Here is an example script that uses the SSH VPN capability that I use pretty
much everyday. It's a little
basic, but it works for me. Please let me know if there is anything else I can
provide.
Chris
#!/bin/bash
PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin"
HOST=somehost.someplace.com
REMOTETUNIP="172.31.209.6"
LOCALTUNIP="172.31.209.5"
REMOTENET="10.232.1.0"
REMOTENETMASK="255.255.255.0"
REMOTENETINT=eth1
if [ "$1" != "start" -a "$1" != "stop" ]
then
echo "Syntax: $0 <start> <stop>"
exit 1
fi
if [ "$1" = "start" ]
then
# Find next available local TUN device
TUNNUMBER=0
FINDTUN="false"
while [ "$FINDTUN" = "false" ]
do
ifconfig -a | grep -v tunl | grep tun$TUNNUMBER > /dev/null
if [ "$?" != "1" ]
then
let TUNNUMBER=$TUNNUMBER+1
else
FINDTUN="true"
fi
done
sudo ssh -f -C -w any:any [EMAIL PROTECTED] true
ssh [EMAIL PROTECTED] "ifconfig tun0 $REMOTETUNIP pointopoint
$LOCALTUNIP"
ssh [EMAIL PROTECTED] 'echo 1 > /proc/sys/net/ipv4/ip_forward'
ssh [EMAIL PROTECTED] "iptables -t nat -A POSTROUTING -o $REMOTENETINT
-j MASQUERADE"
sleep 3
sudo ifconfig tun$TUNNUMBER $LOCALTUNIP pointopoint $REMOTETUNIP
sudo route add -net $REMOTENET netmask $REMOTENETMASK gw $LOCALTUNIP
tun$TUNNUMBER
echo "Tunnel has been set up"
fi
if [ "$1" = "stop" ]
then
sudo kill `ps ax | grep "any:any [EMAIL PROTECTED] true" | grep -v grep
| cut -c 1-5` > /dev/null
ssh [EMAIL PROTECTED] 'kill `ps ax | grep "sshd: [EMAIL PROTECTED]" |
grep -v grep | cut -c 1-5`'
ssh [EMAIL PROTECTED] 'ifconfig tun0 down'
fi
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
