Last active
November 13, 2019 08:24
-
-
Save wwqgtxx/49f39ac8af0c585cc7f6a460a7480770 to your computer and use it in GitHub Desktop.
tunnel
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| that_ip=192.168.31.1 | |
| server_ip=10.10.16.27 | |
| my_ip=$(ip -f inet address show ens33| grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/24'| grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}') | |
| echo that_ip=$that_ip | |
| echo server_ip=$server_ip | |
| echo my_ip=$my_ip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| source /tunnel/client_config.sh | |
| echo "1"> /proc/sys/net/ipv4/ip_forward | |
| iptables -t nat -A PREROUTING -i tun100 -p tcp -m tcp --dport 1:65535 -j DNAT --to-destination $that_ip:1-65535 | |
| iptables -t nat -A PREROUTING -i tun100 -p udp -m udp --dport 1:65535 -j DNAT --to-destination $that_ip:1-65535 | |
| iptables -t nat -A POSTROUTING -o ens33 -p tcp -m tcp --dport 1:65535 -d $that_ip -j SNAT --to $my_ip | |
| iptables -t nat -A POSTROUTING -o ens33 -p udp -m udp --dport 1:65535 -d $that_ip -j SNAT --to $my_ip | |
| ping 11.22.22.1 >/dev/null 2>&1 & | |
| /tunnel/tinyvpn -c -r$server_ip:4096 --sub-net 11.22.22.0 --tun-dev tun100 --keep-reconnect --disable-fec --disable-obscure |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| source /tunnel/client_config.sh | |
| iptables -t nat -D PREROUTING -i tun100 -p tcp -m tcp --dport 1:65535 -j DNAT --to-destination $that_ip:1-65535 | |
| iptables -t nat -D PREROUTING -i tun100 -p udp -m udp --dport 1:65535 -j DNAT --to-destination $that_ip:1-65535 | |
| iptables -t nat -D POSTROUTING -o ens33 -p tcp -m tcp --dport 1:65535 -d $that_ip -j SNAT --to $my_ip | |
| iptables -t nat -D POSTROUTING -o ens33 -p udp -m udp --dport 1:65535 -d $that_ip -j SNAT --to $my_ip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| /tunnel/tinyvpn -s -l0.0.0.0:4096 --sub-net 11.22.22.0 --tun-dev tun100 --disable-fec --disable-obscure & | |
| echo "1"> /proc/sys/net/ipv4/ip_forward | |
| my_ip= | |
| that_ip= | |
| while [ -z $that_ip ]||[ -z $my_ip ];do | |
| my_ip=$(ip -f inet address show tun100| grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} '| grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}') | |
| that_ip=$(ip -f inet address show tun100| grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/32'| grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}') | |
| done | |
| iptables -t nat -A PREROUTING -i ens33 -p tcp -m tcp --dport 1:21 -j DNAT --to-destination $that_ip:1-21 | |
| iptables -t nat -A PREROUTING -i ens33 -p tcp -m tcp --dport 23:65535 -j DNAT --to-destination $that_ip:23-65535 | |
| iptables -t nat -A PREROUTING -i ens33 -p udp -m udp --dport 1:4095 -j DNAT --to-destination $that_ip:1-4095 | |
| iptables -t nat -A PREROUTING -i ens33 -p udp -m udp --dport 4097:65535 -j DNAT --to-destination $that_ip:4097-65535 | |
| iptables -t nat -A POSTROUTING -o tun100 -p tcp -m tcp --dport 1:21 -d $that_ip -j SNAT --to $my_ip | |
| iptables -t nat -A POSTROUTING -o tun100 -p tcp -m tcp --dport 23:65535 -d $that_ip -j SNAT --to $my_ip | |
| iptables -t nat -A POSTROUTING -o tun100 -p udp -m udp --dport 1:4095 -d $that_ip -j SNAT --to $my_ip | |
| iptables -t nat -A POSTROUTING -o tun100 -p udp -m udp --dport 4097:65535 -d $that_ip -j SNAT --to $my_ip | |
| echo finish add iptables rules | |
| wait |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| my_ip=$(ip -f inet address show tun100| grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} '| grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}') | |
