setup_openwrt_openvpn_uci.sh
#!/bin/sh ###################################################################### # # OpenWRT OpenVPN 설정 스크립트 # # OpenWRT uci를 사용하여 OpenWRT 환경을 설정한다. # ###################################################################### ###################################################################### # # Configure firewall # ###################################################################### uci rename firewall.@zone[0]="lan" uci rename firewall.@zone[1]="wan" uci rename firewall.@forwarding[0]="lan_wan" uci del_list firewall.lan.device="tun0" uci add_list firewall.lan.device="tun0" uci -q delete firewall.vpn uci set firewall.ovpn="rule" uci set firewall.ovpn.name="Allow-OpenVPN" uci set firewall.ovpn.src="wan" uci set firewall.ovpn.dest_port="1194" uci set firewall.ovpn.proto="udp" uci set firewall.ovpn.target="ACCEPT" uci commit firewall /etc/init.d/firewall restart uci set openvpn.openvpn_server=openvpn uci set openvpn.openvpn_server.enabled='1' uci set openvpn.openvpn_server.verb='5' uci set openvpn.openvpn_server.dev='tun' uci set openvpn.openvpn_server.client_to_client='1' uci set openvpn.openvpn_server.keepalive='10 120' uci set openvpn.openvpn_server.mode='server' uci set openvpn.openvpn_server.persist_key='1' uci set openvpn.openvpn_server.persist_tun='1' uci set openvpn.openvpn_server.port='1194' uci set openvpn.openvpn_server.route_gateway='dhcp' uci set openvpn.openvpn_server.server='10.8.0.0 255.255.255.0' uci set openvpn.openvpn_server.tls_server='1' uci set openvpn.openvpn_server.comp_lzo='yes' uci set openvpn.openvpn_server.ca='/etc/easy-rsa/pki/ca.crt' uci set openvpn.openvpn_server.cert='/etc/easy-rsa/pki/issued/server.crt' uci set openvpn.openvpn_server.key='/etc/easy-rsa/pki/private/server.key' uci set openvpn.openvpn_server.dh='/etc/easy-rsa/pki/dh.pem' uci set openvpn.openvpn_server.tls_crypt='/etc/easy-rsa/pki/tc.pem' uci add_list openvpn.openvpn_server.push='redirect-gateway def1 bypass-dhcp' uci add_list openvpn.openvpn_server.push='dhcp-option DNS 8.8.8.8' uci add_list openvpn.openvpn_server.push='dhcp-option DNS 8.8.4.4' uci commit openvpn uci delete openvpn.custom_config uci delete openvpn.sample_server uci delete openvpn.sample_client uci commit openvpn /etc/init.d/openvpn enable /etc/init.d/openvpn stop /etc/init.d/openvpn start