diff options
Diffstat (limited to 'deploy/pptpd/pptpd_install')
| -rw-r--r-- | deploy/pptpd/pptpd_install/auth-down | 7 | ||||
| -rw-r--r-- | deploy/pptpd/pptpd_install/auth-up | 19 | ||||
| -rw-r--r-- | deploy/pptpd/pptpd_install/chap-secrets | 58 | ||||
| -rw-r--r-- | deploy/pptpd/pptpd_install/options.pptpd | 134 | ||||
| -rw-r--r-- | deploy/pptpd/pptpd_install/pptpd-1.4.0-2.el7.x86_64.rpm | bin | 0 -> 81428 bytes | |||
| -rw-r--r-- | deploy/pptpd/pptpd_install/pptpd.conf | 106 | ||||
| -rw-r--r-- | deploy/pptpd/pptpd_install/pptpd.install.sh | 16 |
7 files changed, 340 insertions, 0 deletions
diff --git a/deploy/pptpd/pptpd_install/auth-down b/deploy/pptpd/pptpd_install/auth-down new file mode 100644 index 0000000..81e2228 --- /dev/null +++ b/deploy/pptpd/pptpd_install/auth-down @@ -0,0 +1,7 @@ +#!/bin/bash +# get the username from the parameters +USER=$2 +# if there is a session already for this user, terminate the old one +rm -f /var/run/ppp/current_user/$USER +echo $2 link down ! >> /var/run/ppp/user_access.log + diff --git a/deploy/pptpd/pptpd_install/auth-up b/deploy/pptpd/pptpd_install/auth-up new file mode 100644 index 0000000..d8a2c75 --- /dev/null +++ b/deploy/pptpd/pptpd_install/auth-up @@ -0,0 +1,19 @@ +#!/bin/bash +# get the username from the parameters +USER=$2 +# if there is a session already for this user, terminate the old one + +mkdir -p /var/run/ppp/current_user/ + +PPID=`awk '/PPid/ { print $2; }' /proc/$$/status` + +if [ -f /var/run/ppp/current_user/$USER ]; then + echo $2 already access success, exit, pid:$$, ppid:$PPID >> /var/run/ppp/user_access.log + kill -9 $PPID +else + echo $2 > /var/run/ppp/current_user/$USER + echo $2 dial up success! >> /var/run/ppp/user_access.log +fi + + + diff --git a/deploy/pptpd/pptpd_install/chap-secrets b/deploy/pptpd/pptpd_install/chap-secrets new file mode 100644 index 0000000..d27529d --- /dev/null +++ b/deploy/pptpd/pptpd_install/chap-secrets @@ -0,0 +1,58 @@ +# Secrets for authentication using CHAP +# client server secret IP addresses +mesa pptpd 111111 * +liuqingyun_hk pptpd 111111 172.18.1.101 +zhengchao_hk pptpd 111111 172.18.1.102 +yangrong_hk pptpd 111111 172.18.1.103 +zhouzhou_hk pptpd 111111 172.18.1.104 +lijia_hk pptpd 111111 172.18.1.105 +doufenghu_hk pptpd 111111 172.18.1.106 +dumeijie_hk pptpd 111111 172.18.1.107 +fengweihao_hk pptpd 111111 172.18.1.108 +guofu_hk pptpd 111111 172.18.1.109 +jixinyi_hk pptpd 111111 172.18.1.110 +lishu_hk pptpd 111111 172.18.1.111 +lizhao_hk pptpd 111111 172.18.1.111 +liujunpeng_hk pptpd 111111 172.18.1.112 +liuxueli_hk pptpd 111111 172.18.1.113 +liuyang_hk pptpd 111111 172.18.1.114 +luqiuwen_hk pptpd 111111 172.18.1.115 +qidaijie_hk pptpd 111111 172.18.1.116 +wangfengmei_hk pptpd 111111 172.18.1.117 +wangkuan_hk pptpd 111111 172.18.1.118 +wangyouzhan_hk pptpd 111111 172.18.1.119 +yangwei_hk pptpd 111111 172.18.1.120 +yulingjing_hk pptpd 111111 172.18.1.121 +zhangchengwei_hk pptpd 111111 172.18.1.122 +zhanglei_hk pptpd 111111 172.18.1.123 +zhangpeng_hk pptpd 111111 172.18.1.124 +jiamengdie_hk pptpd 111111 172.18.1.125 +zhuyujia_hk pptpd 111111 172.18.1.126 + +liuqingyun_de pptpd 111111 172.18.1.131 +zhengchao_de pptpd 111111 172.18.1.132 +yangrong_de pptpd 111111 172.18.1.133 +zhouzhou_de pptpd 111111 172.18.1.134 +lijia_de pptpd 111111 172.18.1.135 +doufenghu_de pptpd 111111 172.18.1.136 +dumeijie_de pptpd 111111 172.18.1.137 +fengweihao_de pptpd 111111 172.18.1.138 +guofu_de pptpd 111111 172.18.1.139 +jixinyi_de pptpd 111111 172.18.1.140 +lishu_de pptpd 111111 172.18.1.141 +lizhao_de pptpd 111111 172.18.1.142 +liujunpeng_de pptpd 111111 172.18.1.143 +liuxueli_de pptpd 111111 172.18.1.144 +liuyang_de pptpd 111111 172.18.1.145 +luqiuwen_de pptpd 111111 172.18.1.146 +qidaijie_de pptpd 111111 172.18.1.147 +wangfengmei_de pptpd 111111 172.18.1.148 +wangkuan_de pptpd 111111 172.18.1.149 +wangyouzhan_de pptpd 111111 172.18.1.150 +yangwei_de pptpd 111111 172.18.1.151 +yulingjing_de pptpd 111111 172.18.1.152 +zhangchengwei_de pptpd 111111 172.18.1.153 +zhanglei_de pptpd 111111 172.18.1.154 +zhangpeng_de pptpd 111111 172.18.1.155 +jiamengdie_de pptpd 111111 172.18.1.156 +zhuyujia_de pptpd 111111 172.18.1.157 diff --git a/deploy/pptpd/pptpd_install/options.pptpd b/deploy/pptpd/pptpd_install/options.pptpd new file mode 100644 index 0000000..738c10f --- /dev/null +++ b/deploy/pptpd/pptpd_install/options.pptpd @@ -0,0 +1,134 @@ +############################################################################### +# $Id: options.pptpd,v 1.11 2005/12/29 01:21:09 quozl Exp $ +# +# Sample Poptop PPP options file /etc/ppp/options.pptpd +# Options used by PPP when a connection arrives from a client. +# This file is pointed to by /etc/pptpd.conf option keyword. +# Changes are effective on the next connection. See "man pppd". +# +# You are expected to change this file to suit your system. As +# packaged, it requires PPP 2.4.2 and the kernel MPPE module. +############################################################################### + + +# Authentication + +# Name of the local system for authentication purposes +# (must match the second field in /etc/ppp/chap-secrets entries) +name pptpd + +# Strip the domain prefix from the username before authentication. +# (applies if you use pppd with chapms-strip-domain patch) +#chapms-strip-domain + + +# Encryption +# (There have been multiple versions of PPP with encryption support, +# choose with of the following sections you will use.) + + +# BSD licensed ppp-2.4.2 upstream with MPPE only, kernel module ppp_mppe.o +# {{{ +refuse-pap +refuse-chap +refuse-mschap +# Require the peer to authenticate itself using MS-CHAPv2 [Microsoft +# Challenge Handshake Authentication Protocol, Version 2] authentication. +require-mschap-v2 +# Require MPPE 128-bit encryption +# (note that MPPE requires the use of MSCHAP-V2 during authentication) +require-mppe-128 +# }}} + + +# OpenSSL licensed ppp-2.4.1 fork with MPPE only, kernel module mppe.o +# {{{ +#-chap +#-chapms +# Require the peer to authenticate itself using MS-CHAPv2 [Microsoft +# Challenge Handshake Authentication Protocol, Version 2] authentication. +#+chapms-v2 +# Require MPPE encryption +# (note that MPPE requires the use of MSCHAP-V2 during authentication) +#mppe-40 # enable either 40-bit or 128-bit, not both +#mppe-128 +#mppe-stateless +# }}} + + +# Network and Routing + +# If pppd is acting as a server for Microsoft Windows clients, this +# option allows pppd to supply one or two DNS (Domain Name Server) +# addresses to the clients. The first instance of this option +# specifies the primary DNS address; the second instance (if given) +# specifies the secondary DNS address. +#ms-dns 10.0.0.1 +#ms-dns 10.0.0.2 +ms-dns 8.8.8.8 + +# If pppd is acting as a server for Microsoft Windows or "Samba" +# clients, this option allows pppd to supply one or two WINS (Windows +# Internet Name Services) server addresses to the clients. The first +# instance of this option specifies the primary WINS address; the +# second instance (if given) specifies the secondary WINS address. +#ms-wins 10.0.0.3 +#ms-wins 10.0.0.4 + +# Add an entry to this system's ARP [Address Resolution Protocol] +# table with the IP address of the peer and the Ethernet address of this +# system. This will have the effect of making the peer appear to other +# systems to be on the local ethernet. +# (you do not need this if your PPTP server is responsible for routing +# packets to the clients -- James Cameron) +proxyarp + +# Normally pptpd passes the IP address to pppd, but if pptpd has been +# given the delegate option in pptpd.conf or the --delegate command line +# option, then pppd will use chap-secrets or radius to allocate the +# client IP address. The default local IP address used at the server +# end is often the same as the address of the server. To override this, +# specify the local IP address here. +# (you must not use this unless you have used the delegate option) +#10.8.0.100 + + +# Logging + +# Enable connection debugging facilities. +# (see your syslog configuration for where pppd sends to) +#debug + +# Print out all the option values which have been set. +# (often requested by mailing list to verify options) +#dump + + +# Miscellaneous + +# Create a UUCP-style lock file for the pseudo-tty to ensure exclusive +# access. +lock + +# Disable BSD-Compress compression +nobsdcomp + +# Disable Van Jacobson compression +# (needed on some networks with Windows 9x/ME/XP clients, see posting to +# poptop-server on 14th April 2005 by Pawel Pokrywka and followups, +# http://marc.theaimsgroup.com/?t=111343175400006&r=1&w=2 ) +novj +novjccomp + +# turn off