VPN Abstracting For On The Fly IP Changing With HMA, PIA etc.
 Page :   [ 1 ]    [ 2 ]    [ 3 ]    [ 4 ]  


Now we need to be able to tell the system which IP we want th connect to via PPTP.  There's many ways to do this but I chose to do it via HTTP.

Set up apache, php etc.

apt-get install apache2 apache2-doc php5 libapache2-mod-php5 php5-curl

Because we will be connecting and disconnecting the PPTP connection via HTTP requests we will need the user apache runs as to be able to run pon and poff:

Run visudo and add the following to the end of the configuration:

www-data ALL = NOPASSWD: /usr/bin/pon
www-data ALL = NOPASSWD: /usr/bin/poff

www-data ALL = NOPASSWD: /etc/clean.sh
www-data ALL = NOPASSWD: /sbin/route

 Also editing the piavpn configuration file in /etc/ppp/peers/ is necessary by the www-data user so do the following:

chmod 777 /etc/ppp/peers/piavpn
chmod 777 /etc/ppp/peers
chmod 777 /etc/ppp/chap-secrets

The /etc/clean.sh (need to create it) script is called fromt he web interface as a failsafe and is similar to  /etc/ppp/ip-down.local and contains the following:

NOTE: I needed to hardcode the default gateway here too (example as I couldn't seem to relably get it via script.

#host ip of vpn server

H=`route -n | grep UGH | awk '{print $1}'`
#gateway of local server
G=`route -n | grep UGH | awk '{print $2}'`
#main interface .. typically eth0
DEV=`route -n | grep UG | awk '{print $8}'`
while ip route del default; do :; done
route add default gw dev eth0
#route add default gw $G $DEV
echo $H
sleep 1
/sbin/route delete $H dev eth0

 make it executable:

chmod +x /etc/clean.sh

On the next page is a very simplified version of the script I actually use (i.e. no hashing of parameters and is just a single procedural script)


(Page 3 of 4)