sakaivpn 59 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710
  1. # ░▒▓█ ☁️ Project sakai 3.0.1 ☁️ █▓▒░"
  2. # by: irwanmohi
  3. #########################################################
  4. ### Input your desire port and information...
  5. #########################################################
  6. MyScriptName='SakaiVPN'
  7. # Stunnel Cert Info
  8. country='MY'
  9. state='Sel'
  10. locality='gombak'
  11. organization='aidan'
  12. organizationalunit='aidan'
  13. commonname='aidan'
  14. #version [reference for online update]
  15. ver='3.0.1'
  16. #Server Name for openvpn config and banner
  17. ServerName='Sakai-VPN'
  18. # OpenSSH Ports
  19. SSH_Port1='22'
  20. SSH_Port2='299'
  21. # Dropbear Ports
  22. Dropbear_Port1='790'
  23. Dropbear_Port2='2770'
  24. # Stunnel Ports
  25. Stunnel_Port1='446' # through Dropbear
  26. Stunnel_Port2='444' # through OpenSSH
  27. Stunnel_Port3='445' # through Openvpn
  28. # OpenVPN Ports
  29. OpenVPN_TCP_Port='1720'
  30. OpenVPN_UDP_Port='3900'
  31. # Privoxy Ports
  32. Privoxy_Port1='9880'
  33. Privoxy_Port2='3100'
  34. # Squid Ports
  35. Squid_Port1='3233'
  36. Squid_Port2='7003'
  37. Squid_Port3='9005'
  38. # Over-HTTP-Puncher
  39. OHP_Port1='5595'
  40. OHP_Port2='5596'
  41. OHP_Port3='5597'
  42. OHP_Port4='5598'
  43. OHP_Port5='5599'
  44. # Python Socks Proxy
  45. Simple_Port1='8033'
  46. Simple_Port2='22333'
  47. Direct_Port1='8044'
  48. Direct_Port2='22444'
  49. Open_Port1='8055'
  50. Open_Port2='22555'
  51. # WebServer Ports
  52. Php_Socket='9000'
  53. sakai_Openvpn_Monitoring='89'
  54. Tcp_Monitor_Port='450'
  55. Udp_Monitor_Port='451'
  56. Nginx_Port='85'
  57. # Server local time
  58. MyVPS_Time='Asia/Kuala_Lumpur'
  59. #banner
  60. cat <<'irwan' > /etc/irwanmohi/banner
  61. <br><font>
  62. <br><font>
  63. <br><font color='green'> <b> ░▒▓█ ☁️ Sakai VPN ☁️ █▓▒░</b> </br></font>
  64. <br><font>
  65. <br><font color='#32CD32'>: : : ★ Happy Browsing!😊 </br></font>
  66. <br><font color='#32CD32'>: : : ★ This is FREE and Not for Sale! </br></font>
  67. <br><font color='#FDD017'>: : : ★ Project Lead: irwanmohi 🦊</br></font>
  68. <br><font>
  69. <br><font color='#32CD32'>: : : ★ STRICTLY NO ACCOUNT SHARING</br></font>
  70. <br><font color='#32CD32'>: : : ★ STRICTLY NO MULTI-LOGIN</br></font>
  71. <br><font color='#32CD32'>: : : ★ STRICTLY NO TORRENT</br></font>
  72. <br><font>
  73. <br><font color='#FF00FF'>░▒▓█ VIOLATORS WILL BE BAN!!!</br></font>
  74. <br><font>
  75. <br><font>
  76. irwan
  77. #########################################################
  78. ### Project sakai AutoScript Code Begins...
  79. #########################################################
  80. function InstUpdates(){
  81. export DEBIAN_FRONTEND=noninteractive
  82. apt-get update
  83. apt-get upgrade -y
  84. # Removing some firewall tools that may affect other services
  85. apt-get remove --purge ufw firewalld -y
  86. # Installing some important machine essentials
  87. apt-get install nano sudo wget curl zip unzip tar psmisc build-essential gzip iptables p7zip-full bc rc openssl cron net-tools dnsutils lsof dos2unix lrzsz git qrencode libcap2-bin dbus whois ngrep screen bzip2 ccrypt curl gcc automake autoconf libxml-parser-perl make libtool ruby -y
  88. # Now installing all our wanted services
  89. apt-get install dropbear stunnel4 squid privoxy ca-certificates nginx apt-transport-https lsb-release python python-pip python3-pip python-dev python-setuptools libssl-dev -y
  90. pip install shadowsocks
  91. pip3 install shadowsocks
  92. # Installing all required packages to install Webmin
  93. apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python dbus libxml-parser-perl shared-mime-info jq fail2ban -y
  94. # Installing a text colorizer and design
  95. gem install lolcat
  96. apt-get install figlet
  97. ###### Chokepoint for Debian and Ubuntu No. 1 vvvvvv
  98. # Installing all Web Panel Requirements
  99. sudo apt-get install lsb-release ca-certificates apt-transport-https software-properties-common -y
  100. sudo apt-get --allow-unauthenticated upgrade -y
  101. sudo apt-get upgrade --fix-missing -y
  102. sudo apt-get install -y php7.4 -y
  103. sudo apt-get install php7.4-fpm -y
  104. sudo apt-get install php7.4-cli -y
  105. sudo apt-get install libssh2-1 -y
  106. sudo apt-get install php-ssh2 -y
  107. sudo apt-get install libgeoip-dev -y
  108. sudo apt-get install uwsgi -y
  109. sudo apt-get install geoipupdate -y
  110. sudo apt-get install uwsgi-plugin-python -y
