48 lines
1.4 KiB
Bash
48 lines
1.4 KiB
Bash
#!/bin/bash
|
|
|
|
# Temos que configurar a VPN gateway (duh)
|
|
# O gateway client é o VM_ROAD_WARRIOR :)
|
|
#
|
|
# O gateway client é a pont entre a rede externa 193.136.212.0/24
|
|
# E a rede interna 10.60.0.0/24
|
|
|
|
# NOTE(vasco):
|
|
# Ao configurar a maquina virtual em si deixei a rede externa primeiro (enp0s8)
|
|
# E a rede interna como a segunda interface (enp0s9).
|
|
|
|
# --- variaveis aqui pf joao fr fr fr aaaaa ---#
|
|
helloworld="print"
|
|
if_fora="enp0s8"
|
|
if_dentro="enp0s9"
|
|
ip_fora="193.136.212.1"
|
|
ip_dentro="10.60.0.3"
|
|
mega_tunel="tun0"
|
|
ip_mega_tunel="10.8.0.1/24"
|
|
|
|
# --- interfaces ---
|
|
ifconfig $if_fora $ip_fora netmask 255.255.255.0
|
|
ifconfig $if_dentro $ip_dentro netmask 255.255.255.0
|
|
|
|
# --- instalar packages ---
|
|
yum install -y epel-release openvpn iptables-services
|
|
|
|
|
|
# --- desativar firewalld ---
|
|
systemctl stop firewalld
|
|
systemctl disable firewalld
|
|
systemctl mask firewalld
|
|
systemctl enable iptables
|
|
iptables -F
|
|
# ativar poen vpn
|
|
systemctl enable --now openvpn
|
|
|
|
# --- ip forwarding --- #
|
|
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
|
|
sysctl -p /etc/sysctl.conf
|
|
|
|
# --- nat forwardin de vpn para clientes --- #
|
|
iptables -A INPUT -p udp --dport 1194 -j ACCEPT # :O
|
|
iptables -A FORWARD -i $mega_tunel -o $if_dentro -j ACCEPT # :P
|
|
iptables -A FORWARD -i $if_dentro -o $mega_tunel -j ACCEPT # ;)
|
|
iptables -t nat -A POSTROUTING -s $ip_mega_tunel -o $if_fora -j MASQUERADE # :D
|
|
iptables-save > /etc/sysconfig/iptables # :3 |