logging to stderr, since this may be redirected to pptpd, +# which may trigger a loopback +nologfd + +# put plugins here +# (putting them higher up may cause them to sent messages to the pty) + +mru 1380 +mtu 1380 +holdoff 10 +idle 60 + diff --git a/deploy/pptpd/pptpd_install/pptpd-1.4.0-2.el7.x86_64.rpm b/deploy/pptpd/pptpd_install/pptpd-1.4.0-2.el7.x86_64.rpm Binary files differnew file mode 100644 index 0000000..48c8946 --- /dev/null +++ b/deploy/pptpd/pptpd_install/pptpd-1.4.0-2.el7.x86_64.rpm diff --git a/deploy/pptpd/pptpd_install/pptpd.conf b/deploy/pptpd/pptpd_install/pptpd.conf new file mode 100644 index 0000000..6ebc63c --- /dev/null +++ b/deploy/pptpd/pptpd_install/pptpd.conf @@ -0,0 +1,106 @@ +############################################################################### +# $Id: pptpd.conf,v 1.11 2011/05/19 00:02:50 quozl Exp $ +# +# Sample Poptop configuration file /etc/pptpd.conf +# +# Changes are effective when pptpd is restarted. +############################################################################### + +# TAG: ppp +# Path to the pppd program, default '/usr/sbin/pppd' on Linux +# +#ppp /usr/sbin/pppd + +# TAG: option +# Specifies the location of the PPP options file. +# By default PPP looks in '/etc/ppp/options' +# +option /etc/ppp/options.pptpd + +# TAG: debug +# Turns on (more) debugging to syslog +# +#debug + +# TAG: stimeout +# Specifies timeout (in seconds) on starting ctrl connection +# +# stimeout 10 + +# TAG: noipparam +# Suppress the passing of the client's IP address to PPP, which is +# done by default otherwise. +# +#noipparam + +# TAG: logwtmp +# Use wtmp(5) to record client connections and disconnections. +# +logwtmp + +# TAG: vrf <vrfname> +# Switches PPTP & GRE sockets to the specified VRF, which must exist +# Only available if VRF support was compiled into pptpd. +# +#vrf test + +# TAG: bcrelay <if> +# Turns on broadcast relay to clients from interface <if> +# +#bcrelay eth1 + +# TAG: delegate +# Delegates the allocation of client IP addresses to pppd. +# +# Without this option, which is the default, pptpd manages the list of +# IP addresses for clients and passes the next free address to pppd. +# With this option, pptpd does not pass an address, and so pppd may use +# radius or chap-secrets to allocate an address. +# +#delegate + +# TAG: connections +# Limits the number of client connections that may be accepted. +# +# If pptpd is allocating IP addresses (e.g. delegate is not +# used) then the number of connections is also limited by the +# remoteip option. The default is 100. +#connections 100 + +# TAG: localip +# TAG: remoteip +# Specifies the local and remote IP address ranges. +# +# These options are ignored if delegate option is set. +# +# Any addresses work as long as the local machine takes care of the +# routing. But if you want to use MS-Windows networking, you should +# use IP addresses out of the LAN address space and use the proxyarp +# option in the pppd options file, or run bcrelay. +# +# You can specify single IP addresses seperated by commas or you can +# specify ranges, or both. For example: +# +# 192.168.0.234,192.168.0.245-249,192.168.0.254 +# +# IMPORTANT RESTRICTIONS: +# +# 1. No spaces are permitted between commas or within addresses. +# +# 2. If you give more IP addresses than the value of connections, +# it will start at the beginning of the list and go until it +# gets connections IPs. Others will be ignored. +# +# 3. No shortcuts in ranges! ie. 234-8 does not mean 234 to 238, +# you must type 234-238 if you mean this. +# +# 4. If you give a single localIP, that's ok - all local IPs will +# be set to the given one. You MUST still give at least one remote +# IP for each simultaneous client. +# +# (Recommended) +localip 172.18.1.254 +#remoteip 192.168.0.234-238,192.168.0.245 +# or +#localip 192.168.0.234-238,192.168.0.245 +remoteip 172.18.1.100-200 diff --git a/deploy/pptpd/pptpd_install/pptpd.install.sh b/deploy/pptpd/pptpd_install/pptpd.install.sh new file mode 100644 index 0000000..365939c --- /dev/null +++ b/deploy/pptpd/pptpd_install/pptpd.install.sh @@ -0,0 +1,16 @@ +#!/bin/sh +rpm -ivh ./pptpd-1.4.0-2.el7.x86_64.rpm + +cp pptpd.conf /etc +cp options.pptpd /etc/ppp/ +cp chap-secrets /etc/ppp/ +cp auth-down /etc/ppp +cp auth-up /etc/ppp + +service pptpd restart + + + + + + |