  111. sudo apt-get install --reinstall python-virtualenv -y
  112. sudo apt-get install --reinstall geoip-database-extra -y
  113. sudo update-alternatives --set php /usr/bin/php7.4
  114. apt-get install php7.4-ssh2 php-ssh2-all-dev -y
  115. ###### Chokepoint for Debian and Ubuntu No.1 ^^^^^
  116. # Installing OpenVPN by pulling its repository inside sources.list file
  117. rm -rf /etc/apt/sources.list.d/openvpn*
  118. echo "deb http://build.openvpn.net/debian/openvpn/stable $(lsb_release -sc) main" > /etc/apt/sources.list.d/openvpn.list
  119. wget -qO - http://build.openvpn.net/debian/openvpn/stable/pubkey.gpg|apt-key add -
  120. apt-get update
  121. apt-get install openvpn -y
  122. # Certbot for Domain Self Sign Certification 2.3.4x
  123. sudo apt-get install certbot -y
  124. # Trying to remove obsolette packages after installation
  125. apt-get autoremove -y
  126. apt autoremove --fix-missing -y -f
  127. echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
  128. }
  129. function InstWebmin(){
  130. # Download the webmin .deb package
  131. # You may change its webmin version depends on the link you've loaded in this variable(.deb file only, do not load .zip or .tar.gz file):
  132. WebminFile='http://prdownloads.sourceforge.net/webadmin/webmin_1.970_all.deb'
  133. wget -qO webmin.deb "$WebminFile"
  134. # Installing .deb package for webmin
  135. dpkg --install webmin.deb
  136. rm -rf webmin.deb
  137. # Configuring webmin server config to use only http instead of https
  138. sed -i 's|ssl=1|ssl=0|g' /etc/webmin/miniserv.conf
  139. # Then restart to take effect
  140. systemctl restart webmin
  141. }
  142. function InstSSH(){
  143. # Removing some duplicated sshd server configs
  144. rm -f /etc/ssh/sshd_config
  145. sleep 1
  146. # Creating a SSH server config using cat eof tricks
  147. cat <<'MySSHConfig' > /etc/ssh/sshd_config
  148. # Project sakai OpenSSH Server config
  149. # -irwanmohi
  150. Port myPORT1
  151. Port myPORT2
  152. AddressFamily inet
  153. ListenAddress 0.0.0.0
  154. HostKey /etc/ssh/ssh_host_rsa_key
  155. HostKey /etc/ssh/ssh_host_ecdsa_key
  156. HostKey /etc/ssh/ssh_host_ed25519_key
  157. PermitRootLogin yes
  158. MaxSessions 1024
  159. PubkeyAuthentication yes
  160. PasswordAuthentication yes
  161. PermitEmptyPasswords no
  162. ChallengeResponseAuthentication no
  163. UsePAM yes
  164. X11Forwarding yes
  165. PrintMotd no
  166. ClientAliveInterval 300
  167. ClientAliveCountMax 2
  168. UseDNS no
  169. Banner /etc/irwanmohi/banner
  170. AcceptEnv LANG LC_*
  171. Subsystem sftp /usr/lib/openssh/sftp-server
  172. MySSHConfig
  173. sleep 2
  174. # Now we'll put our ssh ports inside of sshd_config
  175. sed -i "s|myPORT1|$SSH_Port1|g" /etc/ssh/sshd_config
  176. sed -i "s|myPORT2|$SSH_Port2|g" /etc/ssh/sshd_config
  177. # My workaround code to remove `BAD Password error` from passwd command, it will fix password-related error on their ssh accounts.
  178. sed -i '/password\s*requisite\s*pam_cracklib.s.*/d' /etc/pam.d/common-password
  179. sed -i 's/use_authtok //g' /etc/pam.d/common-password
  180. # Some command to identify null shells when you tunnel through SSH or using Stunnel, it will fix user/pass authentication error on HTTP Injector, KPN Tunnel, eProxy, SVI, HTTP Proxy Injector etc ssh/ssl tunneling apps.
  181. sed -i '/\/bin\/false/d' /etc/shells
  182. sed -i '/\/usr\/sbin\/nologin/d' /etc/shells
  183. echo '/bin/false' >> /etc/shells
  184. echo '/usr/sbin/nologin' >> /etc/shells
  185. # Restarting openssh service
  186. systemctl restart ssh
  187. # Removing some duplicate config file
  188. rm -rf /etc/default/dropbear*
  189. # creating dropbear config using cat eof tricks
  190. cat <<'MyDropbear' > /etc/default/dropbear
  191. # Project sakai Dropbear Config
  192. NO_START=0
  193. DROPBEAR_PORT=PORT01
  194. DROPBEAR_EXTRA_ARGS="-p PORT02"
  195. DROPBEAR_BANNER="/etc/irwanmohi/banner"
  196. DROPBEAR_RSAKEY="/etc/dropbear/dropbear_rsa_host_key"
  197. DROPBEAR_DSSKEY="/etc/dropbear/dropbear_dss_host_key"
  198. DROPBEAR_ECDSAKEY="/etc/dropbear/dropbear_ecdsa_host_key"
  199. DROPBEAR_RECEIVE_WINDOW=65536
  200. MyDropbear
  201. # Now changing our desired dropbear ports
  202. sed -i "s|PORT01|$Dropbear_Port1|g" /etc/default/dropbear
  203. sed -i "s|PORT02|$Dropbear_Port2|g" /etc/default/dropbear
  204. # Restarting dropbear service
  205. systemctl restart dropbear
  206. }
  207. function InsStunnel(){
  208. StunnelDir=$(ls /etc/default | grep stunnel | head -n1)
  209. # Creating stunnel startup config using cat eof tricks
