|
|
@@ -1,11 +1,19 @@
|
|
|
#!/bin/bash
|
|
|
|
|
|
+EthName=`cat /proc/net/dev |grep ':' |cut -d':' -f1 |sed 's/\s//g' |grep -iv '^lo\|^sit\|^stf\|^gif\|^dummy\|^vmnet\|^vir\|^gre\|^ipip\|^ppp\|^bond\|^tun\|^tap\|^ip6gre\|^ip6tnl\|^teql\|^ocserv\|^vpn' |sed -n '1p'`
|
|
|
+[ -n "$EthName" ] || exit 1
|
|
|
|
|
|
-[ -e "$(which nc)" ] || exit 1
|
|
|
MyPath="$(dirname `readlink -f "$0"`)"
|
|
|
MyConfig="${MyPath}/ocserv.conf"
|
|
|
[ -f "${MyConfig}" ] || exit 1
|
|
|
-MyPort=`cat "${MyConfig}" |grep '^tcp-port' |grep -o '[0-9]*'`
|
|
|
+MyPort=`cat "${MyConfig}" |grep '#\?tcp-port' |cut -d"=" -f2 |sed 's/\s//g' |grep -o '[0-9]*'`
|
|
|
+MyUDP=`cat "${MyConfig}" |grep '#\?udp-port' |cut -d"=" -f2 |sed 's/\s//g' |grep -o '[0-9]*'`
|
|
|
+
|
|
|
+
|
|
|
+iptables -t nat -A POSTROUTING -o ${EthName} -j MASQUERADE
|
|
|
+[ -n "$MyPort" ] && iptables -I INPUT -p tcp --dport ${MyPort} -j ACCEPT
|
|
|
+[ -n "$MyUDP" ] && iptables -I INPUT -p udp --dport ${MyUDP} -j ACCEPT
|
|
|
+iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
|
|
|
|
|
|
|
|
|
START(){
|
|
|
@@ -15,8 +23,8 @@ START(){
|
|
|
}
|
|
|
|
|
|
PORT(){
|
|
|
- nc -w 1 -vz 0.0.0.0 ${MyPort} >>/dev/null 2>&1;
|
|
|
- [[ "$?" == "0" ]] && echo "0" || echo "1";
|
|
|
+ nc -w 1 -vz 0.0.0.0 "${MyPort}" >>/dev/null 2>&1;
|
|
|
+ [ "$?" == "0" ] && echo "0" || echo "1";
|
|
|
}
|
|
|
|
|
|
SCAN(){
|
|
|
@@ -28,5 +36,9 @@ SCAN(){
|
|
|
fi
|
|
|
}
|
|
|
|
|
|
-while true; do SCAN; done
|
|
|
+if [ ! -e "$(which nc)" ]; then
|
|
|
+ START;
|
|
|
+ exit 0
|
|
|
+fi
|
|
|
|
|
|
+while true; do SCAN; done
|
MoeClub