From 1b56dbf0da1da62d1ec02f3566e2c6adb6670fe7 Mon Sep 17 00:00:00 2001 From: Du Huanpeng Date: Wed, 9 Aug 2017 10:50:11 +0800 Subject: [PATCH 1/2] linux: system wide static /etc/network/routes please refer to: https://askubuntu.com/questions/168033/how-to-set-static-routes-in-ubuntu-server ----- There is a package ifupdown-extra avaible in Ubuntu. It provides automatic scripts (installed in /etc/network/*/), one of which is used to add static routes. The configuration file for this is /etc/network/routes The top of this config file has a good description: This configuration file is read by the static-routes if-updown script and the /etc/init.d/networking-routes script to setup a list of routes associated either with a given interface or global routes. An example route I use is: 192.168.240.0 255.255.255.0 192.168.130.3 em3 ----- How to use, in case your default gateway interface is 'enp0s29f7u2c4i2' $ python chnroutes.py -p routes $ sed -i 's/___Interface___/enp0s29f7u2c4i2/g' routes $ $ # if you didn't have ifupdown-extra installed $ sudo apt-get install ifupdown-extra $ $ sudo cat routes >>/etc/network/routes this is a very draft commit, I don't know have any experience with python. if any thing goes into issues, please help... the routes will automatic added when the interface brings up, and also removed when the interface is down or removed (usb hotspot or usb network adapter). the poster writen the nic as 'em3', I guess this maybe also works under pfsense or *BSD gateways, never know. Signed-off-by: Du Huanpeng --- chnroutes.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/chnroutes.py b/chnroutes.py index 37fa830..0252941 100755 --- a/chnroutes.py +++ b/chnroutes.py @@ -19,6 +19,17 @@ def generate_ovpn(metric): " and also add 'max-routes %d', which takes a line, to the head of the file." % (len(results)+20) +def generate_routes(iface): + results = fetch_ip_data() + rfile=open('routes','w') + for ip,mask,_ in results: + route_item="%s %s %s\n"%(ip,mask,iface) + rfile.write(route_item) + rfile.close() + print "Usage: Append the content of the newly created routes to /etc/network/routes," \ + " total routes %d" % (len(results)+20) + + def generate_linux(metric): results = fetch_ip_data() upscript_header=textwrap.dedent("""\ @@ -195,6 +206,7 @@ def fetch_ip_data(): #fetch data from apnic print "Fetching data from apnic.net, it might take a few minutes, please wait..." url=r'https://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest' +# url=r'http://192.168.1.254/delegated-apnic-latest' data=urllib2.urlopen(url).read() cnregex=re.compile(r'apnic\|cn\|ipv4\|[0-9\.]+\|[0-9]+\|[0-9]+\|a.*',re.IGNORECASE) @@ -247,6 +259,8 @@ def fetch_ip_data(): if args.platform.lower() == 'openvpn': generate_ovpn(args.metric) + elif args.platform.lower() == 'routes': + generate_routes('___Interface___') elif args.platform.lower() == 'linux': generate_linux(args.metric) elif args.platform.lower() == 'mac' or args.platform.lower() == 'darwin': From 59f80f86666cd8b5a1278ea73b395c08bfeaf598 Mon Sep 17 00:00:00 2001 From: Du Huanpeng Date: Wed, 9 Aug 2017 11:37:21 +0800 Subject: [PATCH 2/2] README: technical terms used Signed-off-by: Du Huanpeng --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 752c3b1..a0d43cd 100644 --- a/README.md +++ b/README.md @@ -80,7 +80,7 @@ route-delay 2 另外, 这里假定了你的android已经安装过busybox, 否则请先安装busybox再进行以上操作, 还需要知道的是, 这个脚本在手机上执行会花费比较长的时间, 如非必要, 就不要用了. 也许采用非redirect-gateway方式, 然后在ovpn配置文件里添加几条需要路由的ip段是比较快捷方便的做法. 基于Linux的第三方系统的路由器 -一些基于Linux系统的第三方路由器系统如: OpenWRT, DD-WRT, Tomato 都带有VPN(PPTP/Openvpn)客户端的, 也就是说, 我们只需要在路由器进行VPN拨号, 并利用本项目提供的路由表脚本就可以把VPN针对性翻墙扩展到整个局域网. 当然, 使用这个方式也是会带来副作用, 即局域网的任何机器都不适合使用Emule或者BT等P2P下载软件. 但对于那些不使用P2P, 希望在路由器上设置针对性翻墙的用户, 这方法十分有用, 因为只需要一个VPN帐号, 局域网内的所有机器, 包括使用wifi的手机都能自动翻墙. 相信配置方式请参考: Autoddvpn 项目. +一些基于Linux系统的第三方路由器系统如: OpenWRT, DD-WRT, Tomato 都带有VPN(PPTP/Openvpn)客户端的, 也就是说, 我们只需要在路由器进行VPN拨号, 并利用本项目提供的路由表脚本就可以把VPN针对性路由扩展到整个局域网. 当然, 使用这个方式也是会带来副作用, 即局域网的任何机器都不适合使用Emule或者BT等P2P下载软件. 但对于那些不使用P2P, 希望在路由器上设置针对性路由的用户, 这方法十分有用, 因为只需要一个VPN帐号, 局域网内的所有机器, 包括使用wifi的手机都能自动路由. 相信配置方式请参考: Autoddvpn 项目. ## 信息反馈