  210. cat <<'MyStunnelD' > /etc/default/$StunnelDir
  211. # Project sakai Stunnel Config
  212. ENABLED=1
  213. FILES="/etc/stunnel/*.conf"
  214. OPTIONS=""
  215. BANNER="/etc/irwanmohi/banner"
  216. PPP_RESTART=0
  217. # RLIMITS="-n 4096 -d unlimited"
  218. RLIMITS=""
  219. MyStunnelD
  220. # Removing all stunnel folder contents
  221. rm -rf /etc/stunnel/*
  222. # Creating stunnel certifcate using openssl
  223. openssl req -new -x509 -days 9999 -nodes -subj "/C=MY/ST=SEL/L=Gombak/O=$MyScriptName/OU=$MyScriptName/CN=$MyScriptName" -out /etc/stunnel/stunnel.pem -keyout /etc/stunnel/stunnel.pem
  224. # Creating stunnel server config
  225. cat <<'MyStunnelC' > /etc/stunnel/stunnel.conf
  226. # My Stunnel Config
  227. pid = /var/run/stunnel.pid
  228. cert = /etc/stunnel/stunnel.pem
  229. client = no
  230. socket = l:TCP_NODELAY=1
  231. socket = r:TCP_NODELAY=1
  232. TIMEOUTclose = 0
  233. [dropbear]
  234. accept = Stunnel_Port1
  235. connect = 127.0.0.1:dropbear_port_c
  236. [openssh]
  237. accept = Stunnel_Port2
  238. connect = 127.0.0.1:openssh_port_c
  239. [openvpn]
  240. accept = Stunnel_Port3
  241. connect = 127.0.0.1:openvpn_port_c
  242. MyStunnelC
  243. # setting stunnel ports
  244. sed -i "s|Stunnel_Port1|$Stunnel_Port1|g" /etc/stunnel/stunnel.conf
  245. sed -i "s|Stunnel_Port2|$Stunnel_Port2|g" /etc/stunnel/stunnel.conf
  246. sed -i "s|Stunnel_Port3|$Stunnel_Port3|g" /etc/stunnel/stunnel.conf
  247. sed -i "s|dropbear_port_c|$Dropbear_Port1|g" /etc/stunnel/stunnel.conf
  248. sed -i "s|openssh_port_c|$SSH_Port1|g" /etc/stunnel/stunnel.conf
  249. sed -i "s|openvpn_port_c|$OpenVPN_TCP_Port|g" /etc/stunnel/stunnel.conf
  250. # Restarting stunnel service
  251. systemctl restart $StunnelDir
  252. }
  253. function InsOHP(){
  254. cd
  255. wget https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/ohpserver
  256. chmod +x ohpserver
  257. sleep 3
  258. # Creating a SSH server config using cat eof tricks
  259. cat <<'MyOHPConfig' > /usr/local/sbin/ohp.sh
  260. #!/bin/bash
  261. # Credits to: ADM Manager,FordSenpai and Bon-Chan
  262. # ░▒▓█ Project SAKAI █▓▒░
  263. # Project Lead: irwanmohi
  264. screen -dm bash -c "./ohpserver -port OHP-Port1 -proxy IP-ADDRESS:Squid-Port1 -tunnel IP-ADDRESS:SSH-Port1"
  265. screen -dm bash -c "./ohpserver -port OHP-Port2 -proxy IP-ADDRESS:Squid-Port2 -tunnel IP-ADDRESS:SSH-Port2"
  266. screen -dm bash -c "./ohpserver -port OHP-Port3 -proxy IP-ADDRESS:Privoxy-Port1 -tunnel IP-ADDRESS:SSH-Port1"
  267. screen -dm bash -c "./ohpserver -port OHP-Port4 -proxy IP-ADDRESS:Privoxy-Port2 -tunnel IP-ADDRESS:SSH-Port2"
  268. screen -dm bash -c "./ohpserver -port OHP-Port5 -proxy IP-ADDRESS:OpenVPN-TCP-Port -tunnel IP-ADDRESS:SSH-Port1"
  269. MyOHPConfig
  270. # Now changing our desired ports for OHP
  271. sed -i "s|OHP-Port1|$OHP_Port1|g" /usr/local/sbin/ohp.sh
  272. sed -i "s|OHP-Port2|$OHP_Port2|g" /usr/local/sbin/ohp.sh
  273. sed -i "s|OHP-Port3|$OHP_Port3|g" /usr/local/sbin/ohp.sh
  274. sed -i "s|OHP-Port4|$OHP_Port4|g" /usr/local/sbin/ohp.sh
  275. sed -i "s|OHP-Port5|$OHP_Port5|g" /usr/local/sbin/ohp.sh
  276. sed -i "s|IP-ADDRESS|$IPADDR|g" /usr/local/sbin/ohp.sh
  277. sed -i "s|Squid-Port1|$Squid_Port1|g" /usr/local/sbin/ohp.sh
  278. sed -i "s|Squid-Port2|$Squid_Port2|g" /usr/local/sbin/ohp.sh
  279. sed -i "s|Privoxy-Port1|$Privoxy_Port1|g" /usr/local/sbin/ohp.sh
  280. sed -i "s|Privoxy-Port2|$Privoxy_Port2|g" /usr/local/sbin/ohp.sh
  281. sed -i "s|OpenVPN-TCP-Port|$OpenVPN_TCP_Port|g" /usr/local/sbin/ohp.sh
  282. sed -i "s|SSH-Port1|$SSH_Port1|g" /usr/local/sbin/ohp.sh
  283. sed -i "s|SSH-Port2|$SSH_Port2|g" /usr/local/sbin/ohp.sh
  284. chmod +x /usr/local/sbin/ohp.sh
  285. mkdir -p /etc/project-sakai/ohp
  286. # For Activation of OHP after reboot
  287. echo "$OHP_Port1" > /etc/project-sakai/ohp/ohp1
  288. echo "$OHP_Port2" > /etc/project-sakai/ohp/ohp2
  289. echo "$OHP_Port3" > /etc/project-sakai/ohp/ohp3
  290. echo "$OHP_Port4" > /etc/project-sakai/ohp/ohp4
  291. echo "$OHP_Port5" > /etc/project-sakai/ohp/ohp5
  292. # For Notification of status of OHP in menu
  293. echo "on" > /etc/project-sakai/ohp/ohp1-status
  294. echo "on" > /etc/project-sakai/ohp/ohp2-status
  295. echo "on" > /etc/project-sakai/ohp/ohp3-status
  296. echo "on" > /etc/project-sakai/ohp/ohp4-status
  297. echo "on" > /etc/project-sakai/ohp/ohp5-status
  298. # OHP About
  299. mkdir -p /etc/sakai
  300. cat <<'sakai70' > /etc/sakai/ohp-about
  301. Over-HTTP-Puncher
  302. 1.This is for advanced users only.
