POPTOP install (óñòàíîâêà â îñíîâíóþ ïàìÿòü)

[pretoreani]

Èòàê ïîëíàÿ èíñòðóêöèÿ, ñ ðàáî÷èì èíåòîì è äîñòóïîì â ëîêàëêó.


Asus RT-N16, ïðîøèâêà rtn3300, /opt íà USB æåñòêîì äèñêå (ext3) - íè÷åì îñîáåííûì óñòàíîâêà â îñíîâíóþ ïàìÿòü íå îòëè÷àåòñÿ.
Poptop 1.3.2 (áèíàðíèêè èç ýòîãî ïîñòà)
LAN IP àäðåñ ðîóòåðà: 192.168.1.5
Ïîäêëþ÷åíèå â èíåò ÷åðåç L2TP (âñå ïàðàìåòðû àâòîìàòîì, IP âíåøíèé ñòàòè÷åñêèé)

óäàëåííàÿ ñèñòåìà ñïîêîéíî ïîäêëþ÷àåòñÿ:

Code:

Oct 21 14:53:47 pppd[392]: local  IP address 192.168.1.6
Oct 21 14:53:47 pppd[392]: remote IP address 192.168.1.7
Oct 21 14:53:47 SHURF.PPTDP.UP: ppp1 /dev/pts/1 115200 192.168.1.6 192.168.1.7 83.149.8.166

ñèñòåìà ìîæåò ïèíãîâàòü ÷òî óãîäíî â èíåòå:

Code:

PING 87.250.250.203 (87.250.250.203) 56(84) bytes of data.
64 bytes from 87.250.250.203: icmp_seq=1 ttl=51 time=1785 ms
64 bytes from 87.250.250.203: icmp_seq=2 ttl=51 time=861 ms

È äàæå êîíåêòèòüñÿ êóäà óãîäíî â èíåò

Code:

telnet 87.250.250.203 80
GET /.

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>
Connection closed by foreign host
#

Èíôîðìàöèÿ î êîíôèãóðàöèè:

ps (ïðîöåññû)

Code:

  379 admin      792 S    /opt/sbin/pptpd -c /opt/etc/pptpd.conf -o /opt/etc/ppp/options.pptpd -p /opt/var/run/pptpd.pid
  391 admin      908 S    pptpd [83.149.8.166:A50F - 0000]
  392 admin     1532 S    /usr/sbin/pppd local file /opt/etc/ppp/options.pptpd 115200 192.168.1.6:192.168.1.7 ipparam 83.149.8.166

/opt/etc/pptpd.conf

Code:

ppp /usr/sbin/pppd
option /opt/etc/ppp/options.pptpd
localip 192.168.1.6
remoteip 192.168.1.7-9

/opt/etc/ppp/options.pptpd

Code:

name shurfpptp
logfile /opt/var/run/pppd.vpn.log
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 192.168.1.5
ms-dns 85.21.192.5
proxyarp
ip-up-script /opt/etc/ppp/ip-up
ip-down-script /opt/etc/ppp/ip-down
lock
mru 512
mtu 512
novj
novjccomp
nodefaultroute

/opt/etc/ppp/ip-up

Code:

#!/bin/sh
/usr/bin/logger -t "SHURF.PPTDP.UP" "$1 $2 $3 $4 $5 $6"
/usr/sbin/iptables -I INPUT -i $1 -s $5 -j ACCEPT
/usr/sbin/iptables -I FORWARD -i $1 -s $5 -j ACCEPT
/usr/sbin/iptables -I OUTPUT -i $1 -j ACCEPT
/usr/sbin/iptables -I FORWARD -o $1 -j ACCEPT
/usr/sbin/iptables -t nat -I POSTROUTING -s $5 -o br0 -j MASQUERADE
/opt/sbin/bcrelay -d -i br0 -o $1 -n

/opt/etc/ppp/ip-down

Code:

#!/bin/sh
/usr/bin/logger -t "SHURF.PPTDP.DOWN" "$1 $2 $3 $4 $5 $6"
/usr/sbin/iptables -D INPUT -i $1 -s $5 -j ACCEPT
/usr/sbin/iptables -D FORWARD -i $1 -s $5 -j ACCEPT
/usr/sbin/iptables -D OUTPUT -i $1 -j ACCEPT
/usr/sbin/iptables -D FORWARD -o $1 -j ACCEPT
/usr/sbin/iptables -t nat -D POSTROUTING -s $5 -o br0 -j MASQUERADE
ps | grep bcrelay | grep $1 | awk '{print $1}' | xargs kill

