d1860
e091ae7280f951cd74590ef47168763b
767e7d76cb99056c0b69ff388c7686b9
5072360300330428cf1126beab0d3968
5c75010fbe398988b53a064f813cddea
8c77651454076f587650e5488eb583f6
-----END OpenVPN Static key V1-----'

OPVPNENABLE=`nvram get openvpncl_enable | awk '$1 == "0" {print $1}'`

if [ "$OPVPNENABLE" != 0 ]
then
nvram set openvpncl_enable=0
nvram commit
fi

sleep 30
mkdir /tmp/vpncl; cd /tmp/vpncl
echo -e "$USERNAME\n$PASSWORD" > userpass.conf
echo "$CA_CRT" > ca.crt; echo "$AUTH_KEY" > auth.key
echo "#!/bin/sh" > route-up.sh; echo -e "#!/bin/sh\nsleep 2" > route-down.sh
echo "#!/bin/sh
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I INPUT -i tun0 -j REJECT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE" > /tmp/.rc_firewall
chmod 644 ca.crt; chmod 600 auth.key userpass.conf; chmod 700 route-up.sh route-down.sh
chmod 700 /tmp/.rc_firewall
sleep 30
echo "client
dev tun
proto udp
script-security 2
verb 3
mute 5
#mtu-disc yes
cipher aes-256-cbc
comp-lzo
resolv-retry infinite
nobind
persist-key
persist-tun
reneg-sec 0
log vpn.log
ca ca.crt
tls-auth auth.key 1
daemon
auth-user-pass userpass.conf
remote-random
$REMOTE_SERVERS" > openvpn.conf
ln -s /tmp/vpncl/vpn.log /tmp/vpn.log
/tmp/.rc_firewall
(killall openvpn; openvpn --config /tmp/vpncl/openvpn.conf --route-up /tmp/vpncl/route-up.sh --down-pre /tmp/vpncl/route-down.sh) &

exit 0
CraXyOW3
Posts: 2
Joined: Fri 17 March 2017, 23:32

Re: DD-WRT openvpn loginscript OR Openvpn gui settings?

Post by CraXyOW3 »

Nu vet jag inte hur det ser ut på DD-WRT, men på min LEDE ( avstickare från OpenWRT ) använder jag för enkelhetens skull en ovpn fil (konfig fil)

Code: Select all

client
dev tun
proto udp

remote openvpn.integrity.st 1196
remote openvpn2.integrity.st 1196
remote openvpn3.integrity.st 1196
remote openvpn4.integrity.st 1196

remote-random
resolv-retry infinite
reneg-sec 0
nobind
persist-key
persist-tun
ca ca.crt
ns-cert-type server
tls-auth tls.key 1
comp-lzo
verb 3
mute 10
auth-user-pass
explicit-exit-notify 2
cipher aes-256-cbc
Filerna med nycklarna finns att ladda hem på integritys support sida. Jag använde mig av denna -> https://integrity.st/download/Integrity_OpenVPN_v3.zip

I LEDE kan man ställa in motsvarande i GUI och ladda upp certifikatet och nycklen, medföljande ovpn fil visar det jag har skrivit ovan.

Sedan med OpenVPN så kan man använda sig av up och down funktionerna med, googla det.
Post Reply