Linode VPS折腾笔记-安装VPN


  • administrators

    使用yum -y update升级

    yum -y update
    升级所有包,改变软件设置和系统设置,系统版本内核都升级

    yum -y upgrade
    升级所有包,不改变软件设置和系统设置,系统版本升级,内核不改变

    升级过后安装VPN服务。

    wget --no-check-certificate https://raw.githubusercontent.com/teddysun/across/master/l2tp.sh
    chmod +x l2tp.sh
    ./l2tp.sh
    
    ServerIP:139.162.60.187
    PSK:test
    Username:testuser
    Password:testpsw
    
    If you want to modify user settings, please use command(s):
    l2tp -a (Add a user)
    l2tp -d (Delete a user)
    l2tp -l (List all users)
    l2tp -m (Modify a user password)
    
    Welcome to visit https://teddysun.com/448.html
    Enjoy it!
    
    [root@li1473-187 ~]#
    

    可以看到iptables: Setting chains to policy ACCEPT: security raw nat[FAILED]filter错误

    iptables: Setting chains to policy ACCEPT: security raw nat[FAILED]filter
    iptables: Flushing firewall rules:                         [  OK  ]
    iptables: Unloading modules:                               [  OK  ]
    iptables: Applying firewall rules:                         [  OK  ]
    Starting pluto IKE daemon for IPsec: Migrating NSS db to sql:/etc/ipsec.d
    database already upgraded.
    NSS upgrade complete
    
    [root@li1473-187 ~]# nano /etc/init.d/iptables
    
    用nano使用control+w搜索$IPTABLES -t raw -P OUTPUT
    在下面添加security代码段
                    $IPTABLES -t raw -P PREROUTING $policy \
                        && $IPTABLES -t raw -P OUTPUT $policy \
                        || let ret+=1
                    ;;
                security)
                   $IPTABLES -t filter -P INPUT $policy \
                       && $IPTABLES -t filter -P OUTPUT $policy \
                       && $IPTABLES -t filter -P FORWARD $policy \
                       || let ret+=1
                   ;;
                filter)
                    $IPTABLES -t filter -P INPUT $policy \
                        && $IPTABLES -t filter -P OUTPUT $policy \
                        && $IPTABLES -t filter -P FORWARD $policy \
    
    nano使用control+o保存,control+x退出。
    

    重启iptables

    [root@li1473-187 ~]# service iptables restart
    iptables: Setting chains to policy ACCEPT: security raw nat[ OK ]filter
    iptables: Flushing firewall rules: [ OK ]
    iptables: Unloading modules: [ OK ]
    iptables: Applying firewall rules: [ OK ]
    

    同时也可以安装PPTP的VPN

    wget http://mirrors.linuxeye.com/scripts/vpn_centos.sh
    chmod +x ./vpn_centos.sh
    ./vpn_centos.sh
    

    如下情况已经配置成功。

    iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
    iptables: Setting chains to policy ACCEPT: security raw nat[  OK  ]filter
    iptables: Flushing firewall rules:                         [  OK  ]
    iptables: Unloading modules:                               [  OK  ]
    iptables: Applying firewall rules:                         [  OK  ]
    Shutting down pptpd:                                       [FAILED]
    Starting pptpd:                                            [  OK  ]
    Warning: a pptpd restart does not terminate existing
    connections, so new connections may be assigned the same IP
    address and cause unexpected results.  Use restart-kill to
    destroy existing connections during a restart.
    
    You can now connect to your VPN via your external IP 139.162.xx.xxx
    Username: testuser1
    Password: testpsw
    [root@li1473-187 ~]#
    
    添加用户:vim /etc/ppp/chap-secrets
    # Secrets for authentication using CHAP
    # client    server    secret    IP addresses
    testuser    l2tpd    testpsw       *
    testuser1 pptpd testpsw *
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    "/etc/ppp/chap-secrets" 4L, 148C
    

    重启l2tp和pptp

    [root@li1473-187 ~]# /etc/init.d/xl2tpd restart
    Stopping xl2tpd:                                           [  OK  ]
    Starting xl2tpd:                                           [  OK  ]
    [root@li1473-187 ~]# /etc/init.d/pptpd restart
    Shutting down pptpd:                                       [  OK  ]
    Starting pptpd:                                            [  OK  ]
    Warning: a pptpd restart does not terminate existing
    connections, so new connections may be assigned the same IP
    address and cause unexpected results.  Use restart-kill to
    destroy existing connections during a restart.
    [root@li1473-187 ~]#
    

    shadowsocks一键安装脚本,需使用root用户登录,运行以下命令

    wget --no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks-libev.sh
    chmod +x shadowsocks-libev.sh
    ./shadowsocks-libev.sh 2>&1 | tee shadowsocks-libev.log
    

    安装完成后如下

    Starting Shadowsocks-libev:                                [  OK  ]
    Shadowsocks-libev start success!
    
    
    Congratulations, Shadowsocks-libev install completed!
    Your Server IP:  139.162.xx.xxx
    Your Server Port:  8989
    Your Password:  testpsw
    Your Local IP:  127.0.0.1
    Your Local Port:  1080
    Your Encryption Method:  aes-256-cfb
    
    Welcome to visit:https://teddysun.com/357.html
    Enjoy it!
    

Log in to reply
 

Looks like your connection to MainFrame was lost, please wait while we try to reconnect.