/usr/local/sbin/post-mount

Code:

#!/bin/sh
chmod 777 /tmp
mount /tmp/mnt/disca_1 /opt
/opt/sbin/insmod /opt/lib/tun.ko
chmod go-rw /tmp/ppp/chap-secrets
rm -f /opt/etc/ppp/chap-secrets
ln -s /tmp/ppp/chap-secrets /opt/etc/ppp/
/opt/etc/init.d/S20poptop start

/usr/local/sbin/post-firewall

Code:

#!/bin/sh
/usr/bin/logger -t "SHURF.POSTFW" "Started pf: $1 $2 $3 $4 $5 $6"
/usr/sbin/iptables -I INPUT -p tcp --dport 1723 -j ACCEPT
/usr/sbin/iptables -I INPUT -p 47 -j ACCEPT
/usr/sbin/iptables -t nat -I PREROUTING -p tcp --dport 1723 -j ACCEPT
/usr/sbin/iptables -I OUTPUT -p 47 -j ACCEPT

iptables --list-rules -t nat îñíîâíîå

Code:

-P PREROUTING ACCEPT
-P POSTROUTING ACCEPT
-P OUTPUT ACCEPT
-A PREROUTING -p tcp -m tcp --dport 1723 -j ACCEPT
-A POSTROUTING -s 192.168.1.0/24 -d 192.168.1.0/24 -o br0 -j MASQUERADE
-A POSTROUTING -s 192.168.1.0/24 -d 192.168.1.0/24 -o ppp1 -j MASQUERADE

iptables --list-rules îñíîâíîå

Code:

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -s 192.168.1.7/32 -i ppp1 -j ACCEPT
-A INPUT -p gre -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
-A INPUT -d 192.168.1.5/32 -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -j DROP
-A FORWARD -o ppp1 -j ACCEPT
-A FORWARD -s 192.168.1.7/32 -i ppp1 -j ACCEPT
-A OUTPUT -p gre -j ACCEPT

Code:

[admin@RT-N16 root]$ ls -l /tmp/ppp/chap-secrets
-rw-------    1 admin    root           94 Oct 21 12:44 /tmp/ppp/chap-secrets
[admin@RT-N16 root]$ cat /tmp/ppp/chap-secrets
#client        server  secret      IP addresses
username          shurfpptp   "passwd"       *

Ïðîáëåìà DNS çàïðîñîâ ðåøàåòñÿ ñëåäóþùèì îáðàçîì:
Äîáàâèòü ôàéëèê /usr/local/etc/dnsmasq.conf (íå çàáûòü çàïèõàòü åãî â /usr/local/.files äëÿ flashfs save)

Code:

[admin@RT-N16 root]$ cat /usr/local/etc/dnsmasq.conf
listen-address=192.168.1.5
no-dhcp-interface=ppp1
no-dhcp-interface=ppp2

Ïîñëåäíèå äâå ñòðîêè äîáàâèë íà âñÿêèé ñëó÷àé - íå óâåðåí íàñ÷åò íèõ.

Âîçìîæíî êàêèå-òî äåéñòâèÿ ëèøíèå è ÿâëÿþòñÿ ðåçóëüòàòîì øàìàíñòâà, ïîïðàâüòå ìåíÿ, åñëè òàê.

[crashX]

àíàëîãè÷íàÿ îøèáêà. íà ðîóòåðå poptop 1.3.4 (ïðîøèâêà r3661). ïîäêëþ÷àþñü ÷åðåç êëèåíò âèíäû. ìîæåò ñîåäèíèòü ñ ïåðâîãî ðàçà, ìîæåò ñ äåñÿòîãî, íî ñîåäèíåíèå âñåãäà îáðûâàåòñÿ ÷åðåç 1-5 ìèíóò.