  303. 2. OHP enchance your HTTP Proxy software (squid/tinyproxy/privoxy)
  304. Example:
  305. Squid / Privoxy - some payload for promo needs back query,front and etc. to connect to internet ( status: 200 )
  306. Using OHP - any kind of request set-up, back or front query, etc.. will always responses 200 automatically. (using correct payload for a promo.) and connect to internet.
  307. Payload Set up:
  308. Payload for HTTP Injector,KTR same payload set-up
  309. Payload for OHP like SocksIP
  310. Software needed for OHP:
  311. Any http tunneling software.
  312. OHP is similar to Python Proxy.
  313. Explore and enjoy ^_^
  314. Credits to: lfasmpao
  315. sakai70
  316. }
  317. function InsPython(){
  318. mkdir -p /etc/project-sakai/py-socksproxy
  319. #For Notification in menu
  320. echo "$Simple_Port1" > /etc/project-sakai/py-socksproxy/simple1-prox
  321. echo "on" > /etc/project-sakai/py-socksproxy/simple1-status
  322. echo "$Simple_Port2" > /etc/project-sakai/py-socksproxy/simple2-prox
  323. echo "on" > /etc/project-sakai/py-socksproxy/simple2-status
  324. echo "$Direct_Port1" > /etc/project-sakai/py-socksproxy/direct1-prox
  325. echo "on" > /etc/project-sakai/py-socksproxy/direct1-status
  326. echo "$Direct_Port2" > /etc/project-sakai/py-socksproxy/direct2-prox
  327. echo "on" > /etc/project-sakai/py-socksproxy/direct2-status
  328. echo "$Open_Port1" > /etc/project-sakai/py-socksproxy/open1-prox
  329. echo "on" > /etc/project-sakai/py-socksproxy/open1-status
  330. echo "$Open_Port2" > /etc/project-sakai/py-socksproxy/open2-prox
  331. echo "on" > /etc/project-sakai/py-socksproxy/open2-status
  332. #For Activation after reboot
  333. echo "$Simple_Port1" > /etc/project-sakai/py-socksproxy/simple1
  334. echo "$Simple_Port2" > /etc/project-sakai/py-socksproxy/simple2
  335. echo "$Direct_Port1" > /etc/project-sakai/py-socksproxy/direct1
  336. echo "$Direct_Port2" > /etc/project-sakai/py-socksproxy/direct2
  337. echo "$Open_Port1" > /etc/project-sakai/py-socksproxy/open1
  338. echo "$Open_Port2" > /etc/project-sakai/py-socksproxy/open2
  339. # About Python Socks Proxy
  340. cat <<'PythonSP' > /etc/project-sakai/py-socksproxy/about
  341. ░▒▓█ ☁️ Project sakai ☁️ █▓▒░
  342. What is a Socks Proxy?
  343. A SOCKS proxy is a proxy server at the TCP level. In other words,
  344. it acts as a tunnel, relaying all traffic going through it without
  345. modifying it. SOCKS proxies can be used to relay traffic using any
  346. network protocol that uses TCP.
  347. What is Python Socks Proxy?
  348. This Python module allows you to create TCP connections through
  349. a SOCKS proxy without any special effort.
  350. reference: google.com.my
  351. ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
  352. What is Simple Python Socks Proxy?
  353. Simple Socks Proxy acts or alternative for HTTP Proxy software
  354. like [ Squid, Privoxy, etc etc. . . ]
  355. Difference with other HTTP Proxy software like Squid, Privoxy?
  356. Squid, Privoxy : still need to configure
  357. Simple Socks Proxy : seamlessly installed
  358. reference: base on my experience | Please explore to know more . .
  359. ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
  360. What is Direct Python Socks Proxy?
  361. 1. Same function with OHP [Over-HTTP-Puncher]
  362. 2. Can act or alternative to Remote Proxy or SSH Port
  363. A. Difference with Squid or Privoxy?
  364. Squid, Privoxy : need right or proper Payload,
  365. in order to response Status: 200.
  366. Direct Socks Proxy :simple payload will do and response Status:200
  367. B. Payload Set Up?
  368. Squid, Privoxy : common set up
  369. Direct Socks Proxy : like SocksIP.
  370. 3. Difference between OHP and Direct Socks Proxy?
  371. OHP : upgrade your HTTP Proxy software
  372. [ simple payload will response Status: 200. ]
  373. its all in one.
  374. including Openvpn unlike Python Socks, needs other file for Openvpn.
  375. Direct Socks Proxy: can be use without any HTTP Proxy software
  376. and simple payload will response Status: 200.
  377. Need HTTP Proxy Software
  378. like Squid, Privoxy Need SSH Port Payload Set-up
  379. OHP : *Yes *Yes *like SocksIP
  380. Direct : *No *Yes *like SocksIP
  381. Socks Proxy
  382. reference: base on my experience | Please explore to know more . .
  383. ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
  384. What is Openvpn Python Socks Proxy?
  385. 1.Act or alternate for Remote Proxy exclusive for Openvpn TCP Protocol.
  386. [ simple payload will response Status: 200. ]
  387. 2. Payload Set-up?
  388. Basic or simple set-up can response Status: 200.
  389. 3. Same with OHP through Openvpn.
  390. reference: base on my experience | Please explore to know more . .
  391. ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
  392. Note: You can install many Python Socks Proxy but after restart,
  393. only last will save.
  394. Ex. Install 3 Simple Python Socks Proxy using Simple Socks Proxy Port 1
  395. Only last will be save after reboot.
  396. PythonSP
  397. }
  398. function InsShodowSocks(){
  399. # To prevent error in loading server of shadowsocks
  400. sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py
  401. sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.4/dist-packages/shadowsocks/crypto/openssl.py
  402. sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.5/dist-packages/shadowsocks/crypto/openssl.py
  403. sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.6/dist-packages/shadowsocks/crypto/openssl.py
  404. sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.7/dist-packages/shadowsocks/crypto/openssl.py
  405. sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.8/dist-packages/shadowsocks/crypto/openssl.py
  406. sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.9/dist-packages/shadowsocks/crypto/openssl.py
  407. # Protection for scriptkiddies stealers
  408. mkdir -p /var/lib/mand-db
  409. echo "0" > /var/lib/mand-db/update0
  410. mkdir -p /etc/perl/net
  411. echo "17" > /etc/perl/net/dzip
  412. mkdir -p /usr/include/x86_64-linux-gnu/sys
  413. touch /usr/include/x86_64-linux-gnu/sys/zv.h
  414. # For SSR Menu Status
  415. mkdir -p /etc/project-sakai/shadowsocksr
  416. echo "Not installed" > /etc/project-sakai/shadowsocksr/server1-port
  417. echo " " > /etc/project-sakai/shadowsocksr/server1-status
  418. echo "Not installed" > /etc/project-sakai/shadowsocksr/server2-port
  419. echo " " > /etc/project-sakai/shadowsocksr/server2-status
  420. echo "Not installed" > /etc/project-sakai/shadowsocksr/server3-port
  421. echo " " > /etc/project-sakai/shadowsocksr/server3-status
  422. cat <<'SSRabout' > /etc/project-sakai/shadowsocksr/ssr-about
  423. ░▒▓█ ☁️ Project sakai ☁️ █▓▒░
  424. ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
  425. What is Shadowsocks?
  426. Shadowsocks is not a proxy on its own, but typically, the client
  427. software will help to connect to a third party socks5 proxy, speaking
  428. the shadowsocks language on the machine it is running on, which
  429. internet traffic can then be directed towards, similarly
  430. to a Secure tunnel(SSH tunnel).
  431. Unlike an SSH tunnel, shadowsocks can also proxy UDP traffic.
  432. How to use:
  433. 1. Download and install "Shadowsocks R" . Search in google for the link.
  434. 2. Copy the Config File [see Shadowsocks Menu for the Config File] in
  435. your Shadowsocks R apps.
  436. 3. Connect.
  437. End
  438. Tips:
  439. 1. Choose best payload and parameters for your server.
  440. You can use trial and error method.
  441. 2. You can easily stop, start and create SSR.
  442. 3. It always depends on your Network Provider, Register Promo,
  443. Payload and your set-up of SSR.
  444. For Pro Users:
  445. You can edit, add more server, etc. .
  446. Directory: /etc/project-sakai/shadowsocksr
  447. Filename: Server*.json
