W tym momencie mam działający OpenVPN, chciałbym uruchomić drugą instancję OpenVPN na innych portach, aby łączyła się ona z TOR-em:
klient -> OpenVPN -> Internet
klient -> OpenVPN serwer -> TOR -> Internet
- Wersja jądra:
Kod: Zaznacz cały
Linux xxx.ovh.net 2.6.27.10-grsec-xxxx-grs-ipv4-32 #7 SMP Wed Sep 9 22:05:06 UTC 2009 i686 GNU/Linux - Wersja architektury systemu: i386
- Wynik:
Kod: Zaznacz cały
ifconfig -a dummy0 Link encap:Ethernet HWaddr 62:a8:b0:0e:32:93 BROADCAST NOARP MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) eth0 Link encap:Ethernet HWaddr 00:1c:c0:40:2b:99 inet addr:<ZEWN IP> Bcast:91.121.144.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:810472317 errors:0 dropped:0 overruns:0 frame:0 TX packets:4021404159 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2539249931 (2.3 GiB) TX bytes:4253157544 (3.9 GiB) Interrupt:220 Base address:0x2000 gre0 Link encap:UNSPEC HWaddr 00-00-00-00-FF-00-00-00-00-00-00-00-00-00-00-00 NOARP MTU:1476 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:387744876 errors:0 dropped:0 overruns:0 frame:0 TX packets:387744876 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1492385715 (1.3 GiB) TX bytes:1492385715 (1.3 GiB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.3.1 P-t-P:192.168.3.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:14973 errors:0 dropped:0 overruns:0 frame:0 TX packets:18357 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:3155820 (3.0 MiB) TX bytes:15534765 (14.8 MiB) tunl0 Link encap:IPIP Tunnel HWaddr NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) - Konfiguracja serwera OpenVPN:
Kod: Zaznacz cały
upgreydd@ns356890:~$ sudo grep -vE '^#|^;|^$' /etc/openvpn/server.conf port 1194 proto udp dev tun ca keys/ca.crt cert keys/pythonisko.pl.crt key keys/pythonisko.pl.key dh keys/dh1024.pem server 192.168.3.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "route 192.168.3.0 255.255.255.0" push "redirect-gateway" push "dhcp-option DNS 212.85.112.32" push "dhcp-option DNS 194.204.152.34" client-to-client keepalive 10 120 comp-lzo persist-key persist-tun status openvpn-status.log verb 3 plugin /usr/lib/openvpn/openvpn-auth-pam.so Kod: Zaznacz cały
iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT esp -- anywhere anywhere ACCEPT ah -- anywhere anywhere ACCEPT udp -- anywhere anywhere udp dpt:mdns state NEW,RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:44 state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:www state INVALID,NEW,RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:webmin state NEW ACCEPT tcp -- anywhere anywhere tcp dpts:27000:27200 state NEW,RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ftp state NEW ACCEPT udp -- anywhere anywhere udp dpt:27015 state NEW,RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere udp dpt:1200 state NEW,RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:domain state NEW,RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere udp dpt:27020 state NEW,RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:https state NEW,RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere udp dpt:domain state NEW,RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:9867 state NEW,RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:3128 ACCEPT tcp -- anywhere anywhere tcp dpt:8989 ACCEPT tcp -- anywhere anywhere tcp dpt :o penvpn ACCEPT udp -- anywhere anywhere udp dpt :o penvpn ACCEPT tcp -- anywhere anywhere tcp dpt:9999 ACCEPT tcp -- anywhere anywhere tcp dpt:6666 ACCEPT tcp -- anywhere anywhere tcp dpt:3000 ACCEPT tcp -- anywhere anywhere tcp dpts:xmpp-client:5223 ACCEPT tcp -- anywhere anywhere tcp dpt:9091 ACCEPT tcp -- anywhere anywhere tcp dpt:xmpp-server ACCEPT tcp -- anywhere anywhere tcp dpts:5900:5910 ACCEPT udp -- anywhere anywhere udp dpts:5900:5910 ACCEPT tcp -- anywhere anywhere tcp dpt:7070 ACCEPT tcp -- anywhere anywhere tcp dpt:http-alt REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Czy mógłby mi ktoś z Was drodzy forumowicze pomóc w konfiguracji tego?