ëîãè:

Code:

Dec 16 00:45:35 pptpd[443]: CTRL: Client 192.168.0.103 control connection started
Dec 16 00:45:35 pptpd[443]: CTRL: Starting call (launching pppd, opening GRE)
Dec 16 00:45:35 pppd[444]: pppd 2.4.5 started by crash, uid 0
Dec 16 00:45:35 pppd[444]: Using interface ppp0
Dec 16 00:45:35 pppd[444]: Connect: ppp0 <--> /dev/pts/0
Dec 16 00:45:35 pptpd[443]: GRE: read(fd=9,buffer=419594,len=8260) from network failed: status = -1 error = Protocol not available
Dec 16 00:45:35 pptpd[443]: CTRL: GRE read or PTY write failed (gre,pty)=(9,8)
Dec 16 00:45:35 pppd[444]: Hangup (SIGHUP)
Dec 16 00:45:35 pppd[444]: Modem hangup
Dec 16 00:45:35 pppd[444]: Connection terminated.
Dec 16 00:45:35 pppd[444]: Exit.
Dec 16 00:45:35 pptpd[443]: CTRL: Client 192.168.0.103 control connection finished

post-firewall, ip-up, ip-down âðîäå âåðíî íàñòðîåíû

UPDATED:
Ïðîáëåìà ðåøèëàñü äîáàâëåíèåì ñëåäóþùåé ñòðîêè â post-firewall

Code:

 iptables -I OUTPUT -p 47 -j ACCEPT

[KonstanT]

Èòàê ïîëíàÿ èíñòðóêöèÿ, ñ ðàáî÷èì èíåòîì è äîñòóïîì â ëîêàëêó.
...
Âîçìîæíî êàêèå-òî äåéñòâèÿ ëèøíèå è ÿâëÿþòñÿ ðåçóëüòàòîì øàìàíñòâà, ïîïðàâüòå ìåíÿ, åñëè òàê.

Ñïàñèáî òåáå!
Èíôîðìàöèè èç ïåðâîãî ïîñòà è òâîèõ êîíôèãîâ îêàçàëîñü äîñòàòî÷íî, ÷òîáû ÿ íàñòðîèë è çàïóñòèë ÂÏÍ íà WL-500gpv2 íà ðàáîòå æåíû.
Òåïåðü äîâîëåí, êàê ñëîí: ñàìáà äà¸ò äîñòóï ê áàçàì 1Ñ íà ôëåøêå ðîóòåðà äëÿ íîóòîâ, íî÷üþ äåëàåòñÿ áýêàï, óäàëÿþòñÿ ñòàðûå àðõèâû, ÞÑÁ-øíûé ÌÔÓ ðàñøàðèë ïî âîçäóõó... SANE, òîæå, âðîäå, ðàáîòàåò, ìîæíî ñêàíèòü, à òóò åù¸ ìîæíî óäàë¸ííî èç äîìà ïîäêëþ÷èòüñÿ ïî ÂÏÍ è ïîðàáîòàòü (ïðàâäà, ìåäëåííî î÷åíü ãðóçèò, ïðèáë. 600êáèò/ñ, íî ÂÎÇÌÎÆÍÎ)!!!
Âûñøèé ïèëîòàæ!
Áîëüøîå ×åëîâå÷åñêîå ÑÏÀÑÈÁÎ!

P.S. ×òî çà ìîäóëü ó òåáÿ óñòàíàâëèâàåòñÿ?:
/opt/sbin/insmod /opt/lib/tun.ko
ó ìåíÿ åãî íåò, è áåç íåãî âñ¸ ðàáîòàåò.

[popow_sergei]

êòî ïîäñêàæåò, ÷åì íå óãîäèë îïåðàòîð esac â êîíöå ñêðèïòà S20poptop


Starting PoPToP server: /opt/etc/init.d/S20poptop: line 56: /opt/sbin/pptpd: Permission denied
Done!

[hans0n]

Çäðàâñòâóéòå, ïîäñêàæèòå, èíñòðóêöèÿ åù¸ àêòóàëüíà?

Poptop ðàáîòàë ïðåêðàñíî, íî íà äíÿõ ïðèøëîñü ïåðåïðîøèòü WL500gp v1 è îáíîâèòüñÿ íà ïðîøèâêó WL500gp-1.9.2.7-rtn-r4656.trx
http://asus.vectormm.net/rtn/4656/wl...-rtn-r4656.trx

äèñêè ïî-ìîåìó òàì ìîíòèðóþòñÿ íåñêîëüêî ïî-äðóãîìó.
ïî èíñòðóêöèè ñäåëàë âñ¸ êàê íàäî, íî poptop íå çàïóñêàåòñÿ. /opt íå âèæó...
Êàê áûòü? Ñåðâåð î÷åíü íóæåí...

