MisakaMikoto-35c5/Install-Phantun.md

## Install-Phantun.md

      
    Raw
  

              Install-Phantun.md
            
          
    Install Phantun

Install

Onekey Install: curl -fsSL https://gist.githubusercontent.com/MisakaMikoto-35c5/0e469016745fbf27480c39ae3156f280/raw/install-phantun.sh | sudo bash
Or on OpenWRT: curl -fsSL https://gist.githubusercontent.com/MisakaMikoto-35c5/0e469016745fbf27480c39ae3156f280/raw/install-phantun.sh | sh
Make sure unzip and curl is installed!!!
Usage

On systemd systems

systemctl start phantun-server@sample-config
systemctl start phantun-client@sample-config

Config files store at /etc/phantun
On OpenWRT

Please add following lines to /etc/rc.local
nohup /usr/sbin/phantun_client --local 127.114.51.4:8964 --remote 11.4.51.4:1919 --tun-local 169.254.0.0 --tun-peer 169.254.0.1 > /dev/null 2>&1 &

Note: make sure nohup is installed on your system, init.d not implemented.
Setup Phantun on servers

Use following command to create NAT rules:
firewall-cmd --permanent --zone=external --change-interface=eth0 # Make sure Internet interface in external zone
firewall-cmd --permanent --zone=internal --add-source=169.254.0.0/16 # Make sure tun-local IP address range in internal zone, firewalld will automacially create masquerade NAT rules for internal to external traffic.
firewall-cmd --permanent --zone=external --add-forward-port=port=60001:proto=tcp:toaddr=169.254.0.1:toport=60001 # Create TCP Port forward rule
firewall-cmd --reload # Reload firewall to apply rules

Setup Phantun on clients

Use following command to create NAT rules:
firewall-cmd --permanent --zone=external --change-interface=eth0 # Make sure Internet interface in external zone
firewall-cmd --permanent --zone=internal --add-source=169.254.0.0/16 # Make sure tun-local IP address range in internal zone, firewalld will automacially create masquerade NAT rules for internal to external traffic.
firewall-cmd --reload # Reload firewall to apply rules


## install-phantun.sh
#!/bin/bash

IS_OPENWRT=0
INSTALL_DIR=/usr/local/sbin

if [ -e /etc/sysupgrade.conf ]; then
  IS_OPENWRT=1
  INSTALL_DIR=/usr/sbin
fi

which unzip
if [[ $? -eq 1 ]]; then
  echo Please install unzip first.
  exit 1
fi

touch $INSTALL_DIR/test
if [[ $? -eq 1 ]]; then
  echo Please run this script as root.
  exit 1
fi
rm $INSTALL_DIR/test

cd /tmp

mkdir -p /etc/phantun

cat > /etc/phantun/sample-config.conf << EOF
--local 127.0.0.1:8964
--remote 8.9.6.4:8964
--tun-local 169.254.0.0
--tun-peer 169.254.0.1
EOF

ldd /bin/ls | grep 'musl' > /dev/null
IS_GLIBC=$?
LIBC_STR="gnu"
if [[ $IS_GLIBC -eq 0 ]]; then
  LIBC_STR="musl"
fi
ARCH=$(uname -m)

if [[ "$LIBC_STR" == "musl" && "$ARCH" == "mips" ]]; then
  ldd /bin/ls | grep 'mipsel' > /dev/null
  if [[ $? == 0 ]]; then
    ARCH="mipsel"
  fi
fi

wget -O download.zip https://github.com/dndx/phantun/releases/latest/download/phantun_$ARCH-unknown-linux-$LIBC_STR.zip
if [[ "$?" != "0" ]]; then
  echo Download failed.
  exit 1
fi

unzip download.zip
rm download.zip
mv phantun_client phantun_server $INSTALL_DIR

CONFIG_RESOLVER=$(echo '$(for i in $(cat /etc/phantun/%i.conf); do tmp="$tmp $i"; done; echo $tmp)')

if [ "$IS_OPENWRT" == "1" ]; then
# is openwrt, do nothing
exit 0
fi

cat > /etc/systemd/system/phantun-server\@.service << EOF
[Unit]
Description=Phantun Server
After=network.target

