linux下pptp服务器配置

風尐 · 发表于 2011-1-10 13:27:06

linux下pptp服务器配置

pptp服务器配置与管理

一、    pptpd的安装
1.       所需软件为：

dkms-2.0.6-1.noarch.rpm

kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm

kernelmod-0.7.1.tar.gz

ppp-2.4.3-5.fc4.i386.rpm（用ppp-2.4.4b1更稳定）

pptpd-1.3.1-0.i386.rpm
2.       升级内枋模块

首先查看是否已经支持mppe功能：modprobe ppp-compress-18 && echo ok

如果显示ok，那么内核已经具备了mppe支持。如果不支持，需安装：

dkms-2.0.6-1.noarch.rpm

kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm

对于低版本的内核是必须安装kernelmod-0.7.1.tar.gz(需要内核源代码)
3.       安装ppp

在上面的网址下载最新的ppp软件包，源包用最常规的方法，configure，make，make install。注意：新版的没有复制范例配置文件，需要用 make install-etcppp 来安装范例配置文件。一般可用rpm软件包：

rpm –ivh ppp-2.4.3-5.fc4.i386.rpm

4.       安装pptpd

在上面的网址下载最新的pptp软件包，源包用最常规的方法，configure，make，make install。一般采用pptp软件包：pptpd-1.3.1-0.i386.rpm
5.       /etc/pptp.conf内容如下：

ppp    /usr/local/sbin/pppd

option /etc/ppp/options.pptpd

bcrelay eth0

#listen 0.0.0.0

localip 192.168.x.x

remoteip 192.168.x.1-254

netmast 255.255.255.0
6.       /etc/ppp/options.pptpd内容如下：

lock

dump

logfd 2

logfile /var/log/pptpd.log

name pptpserver

proxyarp

auth

mtu 1450

nobsdcomp

require-mschap-v2

#require-mppe-128

require-mppe

ipparam options.pptpd

ms-dns 192.168.x.x

ms-dns 202.86.252.254
7.       /etc/ppp/ip-up内容如下：
注：如果采用radius验证，则勿需设置这部分内容

#!/bin/bash

# This file should not be modified -- make local changes to

# /etc/ppp/ip-up.local instead

PATH=/sbin:/usr/sbin:/bin:/usr/bin

export PATH

LOGDEVICE=$6

REALDEVICE=$1

[ -f /etc/sysconfig/network-scripts/ifcfg-${LOGDEVICE} ] && /etc/sysconfig/network-scripts/ifup-post ifcfg-${LOGDEVICE}

/etc/ppp/ip-up.ipv6to4 ${LOGDEVICE}

#################### Log  ########################

      pptplogdirectory="/etc/ppp"

      dialinfo=`/sbin/ifconfig $1`

      dialtime=`/bin/date`

      userip=`ifconfig $1|grep inet|awk '{print $3}'|awk -F: '{print $2}'`

      localinfo=`/bin/cat /etc/ppp/chap-secrets|grep $userip|awk '{print "username:"$1"\t","localIP:" $4,"logon Successfull"}'`

      #username=`/bin/cat /etc/ppp/chap-secrets|grep $userip|awk '{print $1}'`

      #remoteinfo=`/usr/bin/tail /var/log/daemon -n100|grep "CTRL: Client"|grep "control connection started"|tail -n1|awk -F"Client" '{print $2}'|awk '{print "remoteIP:",$1}'`

      if [ -e $pptplogdirectory/userlog ];then

            /bin/cat /etc/ppp/chap-secrets|grep $userip|awk '{print logontime"\t","username:"$1"\t","IP:"$4,"logon Successfull""\t","remoteIP:"'$6'}' logontime="`/bin/date`" >>$pptplogdirectory/userlog

            #/bin/cat /etc/ppp/chap-secrets|grep $userip|awk '{print logontime"\t","username:"$1"\t","IP:"$4,"logon Successfull""\t","remoteIP:"'$6'}' logontime="`/bin/date`" >>$pptplogdirectory/userlog

            #/bin/echo $0 $1 $2 $3 $4 $5 $6 $7 >>$pptplogdirectory/userlog

            #/bin/echo $dialtime  $localinfo  $remoteinfo >>$pptplogdirectory/userlog

            #/bin/cat /etc/ppp/chap-secrets|grep $userip|awk '{print logontime"\t","username:"$1"\t","IP:"$4,"logon Successfull"}' logontime="`/bin/date`" >>$pptplogdirectory/userlog

            #/bin/cat /etc/ppp/chap-secrets|grep $userip|awk '{print logontime"\t","username:"$1"\t","IP:"$4,"logon Successfull""\t",remoteinfo}' logontime="`/bin/date`" remoteinfo="`/usr/bin/tail /var/log/daemon -n100|grep "CTRL: Client"|grep "control connection started"|tail -n1|awk -F"Client" '{print $2}'|awk '{print "remoteIP:",$1}'`" >>$pptplogdirectory/userlog

#echo "456"|awk '{print a$0b}' a="$a" b="$b"

      else

            /bin/touch $pptplogdirectory/userlog

      fi

####################################################

/sbin/ifconfig $1 mtu 1446

#[ -x /etc/ppp/login.sh ] && /etc/ppp/login.sh "$@"

[ -x /etc/ppp/ip-up.local ] && /etc/ppp/ip-up.local "$@"

exit 0

8.       /etc/ppp/chat-secrets内容如下：

# Secrets for authentication using CHAP

# client       server  secret                IP addresses

“test”  pptpserver    “dfd&890”  192.168.x.x
9.       略
二、    pptp服务器管理
1.       新建用户

Vi /etc/ppp/chat-secrets增加一条即可，并指定IP
2.       查看登录日志

tail –n100 /etc/ppp/userlog

cn896 · 发表于 2011-1-11 01:27:32

了解

账号		自动登录	找回密码
密码			注册

[建站交流] linux下pptp服务器配置

浏览过的版块