port 6194proto udpdev tapup /home/openvpn/up.shca /home/openvpn/conf/server/ca.crtcert /home/openvpn/conf/server/server.crtdh /home/openvpn/conf/server/dh2048.pemkey /home/openvpn/conf/server/server.keyserver-bridge 192.168.3.38 255.255.255.0 192.168.3.2 192.168.3.5keepalive 10 120sndbuf 0rcvbuf 0txqueuelen 1000persist-keypersist-tunstatus /home/openvpn/logs/server/openvpn-status.loglog-append /home/openvpn/logs/server/openvpn.logverb 5script-security 3auth-user-pass-verify /home/openvpn/checkpsw.sh via-envusername-as-common-name
#!/bin/bash
#
#
BRIDGE="br0"
/usr/sbin/brctl addif ${BRIDGE} ${1}
/usr/sbin/ifconfig ${1} up
#!/bin/sh
###########################################################
# checkpsw.sh (C) 2004 Mathias Sundman <mathias@openvpn.se>
#
# This script will authenticate OpenVPN users against
# a plain text file. The passfile should simply contain
# one row per user with the username first followed by
# one or more space(s) or tab(s) and then the password.
PASSFILE="/home/openvpn/conf/server/psw-file"
LOG_FILE="/var/log/openvpn-password.log"
TIME_STAMP=`date "+%Y-%m-%d %T"`
###########################################################
if [ ! -r "${PASSFILE}" ]; then
echo "${TIME_STAMP}: Could not open password file \"${PASSFILE}\" for reading." >> ${LOG_FILE}
exit 1
fi
CORRECT_PASSWORD=`awk '!/^;/&&!/^#/&&$1=="'${username}'"{print $2;exit}' ${PASSFILE}`
if [ "${CORRECT_PASSWORD}" = "" ]; then
echo "${TIME_STAMP}: User does not exist: username=\"${username}\", password=\"${password}\"." >> ${LOG_FILE}
exit 1
fi
if [ "${password}" = "${CORRECT_PASSWORD}" ]; then
echo "${TIME_STAMP}: Successful authentication: username=\"${username}\"." >> ${LOG_FILE}
exit 0
fi
echo "${TIME_STAMP}: Incorrect password: username=\"${username}\", password=\"${password}\"." >> ${LOG_FILE}
exit 1
yydsOpenVPN,10.8.31.4
yydsOpenVPN ABCabc123
若有收获,就点个赞吧
0 人点赞
