feat: support static ip for clients
This commit is contained in:
reuixiy
parent
927e0ca7e3
commit
5bc44d5693
4 changed files with 34 additions and 19 deletions
|
|
@ -58,9 +58,9 @@ wget -O add_vpn_user.sh https://bit.ly/addvpnuser
|
|||
```bash
|
||||
# 所有变量值必须用 '单引号' 括起来
|
||||
# *不要* 在值中使用这些字符: \ " '
|
||||
sudo sh add_vpn_user.sh '要添加的用户名' '密码'
|
||||
sudo sh add_vpn_user.sh '要添加的用户名' '密码' 'IP'
|
||||
# 或者
|
||||
sudo sh add_vpn_user.sh '要更新的用户名' '新密码'
|
||||
sudo sh add_vpn_user.sh '要更新的用户名' '新密码' 'IP'
|
||||
```
|
||||
|
||||
### 删除一个 VPN 用户
|
||||
|
|
@ -95,7 +95,7 @@ wget -O update_vpn_users.sh https://bit.ly/updatevpnusers
|
|||
|
||||
```bash
|
||||
nano -w update_vpn_users.sh
|
||||
[替换为你自己的值: YOUR_USERNAMES 和 YOUR_PASSWORDS]
|
||||
[替换为你自己的值: YOUR_USERNAMES、YOUR_PASSWORDS 和 YOUR_IP_ADDRESSES]
|
||||
sudo sh update_vpn_users.sh
|
||||
```
|
||||
|
||||
|
|
@ -108,6 +108,7 @@ sudo sh update_vpn_users.sh
|
|||
sudo \
|
||||
VPN_USERS='用户名1 用户名2 ...' \
|
||||
VPN_PASSWORDS='密码1 密码2 ...' \
|
||||
VPN_IP_ADDRESSES='IP1 IP2 ...' \
|
||||
sh update_vpn_users.sh
|
||||
```
|
||||
|
||||
|
|
|
|||
|
|
@ -58,9 +58,9 @@ wget -O add_vpn_user.sh https://bit.ly/addvpnuser
|
|||
```bash
|
||||
# All values MUST be placed inside 'single quotes'
|
||||
# DO NOT use these special characters within values: \ " '
|
||||
sudo sh add_vpn_user.sh 'username_to_add' 'password'
|
||||
sudo sh add_vpn_user.sh 'username_to_add' 'password' 'ip_address'
|
||||
# OR
|
||||
sudo sh add_vpn_user.sh 'username_to_update' 'new_password'
|
||||
sudo sh add_vpn_user.sh 'username_to_update' 'new_password' 'ip_address'
|
||||
```
|
||||
|
||||
### Delete a VPN user
|
||||
|
|
@ -95,7 +95,7 @@ To use this script, choose one of the following options:
|
|||
|
||||
```bash
|
||||
nano -w update_vpn_users.sh
|
||||
[Replace with your own values: YOUR_USERNAMES and YOUR_PASSWORDS]
|
||||
[Replace with your own values: YOUR_USERNAMES, YOUR_PASSWORDS and YOUR_IP_ADDRESSES]
|
||||
sudo sh update_vpn_users.sh
|
||||
```
|
||||
|
||||
|
|
@ -108,6 +108,7 @@ sudo sh update_vpn_users.sh
|
|||
sudo \
|
||||
VPN_USERS='username1 username2 ...' \
|
||||
VPN_PASSWORDS='password1 password2 ...' \
|
||||
VPN_IP_ADDRESSES='ip1 ip2 ...' \
|
||||
sh update_vpn_users.sh
|
||||
```
|
||||
|
||||
|
|
|
|||
12
extras/add_vpn_user.sh
Normal file → Executable file
12
extras/add_vpn_user.sh
Normal file → Executable file
|
|
@ -41,19 +41,20 @@ fi
|
|||
|
||||
VPN_USER=$1
|
||||
VPN_PASSWORD=$2
|
||||
VPN_IP_ADDRESS=$3
|
||||
|
||||
if [ -z "$VPN_USER" ] || [ -z "$VPN_PASSWORD" ]; then
|
||||
if [ -z "$VPN_USER" ] || [ -z "$VPN_PASSWORD" ] || [ -z "$VPN_IP_ADDRESS" ]; then
|
||||
cat 1>&2 <<EOF
|
||||
Usage: sudo sh $0 'username_to_add' 'password_to_add'
|
||||
Usage: sudo sh $0 'username_to_add' 'password_to_add' 'ip_address_to_add'
|
||||
EOF
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if printf '%s' "$VPN_USER $VPN_PASSWORD" | LC_ALL=C grep -q '[^ -~]\+'; then
|
||||
if printf '%s' "$VPN_USER $VPN_PASSWORD $VPN_IP_ADDRESS" | LC_ALL=C grep -q '[^ -~]\+'; then
|
||||
exiterr "VPN credentials must not contain non-ASCII characters."
|
||||
fi
|
||||
|
||||
case "$VPN_USER $VPN_PASSWORD" in
|
||||
case "$VPN_USER $VPN_PASSWORD $VPN_IP_ADDRESS" in
|
||||
*[\\\"\']*)
|
||||
exiterr "VPN credentials must not contain these special characters: \\ \" '"
|
||||
;;
|
||||
|
|
@ -77,6 +78,7 @@ VPN user to add or update:
|
|||
|
||||
Username: $VPN_USER
|
||||
Password: $VPN_PASSWORD
|
||||
IP address: $VPN_IP_ADDRESS
|
||||
|
||||
Write these down. You'll need them to connect!
|
||||
|
||||
|
|
@ -105,7 +107,7 @@ conf_bk "/etc/ipsec.d/passwd"
|
|||
# Add or update VPN user
|
||||
sed -i "/^\"$VPN_USER\" /d" /etc/ppp/chap-secrets
|
||||
cat >> /etc/ppp/chap-secrets <<EOF
|
||||
"$VPN_USER" l2tpd "$VPN_PASSWORD" *
|
||||
"$VPN_USER" l2tpd "$VPN_PASSWORD" "$VPN_IP_ADDRESS"
|
||||
EOF
|
||||
|
||||
# shellcheck disable=SC2016
|
||||
|
|
|
|||
27
extras/update_vpn_users.sh
Normal file → Executable file
27
extras/update_vpn_users.sh
Normal file → Executable file
|
|
@ -19,10 +19,12 @@
|
|||
|
||||
YOUR_USERNAMES=''
|
||||
YOUR_PASSWORDS=''
|
||||
YOUR_IP_ADDRESSES=''
|
||||
|
||||
# Example:
|
||||
# YOUR_USERNAMES='username1 username2'
|
||||
# YOUR_PASSWORDS='password1 password2'
|
||||
# YOUR_IP_ADDRESSES='ip1 ip2'
|
||||
|
||||
# =====================================================
|
||||
|
||||
|
|
@ -60,8 +62,9 @@ fi
|
|||
|
||||
[ -n "$YOUR_USERNAMES" ] && VPN_USERS="$YOUR_USERNAMES"
|
||||
[ -n "$YOUR_PASSWORDS" ] && VPN_PASSWORDS="$YOUR_PASSWORDS"
|
||||
[ -n "$YOUR_IP_ADDRESSES" ] && VPN_IP_ADDRESSES="$YOUR_IP_ADDRESSES"
|
||||
|
||||
if [ -z "$VPN_USERS" ] || [ -z "$VPN_PASSWORDS" ]; then
|
||||
if [ -z "$VPN_USERS" ] || [ -z "$VPN_PASSWORDS" ] || [ -z "$VPN_IP_ADDRESSES"]; then
|
||||
exiterr "All VPN credentials must be specified. Edit the script and re-enter them."
|
||||
fi
|
||||
|
||||
|
|
@ -71,12 +74,15 @@ VPN_USERS=$(noquotes2 "$VPN_USERS")
|
|||
VPN_PASSWORDS=$(noquotes "$VPN_PASSWORDS")
|
||||
VPN_PASSWORDS=$(onespace "$VPN_PASSWORDS")
|
||||
VPN_PASSWORDS=$(noquotes2 "$VPN_PASSWORDS")
|
||||
VPN_IP_ADDRESSES=$(noquotes "$VPN_IP_ADDRESSES")
|
||||
VPN_IP_ADDRESSES=$(onespace "$VPN_IP_ADDRESSES")
|
||||
VPN_IP_ADDRESSES=$(noquotes2 "$VPN_IP_ADDRESSES")
|
||||
|
||||
if printf '%s' "$VPN_USERS $VPN_PASSWORDS" | LC_ALL=C grep -q '[^ -~]\+'; then
|
||||
if printf '%s' "$VPN_USERS $VPN_PASSWORDS $VPN_IP_ADDRESSES" | LC_ALL=C grep -q '[^ -~]\+'; then
|
||||
exiterr "VPN credentials must not contain non-ASCII characters."
|
||||
fi
|
||||
|
||||
case "$VPN_USERS $VPN_PASSWORDS" in
|
||||
case "$VPN_USERS $VPN_PASSWORDS $VPN_IP_ADDRESSES" in
|
||||
*[\\\"\']*)
|
||||
exiterr "VPN credentials must not contain these special characters: \\ \" '"
|
||||
;;
|
||||
|
|
@ -99,20 +105,22 @@ WARNING: ALL existing VPN users will be removed
|
|||
|
||||
==================================================
|
||||
|
||||
Updated list of VPN users (username | password):
|
||||
Updated list of VPN users (username | password | ip address):
|
||||
|
||||
EOF
|
||||
|
||||
count=1
|
||||
vpn_user=$(printf '%s' "$VPN_USERS" | cut -d ' ' -f 1)
|
||||
vpn_password=$(printf '%s' "$VPN_PASSWORDS" | cut -d ' ' -f 1)
|
||||
while [ -n "$vpn_user" ] && [ -n "$vpn_password" ]; do
|
||||
vpn_ip_address=$(printf '%s' "$VPN_IP_ADDRESSES" | cut -d ' ' -f 1)
|
||||
while [ -n "$vpn_user" ] && [ -n "$vpn_password" ] && [ -n "$vpn_ip_address" ]; do
|
||||
cat <<EOF
|
||||
$vpn_user | $vpn_password
|
||||
$vpn_user | $vpn_password | $vpn_ip_address
|
||||
EOF
|
||||
count=$((count+1))
|
||||
vpn_user=$(printf '%s' "$VPN_USERS" | cut -s -d ' ' -f "$count")
|
||||
vpn_password=$(printf '%s' "$VPN_PASSWORDS" | cut -s -d ' ' -f "$count")
|
||||
vpn_ip_address=$(printf '%s' "$VPN_IP_ADDRESSES" | cut -s -d ' ' -f "$count")
|
||||
done
|
||||
|
||||
cat <<'EOF'
|
||||
|
|
@ -146,10 +154,12 @@ conf_bk "/etc/ipsec.d/passwd"
|
|||
count=1
|
||||
vpn_user=$(printf '%s' "$VPN_USERS" | cut -d ' ' -f 1)
|
||||
vpn_password=$(printf '%s' "$VPN_PASSWORDS" | cut -d ' ' -f 1)
|
||||
while [ -n "$vpn_user" ] && [ -n "$vpn_password" ]; do
|
||||
vpn_ip_address=$(printf '%s' "$VPN_IP_ADDRESSES" | cut -d ' ' -f 1)
|
||||
|
||||
while [ -n "$vpn_user" ] && [ -n "$vpn_password" ] && [ -n "$vpn_ip_address" ]; do
|
||||
vpn_password_enc=$(openssl passwd -1 "$vpn_password")
|
||||
cat >> /etc/ppp/chap-secrets <<EOF
|
||||
"$vpn_user" l2tpd "$vpn_password" *
|
||||
"$vpn_user" l2tpd "$vpn_password" "$vpn_ip_address"
|
||||
EOF
|
||||
cat >> /etc/ipsec.d/passwd <<EOF
|
||||
$vpn_user:$vpn_password_enc:xauth-psk
|
||||
|
|
@ -157,6 +167,7 @@ EOF
|
|||
count=$((count+1))
|
||||
vpn_user=$(printf '%s' "$VPN_USERS" | cut -s -d ' ' -f "$count")
|
||||
vpn_password=$(printf '%s' "$VPN_PASSWORDS" | cut -s -d ' ' -f "$count")
|
||||
vpn_ip_address=$(printf '%s' "$VPN_IP_ADDRESSES" | cut -s -d ' ' -f "$count")
|
||||
done
|
||||
|
||||
# Update file attributes
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue