Create l2tp.sh

2024-11-22 00:37:01 +08:00
parent 1eab28a15e
commit 9462aa677c
1 changed files with 117 additions and 0 deletions
--- a/l2tp.sh
+++ b/l2tp.sh
@@ -0,0 +1,117 @@
 #!/bin/bash
 # 颜色代码
 GREEN='\033[0;32m'
 RED='\033[0;31m'
 NC='\033[0m'
 # 检查Root权限
 if [[ $EUID -ne 0 ]]; then
   echo -e "${RED}必须以root权限运行此脚本${NC}"
   exit 1
 fi
 # 生成随机字符串
 generate_random_string() {
    tr -dc 'A-Za-z0-9' < /dev/urandom | head -c "$1"
 }
 # 主安装函数
 install_l2tp_vpn() {
    # 配置参数
    VPN_SERVER_IP=$(curl -s http://ipinfo.io/ip)
    VPN_PSK=$(generate_random_string 16)
    VPN_USERNAME=$(generate_random_string 8)
    VPN_PASSWORD=$(generate_random_string 12)
    # 更新和安装依赖
    apt-get update
    apt-get install -y strongswan xl2tpd ppp
    # IPsec配置
    cat > /etc/ipsec.conf << EOF
 config setup
    charondebug="all"
    uniqueids=never
 conn l2tp-psk
    authby=secret
    left=%defaultroute
    leftid=$VPN_SERVER_IP
    leftauth=psk
    leftprotoport=17/1701
    leftsendcert=never
    right=%any
    rightauth=psk
    rightprotoport=17/1701
    rightsourceip=10.0.0.0/24
    auto=add
 EOF
    cat > /etc/ipsec.secrets << EOF
 : PSK "$VPN_PSK"
 EOF
    # xl2tpd配置
    cat > /etc/xl2tpd/xl2tpd.conf << EOF
 [global]
 port = 1701
 [lns default]
 ip range = 10.0.0.2-10.0.0.254
 local ip = 10.0.0.1
 require chap = yes
 refuse pap = yes
 require authentication = yes
 name = L2TPServer
 ppp debug = yes
 pppoptfile = /etc/ppp/options.xl2tpd
 length bit = yes
 EOF
    cat > /etc/ppp/options.xl2tpd << EOF
 ipcp-accept-local
 ipcp-accept-remote
 require-mschap-v2
 ms-dns 8.8.8.8
 ms-dns 1.1.1.1
 noccp
 auth
 hide-password
 nodefaultroute
 usepeerdns
 name l2tpd
 plugin /usr/lib/pppd/*/libplugin.so
 EOF
    cat > /etc/ppp/chap-secrets << EOF
 $VPN_USERNAME * $VPN_PASSWORD *
 EOF
    # 设置权限
    chmod 600 /etc/ipsec.secrets /etc/ppp/chap-secrets
    # 重启服务(使用完整路径)
    /usr/sbin/service strongswan-starter restart
    /usr/sbin/service xl2tpd restart
    # 输出配置信息
    echo -e "${GREEN}================================================================"
    echo -e "L2TP/IPsec VPN连接详情："
    echo -e "服务器IP: $VPN_SERVER_IP"
    echo -e "用户名: $VPN_USERNAME"
    echo -e "密码: $VPN_PASSWORD"
    echo -e "预共享密钥: $VPN_PSK"
    echo -e "================================================================${NC}"
    # 保存连接信息到文件
    cat > /root/vpn_credentials.txt << EOF
 服务器IP: $VPN_SERVER_IP
 用户名: $VPN_USERNAME
 密码: $VPN_PASSWORD
 预共享密钥: $VPN_PSK
 EOF
 }
 # 执行安装
 install_l2tp_vpn