OneOfOne/vpn-ssh.sh

## vpn-ssh.sh
#!/bin/sh

if [[ $UID != 0 ]]; then
	exec sudo $0 $@
	exit $?
fi

USER=your-user-name
NAME=dev-name
SSHARGS="-C hostname" # remote host name, passed to ssh
REMOTEIP=111.111.111.111 #the ip of the remote host


IFACE=vpn0
OIFACE=eth0 # external interface

SOCK=/tmp/.ssh-sock-$TUN

if ip addr show wlan0 2>&1| grep -q 192.168.1.77; then
	OIFACE=wlan0
fi

NSCMD="ip netns exec $NAME"

function start() {
	check && return

	ip netns add $NAME
	$NSCMD ip addr add 127.0.0.1/8 dev lo
	$NSCMD ip link set lo up

	ip link add $IFACE type veth peer name vpn1
	ip link set $IFACE up
	ip link set vpn1 netns $NAME up
	ip addr add 10.90.0.1/24 dev $IFACE
	ip -6 addr add ::10.90.0.1/128 dev $IFACE
	$NSCMD ip addr add 10.90.0.6/24 dev vpn1
	$NSCMD ip route add $REMOTEIP via 10.90.0.1 dev vpn1

	iptables -t nat -A POSTROUTING -o $OIFACE -j MASQUERADE

	sysctl net.ipv4.conf.all.forwarding=1 &>/dev/null
	sysctl net.ipv6.conf.all.forwarding=1  &>/dev/null

	$NSCMD pppd debug updetach noauth noccp passive mtu 1280 mru 1280 pty \
		"sudo -u $USER ssh $SSHARGS /usr/sbin/pppd nodetach notty noauth noccp ms-dns 8.8.8.8" \
		ipparam vpn 10.80.0.1:10.80.0.2 # ipv6 ::10.80.0.1,::10.80.0.2

	$NSCMD ip addr add ::10.80.0.1 peer ::10.80.0.2 dev ppp0
	$NSCMD ip route add default dev ppp0
	$NSCMD ip -6 route add default dev ppp0
	sudo -u $USER ssh $SSHARGS ip a add ::10.80.0.2 peer ::10.80.0.1 dev ppp0
}

function stop() {
	sudo killall socat &>/dev/null
	$NSCMD killall pppd &>/dev/null
	ip link del $IFACE type veth peer name vpn1
	ip netns del $NAME
	iptables -t nat -D POSTROUTING -o $OIFACE -j MASQUERADE
}

function check()  {
	$NSCMD ip a 2>/dev/null | grep -q ppp
}

function run() {
	check || start
	shift
	exec $NSCMD sudo -u $USER env $(env | grep DBUS) "$@"
}

case "$1" in
	status)
		$NSCMD ip a ;;
	run)
		run "$@" ;;
	start)
		start ;;
	stop)
		stop ;;
	restart)
		stop &>/dev/null; start ;;
	*)
		echo "Syntax: $0 start|stop|status|run"
		exit 1
		;;
esac
	#!/bin/sh

	if [[ $UID != 0 ]]; then
	exec sudo $0 $@
	exit $?
	fi

	USER=your-user-name
	NAME=dev-name
	SSHARGS="-C hostname" # remote host name, passed to ssh
	REMOTEIP=111.111.111.111 #the ip of the remote host


	IFACE=vpn0
	OIFACE=eth0 # external interface

	SOCK=/tmp/.ssh-sock-$TUN

	if ip addr show wlan0 2>&1\| grep -q 192.168.1.77; then
	OIFACE=wlan0
	fi

	NSCMD="ip netns exec $NAME"

	function start() {
	check && return

	ip netns add $NAME
	$NSCMD ip addr add 127.0.0.1/8 dev lo
	$NSCMD ip link set lo up

	ip link add $IFACE type veth peer name vpn1
	ip link set $IFACE up
	ip link set vpn1 netns $NAME up
	ip addr add 10.90.0.1/24 dev $IFACE
	ip -6 addr add ::10.90.0.1/128 dev $IFACE
	$NSCMD ip addr add 10.90.0.6/24 dev vpn1
	$NSCMD ip route add $REMOTEIP via 10.90.0.1 dev vpn1

	iptables -t nat -A POSTROUTING -o $OIFACE -j MASQUERADE

	sysctl net.ipv4.conf.all.forwarding=1 &>/dev/null
	sysctl net.ipv6.conf.all.forwarding=1 &>/dev/null

	$NSCMD pppd debug updetach noauth noccp passive mtu 1280 mru 1280 pty \
	"sudo -u $USER ssh $SSHARGS /usr/sbin/pppd nodetach notty noauth noccp ms-dns 8.8.8.8" \
	ipparam vpn 10.80.0.1:10.80.0.2 # ipv6 ::10.80.0.1,::10.80.0.2

	$NSCMD ip addr add ::10.80.0.1 peer ::10.80.0.2 dev ppp0
	$NSCMD ip route add default dev ppp0
	$NSCMD ip -6 route add default dev ppp0
	sudo -u $USER ssh $SSHARGS ip a add ::10.80.0.2 peer ::10.80.0.1 dev ppp0
	}

	function stop() {
	sudo killall socat &>/dev/null
	$NSCMD killall pppd &>/dev/null
	ip link del $IFACE type veth peer name vpn1
	ip netns del $NAME
	iptables -t nat -D POSTROUTING -o $OIFACE -j MASQUERADE
	}

	function check() {
	$NSCMD ip a 2>/dev/null \| grep -q ppp
	}

	function run() {
	check \|\| start
	shift
	exec $NSCMD sudo -u $USER env $(env \| grep DBUS) "$@"
	}

	case "$1" in
	status)
	$NSCMD ip a ;;
	run)
	run "$@" ;;
	start)
	start ;;
	stop)
	stop ;;
	restart)
	stop &>/dev/null; start ;;
	*)
	echo "Syntax: $0 start\|stop\|status\|run"
	exit 1
	;;
	esac