首先,将/etc/init.d/xl2tpd和/etc/init.d/ipsec两个脚本添加到rc.d中。发现/etc/init.d/xl2tpd已经添加了,只要添加ipsec即可,首先需要修改ipsec脚本,修改下述行,表示支持runlevel 5的启动脚本。
1 | # Default-Start: 5 |
然后就使用下述命令添加到rc5.d
1 2 | update-rc.d -f ipsec removeupdate-rc.d ipsec defaults |
接着,添加脚本,在网络起来后,进行l2tp/ipsec拨号,在/etc/network/if-up.d/添加脚本l2tp-ipsec-up:
1 2 3 4 5 6 | #!/bin/sh# this a script in /etc/network/if-up.d/# start l2tp/ipsec when network ready/work/init.d/l2tp-ipsec start |
/work/init.d/l2tp-ipsec脚本的内容为:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 | #!/bin/shstart_service (){ /etc/init.d/ipsec restart /etc/init.d/xl2tpd restart}stop_service (){ /etc/init.d/xl2tpd stop /etc/init.d/ipsec stop}start (){ ipsec auto --up L2TP-PSK > /dev/null || exit 1 echo 'c vpn-connection' > /var/run/xl2tpd/l2tp-control || exit 1 echo "start ok"}stop (){ echo 'd vpn-connection' > /var/run/xl2tpd/l2tp-control ipsec auto --down L2TP-PSK > /dev/null}if [ `whoami` != "root" ] ; then echo "need run as root" exit 1fifor cmd in start stop ; do if [ "$cmd" = "$1" ] ; then $cmd exit fidoneecho "need specify command"exit 1 |
同样的方法,添加down脚本。
脚本vpn-up脚本添加到/etc/ppp/ip-up.d/目录。
1 2 3 4 5 6 | #!/bin/ship route delete default || :ip route add 47.90.122.28 via 192.168.0.1 || :ip route add default via 10.0.0.1 || :/work/init.d/hotplug.d/batch-china-ip add |
batch-china-ip脚本用于配置中国大陆ip走国内网络。
1 2 3 4 5 6 7 8 9 10 11 12 | #!/bin/shifs=`ls /sys/class/net`for if in $ifs ; do if [ $if = "lo" -o $if = "ppp0" ] ; then continue fi /work/sbin/batchroute $1 :china via 192.168.0.1 dev $ifdoneexit 1 |
类似的添加down脚本,删除路由。
OK,每次启动电脑都能自动进行VPN拨号了。