[Service]
Type=simple
AmbientCapabilities=CAP_NET_ADMIN
DynamicUser=true
ExecStart=sh -c '$INSTALL_DIR/phantun_server $CONFIG_RESOLVER'
TimeoutStopSec=5
KillMode=mixed

[Install]
WantedBy=multi-user.target
EOF

cat > /etc/systemd/system/phantun-client\@.service << EOF
[Unit]
Description=Phantun client
After=network.target

[Service]
Type=simple
AmbientCapabilities=CAP_NET_ADMIN
DynamicUser=true
ExecStart=sh -c '$INSTALL_DIR/phantun_client $CONFIG_RESOLVER'
TimeoutStopSec=5
KillMode=mixed

[Install]
WantedBy=multi-user.target
EOF
	#!/bin/bash

	IS_OPENWRT=0
	INSTALL_DIR=/usr/local/sbin

	if [ -e /etc/sysupgrade.conf ]; then
	IS_OPENWRT=1
	INSTALL_DIR=/usr/sbin
	fi

	which unzip
	if [[ $? -eq 1 ]]; then
	echo Please install unzip first.
	exit 1
	fi

	touch $INSTALL_DIR/test
	if [[ $? -eq 1 ]]; then
	echo Please run this script as root.
	exit 1
	fi
	rm $INSTALL_DIR/test

	cd /tmp

	mkdir -p /etc/phantun

	cat > /etc/phantun/sample-config.conf << EOF
	--local 127.0.0.1:8964
	--remote 8.9.6.4:8964
	--tun-local 169.254.0.0
	--tun-peer 169.254.0.1
	EOF

	ldd /bin/ls \| grep 'musl' > /dev/null
	IS_GLIBC=$?
	LIBC_STR="gnu"
	if [[ $IS_GLIBC -eq 0 ]]; then
	LIBC_STR="musl"
	fi
	ARCH=$(uname -m)

	if [[ "$LIBC_STR" == "musl" && "$ARCH" == "mips" ]]; then
	ldd /bin/ls \| grep 'mipsel' > /dev/null
	if [[ $? == 0 ]]; then
	ARCH="mipsel"
	fi
	fi

	wget -O download.zip https://github.com/dndx/phantun/releases/latest/download/phantun_$ARCH-unknown-linux-$LIBC_STR.zip
	if [[ "$?" != "0" ]]; then
	echo Download failed.
	exit 1
	fi

	unzip download.zip
	rm download.zip
	mv phantun_client phantun_server $INSTALL_DIR

	CONFIG_RESOLVER=$(echo '$(for i in $(cat /etc/phantun/%i.conf); do tmp="$tmp $i"; done; echo $tmp)')

	if [ "$IS_OPENWRT" == "1" ]; then
	# is openwrt, do nothing
	exit 0
	fi

	cat > /etc/systemd/system/phantun-server\@.service << EOF
	[Unit]
	Description=Phantun Server
	After=network.target

	[Service]
	Type=simple
	AmbientCapabilities=CAP_NET_ADMIN
	DynamicUser=true
	ExecStart=sh -c '$INSTALL_DIR/phantun_server $CONFIG_RESOLVER'
	TimeoutStopSec=5
	KillMode=mixed

	[Install]
	WantedBy=multi-user.target
	EOF

	cat > /etc/systemd/system/phantun-client\@.service << EOF
	[Unit]
	Description=Phantun client
	After=network.target

	[Service]
	Type=simple
	AmbientCapabilities=CAP_NET_ADMIN
	DynamicUser=true
	ExecStart=sh -c '$INSTALL_DIR/phantun_client $CONFIG_RESOLVER'
	TimeoutStopSec=5
	KillMode=mixed

	[Install]
	WantedBy=multi-user.target
	EOF