[admin@hans_srv root]$ mount
rootfs on / type rootfs (rw)
/dev/root on / type squashfs (ro)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devfs on /dev type tmpfs (rw,noatime)
devpts on /dev/pts type devpts (rw)
tmpfs on /tmp type tmpfs (rw,noatime)
usbfs on /proc/bus/usb type usbfs (rw)
/dev/discs/disca/part2 on /tmp/mnt/disca_2 type ext3 (rw,noatime,errors=continue,data=ordered)

[admin@hans_srv root]$ cat /usr/local/sbin/post-mount
#!/bin/sh
mount /tmp/mnt/disca_2/ /opt/
/opt/etc/init.d/rc.unslung start

[tempik]

Çäðàâñòâóéòå, ïîäñêàæèòå, èíñòðóêöèÿ åù¸ àêòóàëüíà?

Poptop ðàáîòàë ïðåêðàñíî, íî íà äíÿõ ïðèøëîñü ïåðåïðîøèòü WL500gp v1 è îáíîâèòüñÿ íà ïðîøèâêó WL500gp-1.9.2.7-rtn-r4656.trx
http://asus.vectormm.net/rtn/4656/wl...-rtn-r4656.trx

äèñêè ïî-ìîåìó òàì ìîíòèðóþòñÿ íåñêîëüêî ïî-äðóãîìó.
ïî èíñòðóêöèè ñäåëàë âñ¸ êàê íàäî, íî poptop íå çàïóñêàåòñÿ. /opt íå âèæó...
Êàê áûòü? Ñåðâåð î÷åíü íóæåí...

Ìîæåò èìååò ñìûñë ïðîïèñàòü ìîíòèðîâàíèå îñíîâíîãî äèñêà â fstab ???

[hans0n]

Ìîæåò èìååò ñìûñë ïðîïèñàòü ìîíòèðîâàíèå îñíîâíîãî äèñêà â fstab ???

òêíèòå íîñîì, ïîæàëóéñòà, êàê ïðàâèëüíî ñìîíòèðîâàòü â fstab. Íå ìîãó ñîîáðàçèòü, à ïîèñê òîëêîì íå âûäàåò

[tempik]

òêíèòå íîñîì, ïîæàëóéñòà, êàê ïðàâèëüíî ñìîíòèðîâàòü â fstab. Íå ìîãó ñîîáðàçèòü, à ïîèñê òîëêîì íå âûäàåò

Ìîæåò ñòîèò èçó÷èòü âîò ýòî

[staticroute]

Ìîæåò ñòîèò èçó÷èòü âîò ýòî

ó ìåíÿ êñòàòè ôèøêà ñ fstab òàê è íå çàðàáîòàëà, òàêæå êàê è êîíôèãîì /etc/smb.conf

ïîñëå ðåáóòà âñå ðàâíî ïåðåçàïèñûâàþòñÿ ïðîøèâêîé. (åñòåñòâåííî îáà ôàéëà äîáàâëåíû â /usr/local/.files è ñäåëàí save, commit, enable).

ìîæíî ñäåëàòü ñêðèïò â post-mount è ìîíòèðîâàòü äèñê êóäà íóæíî.

[hans0n]

à êòî-íèáóäü âîîáùå ïðîáîâàë íà ñâåæèõ âåðñèÿõ ïðîøèâîê îò ýíòóçèàñòîâ? poptop ðàáîòàåò?
ó ìåíÿ ïðîñòî ipkg (ipkg-opt) âûäà¸ò îøèáêè...

[MMX2]

à êòî-íèáóäü âîîáùå ïðîáîâàë íà ñâåæèõ âåðñèÿõ ïðîøèâîê îò ýíòóçèàñòîâ? poptop ðàáîòàåò?
ó ìåíÿ ïðîñòî ipkg (ipkg-opt) âûäà¸ò îøèáêè...

http://wl500g.info/showthread.php?28...re-%F1-Optware

[PaScaL23]

