http://wiki.parspooyesh.com/index.php?action=history&feed=atom&title=OpenVPN
OpenVPN - تاریخچهٔ ویرایشها
2026-06-24T13:23:39Z
تاریخچهٔ ویرایشهای صفحه در ویکی
MediaWiki 1.19.0
http://wiki.parspooyesh.com/index.php?title=OpenVPN&diff=214&oldid=prev
Support: صفحهای جدید حاوی 'Category:Linux <div dir=rtl lang=en> __TOC__ </div> <div dir=ltr lang=en> * Download Openvpn & Lzo from http://dag.wieers.com/packages/ * ...' ایجاد کرد
2011-09-18T11:13:46Z
<p>صفحهای جدید حاوی '<a href="/index.php/%D8%B1%D8%AF%D9%87:Linux" title="رده:Linux">Category:Linux</a> <div dir=rtl lang=en> __TOC__ </div> <div dir=ltr lang=en> * Download Openvpn & Lzo from http://dag.wieers.com/packages/ * ...' ایجاد کرد</p>
<p><b>صفحهٔ جدید</b></p><div>[[Category:Linux]]<br />
<div dir=rtl lang=en><br />
__TOC__<br />
</div><br />
<div dir=ltr lang=en><br />
* Download Openvpn & Lzo from <br />
http://dag.wieers.com/packages/<br />
<br />
* Install this rpms<br />
<br />
* copy configuration file in /etc/openvpn/client.conf<br />
<br />
* service openvpn start<br />
<br />
==Adjusting this service with allow all ips pass from the tunnel or do not==<br />
* nano /usr/local/sbin/cache_vpn<br />
<br />
#!/bin/bash<br />
if [ "$1" = "VPN" ] ; then<br />
iptables -t mangle -A OUTPUT -p tcp --dport 80 -j MARK --set-mark 1<br />
else<br />
iptables -t mangle -D OUTPUT -p tcp --dport 80 -j MARK --set-mark 1<br />
iptables -t mangle -D OUTPUT -p tcp --dport 80 -j MARK --set-mark 1<br />
iptables -t mangle -D OUTPUT -p tcp --dport 80 -j MARK --set-mark 1<br />
iptables -t mangle -D OUTPUT -p tcp --dport 80 -j MARK --set-mark 1<br />
iptables -t mangle -D OUTPUT -p tcp --dport 80 -j MARK --set-mark 1<br />
fi<br />
<br />
* cd /usr/local/sbin<br />
* chmod a+x cache_vpn<br />
* nano /usr/local/sbin/setup_vpn_routes<br />
#!/bin/bash<br />
ip route add default via < ip of tunnel> table 11<br />
<br />
* cd /usr/local/sbin<br />
* chmod a+x setup_vpn_routes<br />
* add this lines in client.conf<br />
up-delay<br />
up "/usr/local/sbin/setup_vpn_routes"<br />
<br />
<br />
* add this lines in /etc/rc.local<br />
ip rule add fwmark 1 table 11<br />
ip route flush cache<br />
<br />
<br />
* nano /var/www/html/openvpn/index.html<br />
<html><br />
<body><br />
<form method=POST><br />
<input type=submit name="vpn" value="VPN"><br />
<input type=submit name="no_vpn" value="NO_VPN"><br />
<br><br />
<?php<br />
if(isset($_REQUEST["vpn"]))<br />
{<br />
run("VPN");<br />
}<br />
else if (isset($_REQUEST["no_vpn"]))<br />
{<br />
run("NO_VPN");<br />
}<br />
function run($arg)<br />
{<br />
$ret=system("sudo /usr/local/sbin/cache_vpn {$arg}");<br />
if($ret==0)<br />
print "Successfully Changed to {$arg}";<br />
else<br />
print "Error Occured";<br />
}<br />
?><br />
</body><br />
</html><br />
<br />
==Adjusting openvpn is for passing a defined ip range from tunnel==<br />
<br />
*alias an valid ip on NIC<br />
<br />
*add this lines in /etc/squid/squid.conf<br />
<br />
acl nofilter src <range of ip><br />
http_access allow nofilter <br />
tcp_outgoing_address <valid ip > nofilter<br />
<br />
*add this lines in /etc/rc.local<br />
<br />
ip rule add from <valid ip > table N(number)<br />
ip route flush cache<br />
<br />
==adjusting this service is for the time when users must set proxy to pass from tunnel==<br />
*alias an valid ip on NIC<br />
<br />
*alias an ip on NIC for proxy<br />
<br />
*add this lines in /etc/squid/squid.conf<br />
<br />
acl openvpn myip <proxy ip > <br />
tcp_outgoing_address <valid ip > openvpn<br />
<br />
*add this line in router<br />
ip route <proxy ip > 255.255.255.0 <ethenet 0><br />
</div></div>
Support