yuq-1s/setup-sjtu-vpn.sh

## setup-sjtu-vpn.sh
# Install dependencies
sudo apt install libcurl4-openssl-dev iptables-dev autoconf libgmp3-dev libssl-dev pkg-config

# Install StrongSwan
wget http://download.strongswan.org/strongswan-5.6.1.tar.bz2
tar xjvf strongswan-5.6.1.tar.bz2 && cd strongswan-5.6.1

# FIXME: Some of these options may be redundant, but they work on my laptop.
autoconf && ./configure \
            --prefix=/usr/local \
            --sysconfdir=/etc \
            --enable-acert \
            --enable-addrblock \
            --enable-aesni \
            --enable-chapoly \
            --enable-connmark \
            --enable-coupling \
            --enable-error-notify \
            --enable-gcm \
            --enable-integrity-test \
            --enable-lookip \
            --enable-openssl \
            --enable-curl \
            --enable-eap-identity \
            --enable-eap-mschapv2 \
            --enable-cmd \
            --disable-blowfish \
            --disable-cmac \
            --disable-des \
            --disable-dnskey \
            --disable-fast \
            --disable-ikev1 \
            --disable-md5 \
            --disable-pkcs1 \
            --disable-rc2 \
            --disable-sha1 \
            --disable-sshkey \
            --disable-xcbc
make && sudo make install

# Install certificates
sudo wget -O /etc/ipsec.d/certs/isrgrootx1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt
# sudo wget -O /etc/ipsec.d/certs/lets-encrypt-x3-cross-signed.pem https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt
sudo wget -O /etc/ipsec.d/certs/letsencryptauthorityx3.pem https://letsencrypt.org/certs/letsencryptauthorityx3.pem.txt

# Turn on VPN with the following command. You will be prompted to enter password.
# TODO: fill in "YOUR_JACCOUNT"
# TODO: remove 'stu' in --host if you are not a student
# sudo charon-cmd --host stu.vpn.sjtu.edu.cn --identity "YOUR_JACCOUNT" \
# --cert /etc/ipsec.d/certs/letsencryptauthorityx3.pem \
# --cert /etc/ipsec.d/certs/isrgrootx1.pem
	# Install dependencies
	sudo apt install libcurl4-openssl-dev iptables-dev autoconf libgmp3-dev libssl-dev pkg-config

	# Install StrongSwan
	wget http://download.strongswan.org/strongswan-5.6.1.tar.bz2
	tar xjvf strongswan-5.6.1.tar.bz2 && cd strongswan-5.6.1

	# FIXME: Some of these options may be redundant, but they work on my laptop.
	autoconf && ./configure \
	--prefix=/usr/local \
	--sysconfdir=/etc \
	--enable-acert \
	--enable-addrblock \
	--enable-aesni \
	--enable-chapoly \
	--enable-connmark \
	--enable-coupling \
	--enable-error-notify \
	--enable-gcm \
	--enable-integrity-test \
	--enable-lookip \
	--enable-openssl \
	--enable-curl \
	--enable-eap-identity \
	--enable-eap-mschapv2 \
	--enable-cmd \
	--disable-blowfish \
	--disable-cmac \
	--disable-des \
	--disable-dnskey \
	--disable-fast \
	--disable-ikev1 \
	--disable-md5 \
	--disable-pkcs1 \
	--disable-rc2 \
	--disable-sha1 \
	--disable-sshkey \
	--disable-xcbc
	make && sudo make install

	# Install certificates
	sudo wget -O /etc/ipsec.d/certs/isrgrootx1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt
	# sudo wget -O /etc/ipsec.d/certs/lets-encrypt-x3-cross-signed.pem https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt
	sudo wget -O /etc/ipsec.d/certs/letsencryptauthorityx3.pem https://letsencrypt.org/certs/letsencryptauthorityx3.pem.txt

	# Turn on VPN with the following command. You will be prompted to enter password.
	# TODO: fill in "YOUR_JACCOUNT"
	# TODO: remove 'stu' in --host if you are not a student
	# sudo charon-cmd --host stu.vpn.sjtu.edu.cn --identity "YOUR_JACCOUNT" \
	# --cert /etc/ipsec.d/certs/letsencryptauthorityx3.pem \
	# --cert /etc/ipsec.d/certs/isrgrootx1.pem