Äîáðîãî âðåìåíè ñóòîê! Äî òîãî êàê íàòêíóëñÿ íà ýòó òåìó â ðîóòåðå RT-N10U áûë íàñòðîåí openvpn, íî áûëî äâà ìèíóñà: 1 òàê è íå ïîëó÷èëîñü íàñòðîèòü dns ÷òîá â ñåòåâîì îêðóæåíèè áûëî âèäíî ïîäêëþ÷åííûå êîìïüþòåðû. 2 íå ïîëó÷èëîñü çàñòàâèòü õîäèòü áðîäêàñòû ÷åðåç openvpn, ÷òî äåëàåò íåâîçìîæíûì ïîãîíÿòü â èãðóøêè â êîòîðûõ íåò êîíñîëè. Ñ poptop'îì âðîäå âñå ïîëó÷èëîñü è âðîäå ðàáîòàåò êàê íàäî, òîëüêî âîò îïÿòü äâå ïðîáëåìû â òîì ÷òî êîãäà ïîäêëþ÷àåòñÿ óäàëåííûé êëèåíò íà ðîóòåðå îòâàëèâàåòñÿ èíòåðíåò (âî âêëàäêå WAN interface ïîÿâëÿþòñÿ àéïè è øëþç óäàëåííîãî êëèåíòà âìåñòî àéïè ïðîâàéäåðà) ïðè ýòîì ñåòü ðàáîòàåò è íå ðàäóåò ñêîðîñòü ìàêñèìóì ~600 Êáèò/ñ õîòÿ ñêîðîñòü èíòåðíåò êàíàëà 10 Ìáèò/ñ â îáå ñòîðîíû è ñòîëüêî æå ó êëèåíòà. Åñëè êëèåíò óäàëåííî çàõîäèò íà ftp ðîóòåðà òî ñêîðîñòü ~3-4 Ìáèò/ñ. Ïîäñêàæèòå ãäå ãðàáëè??

ip ðîóòåðà 192.168.2.50
ip vpn'a 192.168.2.51
ëîêàëüíûé äèàïàçîí 2.20-2.45
äëÿ êëèåíòîâ 2.55-2.75
ðîóòåð RT-N10U 1.9.2.7-rtn-r4667M
íàñòðîéêè ñëåäóþùèå:

Code:

pptpd.conf
debug
ppp /usr/sbin/pppd
option /opt/etc/ppp/options.pptpd
#speed 115200
#stimeout 3
bcrelay br0
localip 192.168.2.51
remoteip 192.168.2.55-75

Code:

options.pptpd
debug
logfile /opt/tmp/pptp-server.log
#172.16.1.1:
#auth
name pp
#lcp-echo-failure 3
#lcp-echo-interval 60
default-asyncmap
mtu 1482
mru 1482
#nobsdcomp
#nodeflate
proxyarp
#nomppc
novj
novjccomp
#mppe required,no40,no56,stateless
require-mschap-v2
refuse-chap
refuse-mschap
#refuse-eap
refuse-pap
ms-dns 192.168.2.50
#plugin radius.so
#radius-config-file /opt/etc/radius.conf
lock
nodefaultroute

[hans0n]

http://wl500g.info/showthread.php?28...re-%F1-Optware

Ñïàñèáî!
Âêëþ÷èë ãîëîâó è ñäåëàë.
Ïðàâäà ïðèøëîñü âñ¸ ðàâíî ïîëîìàòü ãîëîâó ñ êîíôèãàìè, ïîòîìó ÷òî ïðè ïîäêëþ÷åíèè ïîÿâëÿëèñü âûäàâàëèñü îøèáêè (íàïðèìåð #619).

Êîíôèãè òàêæå èñïîëüçîâàëñÿ èç ïîñòà ¹556. Ñïàñèáî òîâàðèùó pretoreani

[mbg]

Ñïàñèáî!
Âêëþ÷èë ãîëîâó è ñäåëàë.
Ïðàâäà ïðèøëîñü âñ¸ ðàâíî ïîëîìàòü ãîëîâó ñ êîíôèãàìè, ïîòîìó ÷òî ïðè ïîäêëþ÷åíèè ïîÿâëÿëèñü âûäàâàëèñü îøèáêè (íàïðèìåð #619).

Êîíôèãè òàêæå èñïîëüçîâàëñÿ èç ïîñòà ¹556. Ñïàñèáî òîâàðèùó pretoreani

×òî-òî ó ìåíÿ íå ïîëó÷àåòñÿ âêëþ÷èòü ãîëîâó. Êîíôèãè èç ïîñòà 556 èñïîëüçóþ, íî âñå ðàâíî ïîëó÷àþ îøèáêó 619.
 ïðîöåññàõ ó ìåíÿ íå òàê êàê ó pretoreani:

Code:

 1025 root      1004 S    pptpd -b br0 -c /opt/etc/pptpd.conf
 1026 root      1020 R    /opt/sbin/bcrelay -i br0 -o ppp[0-9].* -n

Ìîæåò ÷òî-íèòü óïóñêàþ?