Tunnel DietPi through PPtP

Guides and tutorials for various stuff. Posted by DietPi users.
Post Reply
GiffE
Posts: 1
Joined: Fri May 06, 2016 11:44 am

Tunnel DietPi through PPtP

Post by GiffE »

Just to expand upon this guide. This is a script I use to create and configure all transmission torrent traffic through a pptp VPN. With this the goal is also to only route traffic from transmission through the VPN. All other traffic should use your public ip.

First you have to install the VPN Client and setup the IPTable rule:
NOTE: This install works for armhf architecture (ODroid C2)

Code: Select all

# Install VPN:
# ———————————————————
echo 'Installing VPN'
sudo apt-get install libexpat1 -y
sudo apt-get update && sudo apt-get install apt-transport-https -y --force-yes
dpkg --add-architecture armhf
apt-get update
wget http://http.us.debian.org/debian/pool/main/p/pptp-linux/pptp-linux_1.7.2-7_armhf.deb
dpkg -i pptp-linux_1.7.2-7_armhf.deb
sudo apt-get -f install ppp:armhf -y
sudo apt-get -f install
rm -r pptp-linux_1.7.2-7_armhf.deb

echo 'Configuring VPN'
sudo pptpsetup --create pptpvpn --server VPNSERVERADDRESS --username USERNAME --password PASSWORD --encrypt --start
echo 200 vpn | sudo tee -a /etc/iproute2/rt_tables

# connect
pon pptpvpn updetach

# disconnect
poff -a
Notice the lines:

Code: Select all

sudo pptpsetup --create pptpvpn --server VPNSERVERADDRESS --username USERNAME --password PASSWORD --encrypt --start
You will need to edit this with your server address, username, and password.

Next I wrote this script which configures transmission and connects to the VPN, run this whenever:

Code: Select all

#!/bin/sh

vpnip=$(ifconfig ppp0 | egrep -o 'addr:[^ ]* ' | cut -d':' -f2 | sed 's/ //')

if [ -z $vpnip ]; then
	echo 'VPN disconnected'
	attempt=1
	while [ -z $vpnip ] && [ $attempt -lt 4 ]; do
		echo 'Connection Attempt' $attempt
		pon pptpvpn updetach
		attempt=$((attempt+1))
		vpnip=$(ifconfig ppp0 | egrep -o 'addr:[^ ]* ' | cut -d':' -f2 | sed 's/ //')
	done
else
	echo 'VPN IP' $vpnip
fi

if [ -z $vpnip ]; then
	echo 'Failed to connect to VPN'
	exit 1
else
	echo 'VPN Connected\nChecking Transmission configuration'
	transip=$(grep '(?<=\"bind-address-ipv4":).*' /var/lib/transmission-daemon/info/settings.json -oP | egrep '([0-9]+.[0-9]+.[0-9]+.[0-9]+)' -o)
	if [ $transip != $vpnip ]; then
		echo 'Transmission IP out of date'
		echo '\t IP was ' $transip
		echo '\tFixing Transmission IP'
		service transmission-daemon stop
		chmod -R 777 /var/lib/transmission-daemon/info/settings.json
		sed -i "s/\"bind-address-ipv4\":.*\$/\"bind-address-ipv4\": \"$vpnip\",/" /var/lib/transmission-daemon/info/settings.json
		chmod -R 444 /var/lib/transmission-daemon/info/settings.json
		service transmission-daemon start
	else
		echo '\tTransmission already configured.'
	fi

	transip=$(grep '(?<=\"bind-address-ipv4":).*' /etc/transmission-daemon/settings.json -oP | egrep '([0-9]+.[0-9]+.[0-9]+.[0-9]+)' -o)
	if [ $transip != $vpnip ]; then
		echo 'Transmission IP out of date'
		echo '\t IP was ' $transip
		echo '\tFixing Transmission IP'
		service transmission-daemon stop
		chmod -R 777 /etc/transmission-daemon/settings.json
		sed -i "s/\"bind-address-ipv4\":.*\$/\"bind-address-ipv4\": \"$vpnip\",/" /etc/transmission-daemon/settings.json
		chmod -R 444 /etc/transmission-daemon/settings.json
		service transmission-daemon start
	else
		echo '\tTransmission already configured.'
	fi
fi
echo 'Finished configuring Transmission'
vpnsubnet=$(echo $vpnip | grep '([0-9]+\.[0-9]+\.[0-9]+)' -oP)

echo 'Checking routing rules'
iprule=$(ip rule show | grep '([0-9]+\.[0-9]+\.[0-9]+)(?=\.0\/24.*lookup vpn)' -oP)

if [ -z $iprule  ]; then
	echo '\tNo VPN IP rule found'
	echo '\tCreating rule for' $vpnsubnet'.0/24'
	ip rule add from $vpnsubnet'.0/24' lookup vpn
	ip route add default via $vpnsubnet'.1' dev ppp0 table vpn
else
	if [ -z $(echo $vpnip | grep $iprule) ]; then
		echo '\tVPN rule applied to the wrong IP'

		echo '\tDeleting old rule for' $iprule'.0/24'
		ip rule del from $iprule'.0/24' lookup vpn

        	echo '\tCreating rule for' $vpnsubnet'.0/24'
        	ip rule add from $vpnsubnet'.0/24' lookup vpn
	else
		echo '\tIP Rules already configured.'
	fi
fi

echo 'Finished configuring routing rules'

echo 'Checking IP routes'
iproute=$(ip route show default via $vpnsubnet.1 dev ppp0 table vpn)
if [ -z $iproute  ]; then
	echo '\tNo VPN IP route found'
	echo '\tCreating route for' $vpnsubnet'.1'
	ip route add default via $vpnsubnet'.1' dev ppp0 table vpn
else
	echo '\tIP routing already configured'
fi

echo 'Finished Checking IP routes'

exit 0
Run that shell script file whenever you want to connect to the VPN. This checks the vpn's lan ip vs the ip that is configured in transmission and fixes it if it needs to.

Hope this helps anyone who needs it.

Post Reply