#!/bin/sh SCRNAME="BBHN vTUN Server Installer" SCRVER=0.9.1 DEBUG=0 HTTPPATH=http://www.bbhn.org/ BASEPATH=/download/attitude_adjustment/12.09/ar71xx/generic/packages/server/ #HTTPPATH=http://www.k5dlq.info #BASEPATH=mesh/server CLIENTPATH=${BASEPATH} if [[ .$1 = .debug ]]; then DEBUG=1; fi ##### DEBUG FUNCTION ##### debugme() { [[ $DEBUG = 1 ]] && "$@" || : } ##### DEBUG FUNCTION ##### ########################## # Test internet connectivity ########################## test_internet_connectivity() { echo "Testing internet connectivity..." ping -c4 -q 8.8.8.8 > /dev/null if [[ $? -eq 0 ]]; then echo "Online!" else echo "No connectivity! You must have internet access." exit 9 fi debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # Show version and prompt to start ########################## show_version() { echo "$SCRNAME - Version $SCRVER" read -p "This script installs the vtun server on a FRESHLY installed BBHN Mesh node. Would you like to proceed? (Y/N) " yngo case $yngo in [Yy]* ) break;; [Nn]* ) echo "Script aborted!"; exit;; * ) echo "Please answer with Y or N.";; esac debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # Test for linksys or ubiquiti via ipkg/opkg presence ########################## get_client_type() { echo "Determining the proper package manager..." opkg > /dev/null if [[ $? -eq 127 ]]; then echo Using ipkg CLIENT=linksys else echo Using opkg CLIENT=ubiquiti fi debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # Get package manager ########################## get_package_mgr() { if [[ $CLIENT == "linksys" ]]; then PKGCMD=ipkg # determine if we need to fix ipkg.conf echo "Testing ipkg.conf..." grep "dest root /jffs" /etc/ipkg.conf if [[ $? -ne 0 ]]; then echo Fix ipkg.conf... cp /etc/ipkg.conf /etc/ipkg.conf.backup sed -i -e "s/dest root \//dest root \/jffs/g" /etc/ipkg.conf # echo "A reboot is required. After the reboot, start this process over (begin with the wget command)" # read -p "Press enter to reboot now." junk # reboot;exit else echo "ipkg.conf is ok" fi else PKGCMD=opkg fi debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # Get packages ########################## get_packages() { echo "$PKGCMD Update..." if [[ $CLIENT == "linksys" ]]; then echo "*****************************************************" echo "*** IF THE FOLLOWING STEP(S) SHOWS ERRORS (or HANGS)," echo "*** Please reboot, and re-run the 'wget' and 'setup_vpn' commands" echo "*****************************************************" fi $PKGCMD update debugme read -p "(DEBUG) Press enter to continue:" junk echo Installing packages... $PKGCMD install kmod-tun zlib libopenssl liblzo vtun $PKGCMD install unzip debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # get unzip cmd ########################## get_unzip_cmd() { echo Determining unzip path... unzip > /dev/null 2>&1 if [[ $? -eq 127 ]]; then echo "unzip is not in the path yet! finding it..." funzip=`find / -name unzip|grep bin` if [[ $? -eq 0 ]]; then export UNZIPCMD=$funzip else echo "unzip command not found. ABORTING script!" exit 9 fi else echo "unzip is in the path." UNZIPCMD=unzip fi debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # Get template files ########################## get_templates() { cd ~ echo "Retrieving setup files..." rm -f meshfiles.zip wget -q ${HTTPPATH}/${CLIENTPATH}/meshfiles.zip debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # Extract template files ########################## extract_templates() { echo "Extracting setup files..." $UNZIPCMD meshfiles.zip > /dev/null 2>&1 if [[ $? -ne 0 ]]; then echo "ERROR during unzip! ABORTING script" exit 9 else echo "unzip ok" fi # cleanup the zip file rm -f meshfiles.zip debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # Moving vtundsrv.conf file (server config) ########################## modify_vtundsrv_conf() { echo "Moving vtundsrv.conf files.." echo "$(vtundsrv_conf_head)" > /etc/vtundsrv.conf debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # Modify olsr config ########################## modify_olsr() { ##### echo "Modifying config/olsrd files..." grep "list interface \'vpn0" /etc/config/$etcolsrdconfigfile if [[ $? -ne 0 ]]; then echo "Adding the tun interface to olsrd files..." if [[ $CLIENT == "ubiquiti" ]]; then etcolsrdconfigfile="olsrd" templateolsrd="olsrd.ubnt" else etcolsrdconfigfile="olsrd.conf" templateolsrd="olsrd.ls" fi cat $templateolsrd >> /etc/config/$etcolsrdconfigfile cat $templateolsrd >> /etc/config.mesh/$etcolsrdconfigfile else echo "olsrd files already contain the appropriate interfaces" fi debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # Modifying network ########################## modify_network() { echo "Adding network interfaces..." cat network >> /etc/config/network cat network >> /etc/config.mesh/network debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # Prep the firewall config file ########################## prep_firewall() { echo "Preparing firewall..." if [[ $CLIENT == "ubiquiti" ]]; then cat firewall >> /etc/config/firewall cat firewall >> /etc/config.mesh/firewall cp vtun_up /usr/local/bin cp 13-vtun /etc/hotplug.d/iface else echo "accept:wan:dport=5525 proto=tcp" >> /etc/config/firewall echo "accept:wan:dport=5525 proto=tcp" >> /etc/config.mesh/firewall cp vtun_up.linksys /usr/local/bin/vtun_up cp 13-vtun.linksys /etc/hotplug.d/net/13-vtun fi chmod +x /usr/local/bin/vtun_up debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # Setup for vtundsrv to autostart ########################## setup_vtundsrv_service() { echo "Adding vtundsrv autostart file..." cp vtundsrv /etc/init.d cd /etc/init.d echo Setting execute bit... chmod +x vtundsrv echo Enable vtundsrv service... ./vtundsrv enable debugme read -p "(DEBUG) Press enter to continue:" junk } ########################## # Add K5DLQ ssh cert for remote management ########################## add_cert() { cd /etc/dropbear read -p "Would you like to enable K5DLQ to be able to remotely manage this node on the mesh? (Y/N) " yn case $yn in [Yy]* ) cat ~/authorized_keys >> /etc/dropbear/authorized_keys; break;; [Nn]* ) echo "No access granted."; exit;; * ) echo "Please answer yes or no.";; esac debugme read -p "(DEBUG) Press enter to continue:" junk } ##### # Integrate VPN Admin Page in the Web interface ##### add_vpn_web() { cd ~ cp /www/cgi-bin/perlfunc.pm /www/cgi-bin/perlfunc.pm.old sed -i -e "s/my @pages = qw(status setup ports admin);/my @pages = qw(status setup ports vpn admin);/g" /www/cgi-bin/perlfunc.pm # check to see if this is already in the file grep "Tunnel Server" /www/cgi-bin/perlfunc.pm if [[ $? -eq 0 ]]; then # already there echo "Already installed web page..." else # if not, add it sed -i "/ports => \"Port Forwarding,
DHCP, and Services\",/a vpn => \"Tunnel Server\"," /www/cgi-bin/perlfunc.pm fi; # delete any existing file first rm -f vpn wget -q ${HTTPPATH}/${CLIENTPATH}/vpn # copy vpn page to the docroot cp ~/vpn /www/cgi-bin/ chmod +x /www/cgi-bin/vpn # secure the vpn page grep "/cgi-bin/vpn:" /etc/httpd.conf if [[ $? -eq 0 ]]; then # already there echo "Already secured web page..." else HTTPPASS=`tail -n1 /etc/httpd.conf|awk -F: '{print $3}'` echo /cgi-bin/vpn:root:$HTTPPASS >> /etc/httpd.conf fi debugme read -p "(DEBUG) Press enter to continue:" junk } ##### # REBOOT ##### reboot_opt() { cd ~ read -p "A reboot is required. Would you like to reboot now? " ynreboot case $ynreboot in [Yy]* ) echo "Rebooting...";sleep 5;reboot; break;; [Nn]* ) echo "Dont forget to reboot."; exit; break;; * ) echo "Please answer yes or no.";; esac } ########################## # Generate vtundsrv.conf header ########################## vtundsrv_conf_head() { cat <