| that_ip=$(ip -f inet address show tun100| grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/32'| grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}') | |
| if [ $that_ip ];then | |
| iptables -t nat -D PREROUTING -i ens33 -p tcp -m tcp --dport 1:21 -j DNAT --to-destination $that_ip:1-21 | |
| iptables -t nat -D PREROUTING -i ens33 -p tcp -m tcp --dport 23:65535 -j DNAT --to-destination $that_ip:23-65535 | |
| iptables -t nat -D PREROUTING -i ens33 -p udp -m udp --dport 1:4095 -j DNAT --to-destination $that_ip:1-4095 | |
| iptables -t nat -D PREROUTING -i ens33 -p udp -m udp --dport 4097:65535 -j DNAT --to-destination $that_ip:4097-65535 | |
| iptables -t nat -D POSTROUTING -o tun100 -p tcp -m tcp --dport 1:21 -d $that_ip -j SNAT --to $my_ip | |
| iptables -t nat -D POSTROUTING -o tun100 -p tcp -m tcp --dport 23:65535 -d $that_ip -j SNAT --to $my_ip | |
| iptables -t nat -D POSTROUTING -o tun100 -p udp -m udp --dport 1:4095 -d $that_ip -j SNAT --to $my_ip | |
| iptables -t nat -D POSTROUTING -o tun100 -p udp -m udp --dport 4097:65535 -d $that_ip -j SNAT --to $my_ip | |
| echo finish delete iptables rules | |
| else | |
| echo tun100 no ip | |
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=tinyvpn_c | |
| After=network-online.target | |
| Wants=network.target | |
| [Service] | |
| Type=simple | |
| LimitNOFILE=32768 | |
| ExecStartPre=/sbin/ip tuntap del tun100 mode tun | |
| ExecStartPre=/sbin/ip tuntap add tun100 mode tun | |
| ExecStartPre=/sbin/ifconfig tun100 up | |
| ExecStartPre=/bin/chmod +x /tunnel/client_start.sh | |
| ExecStartPre=/bin/chmod +x /tunnel/client_stop.sh | |
| ExecStartPre=/bin/chmod +x /tunnel/client_config.sh | |
| ExecStartPre=/bin/chmod +x /tunnel/tinyvpn | |
| ExecStart=/tunnel/client_start.sh | |
| ExecStopPost=/tunnel/client_stop.sh | |
| Restart=on-failure | |
| RestartSec=1s | |
| StartLimitBurst=0 | |
| [Install] | |
| WantedBy=multi-user.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=tinyvpn_s | |
| After=network-online.target | |
| Wants=network.target | |
| [Service] | |
| Type=simple | |
| LimitNOFILE=32768 | |
| ExecStartPre=/sbin/ip tuntap del tun100 mode tun | |
| ExecStartPre=/sbin/ip tuntap add tun100 mode tun | |
| ExecStartPre=/sbin/ifconfig tun100 up | |
| ExecStartPre=/bin/chmod +x /tunnel/server_start.sh | |
| ExecStartPre=/bin/chmod +x /tunnel/server_stop.sh | |
| ExecStartPre=/bin/chmod +x /tunnel/tinyvpn | |
| ExecStart=/tunnel/server_start.sh | |
| ExecStopPost=/tunnel/server_stop.sh | |
| Restart=on-failure | |
| RestartSec=1s | |
| StartLimitBurst=0 | |
| [Install] | |
| WantedBy=multi-user.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| systemctl stop tinyvpn_c | |
| rm tinyvpn | |
| rm client_*.sh | |
| rm tinyvpn_c.service | |
| wget http://10.10.16.42:8000/tinyvpn | |
| wget http://10.10.16.42:8000/client_start.sh | |
| wget http://10.10.16.42:8000/client_stop.sh | |
| wget http://10.10.16.42:8000/client_config.sh | |
| wget http://10.10.16.42:8000/tinyvpn_c.service | |
| cp tinyvpn_c.service /etc/systemd/system | |
| systemctl daemon-reload | |
| systemctl start tinyvpn_c | |
| systemctl status tinyvpn_c |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| systemctl stop tinyvpn_s | |
| rm tinyvpn | |
| rm server_*.sh | |
| rm tinyvpn_s.service | |
| wget http://10.10.16.42:8000/tinyvpn | |
| wget http://10.10.16.42:8000/server_start.sh | |
| wget http://10.10.16.42:8000/server_stop.sh | |
| wget http://10.10.16.42:8000/tinyvpn_s.service | |
| cp tinyvpn_s.service /etc/systemd/system | |
| systemctl daemon-reload | |
| systemctl start tinyvpn_s | |
| systemctl status tinyvpn_s |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment