Script til SSH tuneller

Ssh should be configured to log in with keyfiles(not password)

And then this script will do the trick, should explain itself.

-----


#!/bin/sh
SERVER_HOSTNAME=geekhosting.dk
SERVER_USERNAME=root
SERVER_IFIPADDR=10.20.1.1
CLIENT_IFIPADDR=10.20.1.2
MYSUBNET=10.1.0.0/16
LOCAL_SSH_OPTS="-P"

PATH=/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin/X11/:

PPPD=/usr/sbin/pppd
SSH=/usr/bin/ssh
ROUTE=/sbin/route
if ! test -f $PPPD  ; then echo "can't find $PPPD";  exit 3; fi
if ! test -f $SSH   ; then echo "can't find $SSH";   exit 4; fi


case "$1" in
  start)
    # echo -n "Starting vpn to $SERVER_HOSTNAME: "
    ${PPPD} updetach noauth passive pty "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o Ba
tchmode=yes sudo ${PPPD} nodetach notty noauth" ipparam vpn ${CLIENT_IFIPADDR}:${SERVER_IFIPADDR}
    # echo "connected."
     ${ROUTE} add -net 10.0.0.0/8 gw ${CLIENT_IFIPADDR}
     ssh ${SERVER_HOSTNAME} route add -net ${MYSUBNET} gw ${SERVER_IFIPADDR}
        ;;
  stop)
        # echo -n "Stopping vpn to $SERVER_HOSTNAME: "
        PID=`ps ax | grep "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o" | grep -v ' pas
sive ' | grep -v 'grep ' | awk '{print $1}'`
        if [ "${PID}" != "" ]; then
          kill $PID
          echo "disconnected."
        else
          echo "Failed to find PID for the connection"
        fi
    ;;

  config)
    echo "SERVER_HOSTNAME=$SERVER_HOSTNAME"
    echo "SERVER_USERNAME=$SERVER_USERNAME"
    echo "SERVER_IFIPADDR=$SERVER_IFIPADDR"
    echo "CLIENT_IFIPADDR=$CLIENT_IFIPADDR"
  ;;

  *)
    echo "Usage: vpn {start|stop|config}"
    exit 1
    ;;
esac

exit 0
Dette indlæg blev udgivet i Knowledge Base, SSH. Bogmærk permalinket.

Skriv et svar