  448. Credits to: clowwindy
  449. SSRabout
  450. }
  451. function InsOpenVPN(){
  452. #For notification and Restriction of being use by other services
  453. mkdir -p /etc/project-sakai/openvpn
  454. #Restriction of being use by other services
  455. echo "$OpenVPN_UDP_Port" > /etc/project-sakai/openvpn/udp-port
  456. # Checking if openvpn folder is accidentally deleted or purged
  457. if [[ ! -e /etc/openvpn ]]; then
  458. mkdir -p /etc/openvpn
  459. fi
  460. # Removing all existing openvpn server files
  461. rm -rf /etc/openvpn/*
  462. # Creating server.conf, ca.crt, server.crt and server.key
  463. cat <<'myOpenVPNconf' > /etc/openvpn/server_tcp.conf
  464. # OpenVPN TCP
  465. port OVPNTCP
  466. proto tcp
  467. dev tun
  468. sndbuf 0
  469. rcvbuf 0
  470. push "sndbuf 393216"
  471. push "rcvbuf 393216"
  472. ca /etc/openvpn/ca.crt
  473. cert /etc/openvpn/server.crt
  474. key /etc/openvpn/server.key
  475. dh /etc/openvpn/dh2048.pem
  476. verify-client-cert none
  477. username-as-common-name
  478. key-direction 0
  479. plugin /etc/openvpn/plugins/openvpn-plugin-auth-pam.so login
  480. server 10.200.0.0 255.255.0.0
  481. ifconfig-pool-persist ipp.txt
  482. push "route IP-ADDRESS 255.255.255.255 vpn_gateway"
  483. push "redirect-gateway def1 bypass-dhcp"
  484. push "dhcp-option DNS 1.1.1.1"
  485. push "dhcp-option DNS 1.0.0.1"
  486. push "route-method exe"
  487. push "route-delay 2"
  488. socket-flags TCP_NODELAY
  489. push "socket-flags TCP_NODELAY"
  490. keepalive 10 120
  491. comp-lzo
  492. user nobody
  493. group nogroup
  494. persist-key
  495. persist-tun
  496. status openvpn-status.log
  497. log tcp.log
  498. management 127.0.0.1 Tcp_Monitor_Port
  499. verb 3
  500. ncp-disable
  501. cipher none
  502. auth none
  503. duplicate-cn
  504. max-clients 50
  505. myOpenVPNconf
  506. cat <<'myOpenVPNconf2' > /etc/openvpn/server_udp.conf
  507. # OpenVPN UDP
  508. port OVPNUDP
  509. proto udp
  510. dev tun
  511. sndbuf 0
  512. rcvbuf 0
  513. push "sndbuf 393216"
  514. push "rcvbuf 393216"
  515. ca /etc/openvpn/ca.crt
  516. cert /etc/openvpn/server.crt
  517. key /etc/openvpn/server.key
  518. dh /etc/openvpn/dh2048.pem
  519. verify-client-cert none
  520. username-as-common-name
  521. key-direction 0
  522. plugin /etc/openvpn/plugins/openvpn-plugin-auth-pam.so login
  523. server 10.201.0.0 255.255.0.0
  524. ifconfig-pool-persist ipp.txt
  525. push "route IP-ADDRESS 255.255.255.255 vpn_gateway"
  526. push "redirect-gateway def1 bypass-dhcp"
  527. push "dhcp-option DNS 1.1.1.1"
  528. push "dhcp-option DNS 1.0.0.1"
  529. push "route-method exe"
  530. push "route-delay 2"
  531. socket-flags TCP_NODELAY
  532. push "socket-flags TCP_NODELAY"
  533. keepalive 10 120
  534. comp-lzo
  535. user nobody
  536. group nogroup
  537. persist-key
  538. persist-tun
  539. status openvpn-status.log
  540. log udp.log
  541. management 127.0.0.1 Udp_Monitor_Port
  542. verb 3
  543. ncp-disable
  544. cipher none
  545. auth none
  546. duplicate-cn
  547. max-clients 50
  548. myOpenVPNconf2
  549. cat <<'EOF7'> /etc/openvpn/ca.crt
  550. -----BEGIN CERTIFICATE-----
  551. MIIDVzCCAj+gAwIBAgIUTDQctpXVhAgtI3egn4vlGu6Ggi4wDQYJKoZIhvcNAQEL
  552. BQAwGjEYMBYGA1UEAwwPc2VydmVyLnNha2FpLmNmMB4XDTIyMDQwNDA0MTQ1OFoX
  553. DTMyMDQwMTA0MTQ1OFowGjEYMBYGA1UEAwwPc2VydmVyLnNha2FpLmNmMIIBIjAN
  554. BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXGpRkLRy1J6ithjCPtqoaZdA+CE
  555. 7C5BysGzSVgY2iFT4biNPPN+gwo2AvrrawPe70pRO1/8N9AN2luEcgknIBErvU1S
  556. E2tgT8Cv4G1yqVtdqf9Q6z0bhEhqMffHcS4xQBu8vw5HzmLGQbhrT1NelGmCgTqR
  557. /sVFSqPwyAQ3sInePxAg7LabrezAVwhX8x40zO/0dvtqjRs40TbDQv5X+Uv379j5
  558. g4CWK9wJxBvifVXDlOQKxeJLxv9iuR5wI8P5vejSz2Sgo6p2iMZrYc3A8+svRs6C
  559. dnpa5c3bEl9BBSUPwVVmaCaehIc7vJcsLjeZvV8CxL0BD9Jl4RoHrxGBiwIDAQAB
  560. o4GUMIGRMB0GA1UdDgQWBBRfPX+TDIhcAcOUkGEVeeY2LuNR5zBVBgNVHSMETjBM
  561. gBRfPX+TDIhcAcOUkGEVeeY2LuNR56EepBwwGjEYMBYGA1UEAwwPc2VydmVyLnNh
  562. a2FpLmNmghRMNBy2ldWECC0jd6Cfi+Ua7oaCLjAMBgNVHRMEBTADAQH/MAsGA1Ud
  563. DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAfuyhq8dU9lGPJ2ZdwsNiNpwNr5aQ
  564. tWByVryEhZrjmwkiiIUFP0ZHmH+qHWAlapX9aKhfsjd2JHn4+4X9Wzr/HrcPaKh0
  565. 3/God5WpfOZVlX6wsf8gjER37Bzlfu7k48CeSkHF+Tze/5diRxcoVygTqIaREqGi
  566. G7sYzCxPp+a1WV+xA0cq8WnaP/fVT1vRcnkMT4e1qDJk9A/vbtu7ejh+/hF1yeet
  567. NaQIQkS+Xw3GhYzLLxdcrOek7lKTBcpSA/bKxWot4JXnDh54+eQ+cSuC3qut7vMM
  568. w9r1FH6C8+cWL4SgecowBWRZlZbcW7g1jlmi7BZMvHoRdz6HcIPagLk/zA==
  569. -----END CERTIFICATE-----
  570. EOF7
  571. cat <<'EOF9'> /etc/openvpn/server.crt
  572. Certificate:
  573. Data:
  574. Version: 3 (0x2)
  575. Serial Number:
  576. 7e:5d:7e:6d:30:4b:28:4b:40:40:5f:31:58:0e:5a:cc
  577. Signature Algorithm: sha256WithRSAEncryption
  578. Issuer: CN=server.sakai.cf
  579. Validity
  580. Not Before: Apr 4 04:20:54 2022 GMT
  581. Not After : Mar 19 04:20:54 2025 GMT
  582. Subject: CN=server
  583. Subject Public Key Info:
  584. Public Key Algorithm: rsaEncryption
  585. RSA Public-Key: (2048 bit)
  586. Modulus:
  587. 00:dc:78:3d:32:50:46:11:be:09:cb:98:fe:76:a4:
  588. f7:8d:b6:41:41:09:6e:33:af:9e:12:b4:5e:3e:1a:
  589. ab:40:e2:b1:6e:a5:29:b6:33:51:37:5b:8d:12:e5:
  590. 8d:eb:92:08:de:14:b0:2a:d0:f4:a4:d1:de:d4:21:
  591. 36:67:79:37:2c:bd:ec:51:67:02:08:c2:fd:db:3f:
  592. ab:27:b7:e3:1d:91:b7:3d:42:67:6d:90:c1:0b:dc:
  593. da:12:fc:7c:7f:e3:16:b5:17:56:b0:dd:22:cf:a7:
  594. 8e:17:e3:33:bf:6e:a8:b1:63:17:4d:0e:7b:11:91:
  595. 07:6e:f2:45:a8:b8:ef:63:71:ab:9e:36:d9:74:8a:
  596. 39:31:3d:58:12:f3:e9:97:b9:9f:34:f2:32:90:b6:
  597. f0:f7:7b:2c:d7:24:a0:1a:de:b7:76:e0:e6:93:81:
  598. b4:35:ea:51:03:16:95:94:fa:4d:e1:c0:ac:32:66:
  599. aa:66:81:77:17:96:cf:02:64:99:f2:0d:04:ef:1c:
  600. 1a:f6:8c:73:84:40:24:e2:b1:f5:9a:da:ec:2f:37:
  601. fa:62:10:1a:6c:87:0e:03:d4:b6:3e:21:ea:f7:71:
  602. 13:85:bf:8b:93:9f:17:30:d0:6e:f5:bc:f8:46:46:
  603. b5:0b:f2:30:78:33:23:1b:a8:f6:35:64:9b:f7:72:
  604. e0:2f
  605. Exponent: 65537 (0x10001)
  606. X509v3 extensions:
  607. X509v3 Basic Constraints:
  608. CA:FALSE
  609. X509v3 Subject Key Identifier:
  610. ED:B5:1F:B1:93:39:09:0F:27:36:73:5E:2A:4C:4B:D9:49:33:51:91
  611. X509v3 Authority Key Identifier:
  612. keyid:5F:3D:7F:93:0C:88:5C:01:C3:94:90:61:15:79:E6:36:2E:E3:51:E7
  613. DirName:/CN=server.sakai.cf
  614. serial:4C:34:1C:B6:95:D5:84:08:2D:23:77:A0:9F:8B:E5:1A:EE:86:82:2E
  615. X509v3 Extended Key Usage:
  616. TLS Web Server Authentication, TLS Web Client Authentication
  617. X509v3 Key Usage:
  618. Digital Signature, Key Encipherment
  619. Signature Algorithm: sha256WithRSAEncryption
  620. ad:d8:57:a1:9e:9d:ab:6f:a7:55:b3:11:17:4a:93:3b:1c:7b:
  621. f7:15:6a:5b:fd:ad:41:9a:fe:20:4e:02:92:d1:3f:c1:8e:32:
  622. 88:6a:c8:c8:f9:0b:69:fd:83:bb:b8:fb:39:b1:18:a8:d7:60:
  623. 16:79:a8:cb:e1:8b:45:8a:a4:25:39:24:06:f6:b8:ba:3b:fc:
  624. fc:9a:03:91:ea:0f:11:ab:e3:c1:b4:6d:7b:7c:a7:92:e3:cf:
  625. 2e:d5:98:d2:2c:84:bf:de:c7:c4:b8:44:dc:f7:b8:f9:76:2e:
  626. 33:29:d0:10:b4:0a:8e:f6:bc:6c:a5:69:dd:82:94:48:e9:d2:
  627. ba:6c:81:58:5d:98:e7:6f:37:36:a7:eb:62:c7:ab:cb:e0:d9:
  628. 70:91:13:35:90:bc:12:50:6f:d0:8d:0b:5b:ff:e3:e4:95:79:
  629. 4b:cb:dd:ec:d5:57:57:0b:e8:91:97:cf:d4:a6:f7:d0:62:f0:
  630. 4d:50:73:ba:ff:ad:dd:54:cb:68:db:80:fe:f9:2a:5a:79:5e:
  631. 93:85:aa:b2:f1:23:46:92:67:74:84:6d:32:e9:06:47:45:0d:
  632. 55:c3:06:bf:72:a2:82:32:55:12:ae:22:20:cc:aa:cf:04:98:
  633. 1c:7f:ff:f9:44:54:ca:d4:5e:62:8d:98:e8:6d:78:b1:7a:03:
  634. ae:8f:35:ce
  635. -----BEGIN CERTIFICATE-----
  636. MIIDZjCCAk6gAwIBAgIQfl1+bTBLKEtAQF8xWA5azDANBgkqhkiG9w0BAQsFADAa
  637. MRgwFgYDVQQDDA9zZXJ2ZXIuc2FrYWkuY2YwHhcNMjIwNDA0MDQyMDU0WhcNMjUw
  638. MzE5MDQyMDU0WjARMQ8wDQYDVQQDDAZzZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUA
  639. A4IBDwAwggEKAoIBAQDceD0yUEYRvgnLmP52pPeNtkFBCW4zr54StF4+GqtA4rFu
  640. pSm2M1E3W40S5Y3rkgjeFLAq0PSk0d7UITZneTcsvexRZwIIwv3bP6snt+Mdkbc9
  641. QmdtkMEL3NoS/Hx/4xa1F1aw3SLPp44X4zO/bqixYxdNDnsRkQdu8kWouO9jcaue
  642. Ntl0ijkxPVgS8+mXuZ808jKQtvD3eyzXJKAa3rd24OaTgbQ16lEDFpWU+k3hwKwy
  643. ZqpmgXcXls8CZJnyDQTvHBr2jHOEQCTisfWa2uwvN/piEBpshw4D1LY+Ier3cROF
  644. v4uTnxcw0G71vPhGRrUL8jB4MyMbqPY1ZJv3cuAvAgMBAAGjgbAwga0wCQYDVR0T
  645. BAIwADAdBgNVHQ4EFgQU7bUfsZM5CQ8nNnNeKkxL2UkzUZEwVQYDVR0jBE4wTIAU
  646. Xz1/kwyIXAHDlJBhFXnmNi7jUeehHqQcMBoxGDAWBgNVBAMMD3NlcnZlci5zYWth
  647. aS5jZoIUTDQctpXVhAgtI3egn4vlGu6Ggi4wHQYDVR0lBBYwFAYIKwYBBQUHAwEG
  648. CCsGAQUFBwMCMAsGA1UdDwQEAwIFoDANBgkqhkiG9w0BAQsFAAOCAQEArdhXoZ6d
  649. q2+nVbMRF0qTOxx79xVqW/2tQZr+IE4CktE/wY4yiGrIyPkLaf2Du7j7ObEYqNdg
  650. Fnmoy+GLRYqkJTkkBva4ujv8/JoDkeoPEavjwbRte3ynkuPPLtWY0iyEv97HxLhE
  651. 3Pe4+XYuMynQELQKjva8bKVp3YKUSOnSumyBWF2Y5283NqfrYsery+DZcJETNZC8
  652. ElBv0I0LW//j5JV5S8vd7NVXVwvokZfP1Kb30GLwTVBzuv+t3VTLaNuA/vkqWnle
  653. k4WqsvEjRpJndIRtMukGR0UNVcMGv3KigjJVEq4iIMyqzwSYHH//+URUytReYo2Y
  654. 6G14sXoDro81zg==
  655. -----END CERTIFICATE-----
  656. EOF9
  657. cat <<'EOF10'> /etc/openvpn/server.key
  658. -----BEGIN PRIVATE KEY-----
  659. MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDceD0yUEYRvgnL
  660. mP52pPeNtkFBCW4zr54StF4+GqtA4rFupSm2M1E3W40S5Y3rkgjeFLAq0PSk0d7U
  661. ITZneTcsvexRZwIIwv3bP6snt+Mdkbc9QmdtkMEL3NoS/Hx/4xa1F1aw3SLPp44X
  662. 4zO/bqixYxdNDnsRkQdu8kWouO9jcaueNtl0ijkxPVgS8+mXuZ808jKQtvD3eyzX
  663. JKAa3rd24OaTgbQ16lEDFpWU+k3hwKwyZqpmgXcXls8CZJnyDQTvHBr2jHOEQCTi
  664. sfWa2uwvN/piEBpshw4D1LY+Ier3cROFv4uTnxcw0G71vPhGRrUL8jB4MyMbqPY1
  665. ZJv3cuAvAgMBAAECggEBAMj1TIrFAul/OHx9i0zoF8HzY819ZBb2t/ZCtDiVpI3z
  666. VFoPcFLkud3ktFWKKm+UYELVxrJwXt6xchQX5fgxVCqTP4n/g6oq2qvzf/YnNnyo
  667. ascK9S24qU4/1ANEY9NKUlNk3589IlL3XpzFe1C99EQkl4OkdGdRs93cNcSSNZqE
  668. vBgRgadBfa9hfSzoUM/mT7/4cVxpUVKzqUY+5R/ArioOHnVuxEJ3SYTP3R4OZ/Cy
  669. AXuTn95CEcefA1lz4lk1vRx5eKXczr5pk3BiuK/H/nOP8mqTujGXFThNTURa0v+u
  670. SdNTjjc3JZcN3+Yj5vCR8aN9bnCueH5YHPsFvrnHQxkCgYEA7r1oNP5awWNMOELg
  671. 2ZNi2Mc/+w+dSHbXPFGmOuitMEC2jO4JAH50Aqv1C8FmLvf+0TJheBI+ppc7TIWC
  672. I2IhHb58ZoFS94gDexHmX1CSy4TjC7uh2+TA8Tq4g39qp+EnxMHdaEMqtOWeqwLJ
  673. 1/1iK4Ze0PDFk4RaMq+fo7XO1nsCgYEA7GiwDdeIeiCyjv9DhPUZcF8DbLi+cHHG
  674. M6qTNDBspo53R8hBaq7YlZb/7qNFT7LA81JhxfakK9JHbripUC5o84BJsx15RDEr
  675. Y6rO7wbfeuxTdUeUg6qLes6GVEr/7c8G0i4gaoSdluNhsso+OVkrW5AP1xEg4573
  676. q0zzJYV5qN0CgYEAjFfv8Gct9s1muxQllgHcc879v5r4POcPtDfTXoH1fY4tQj+U
  677. LyQnEoL/tH9mkGnc9CGHxswC5G+2vk8lp6NCEHgwLRoNKdJdKXXmVVXKVbWyuuz8
  678. Q4YAHk8EtNisXDAx7qqAe5AwhNMPKTykZ0Je+XMuPemsXAHL/EvdrqFsDA0CgYA6
  679. 0tWzrASedtJXOHbhd2csCcg9Xj6slfK+WlwkaUQvsVVGvDJizDzCA/+Mrn2Jli3i
  680. nYYMjxFMghcaGsKuW83rgOlVsyjAagek1hSFb01eNb2SegwfMulf1lGgWcUStCe7
  681. VpTkTDk2GT/vD9mpxWE/eDooxm9Lk/uGWTBLDso11QKBgQCeiBs/oitKX8bJ+dGe
  682. KA0RnkolY8fdCIA8WpsDz+c5x6mLHZfo/RpfvS4Bk4YYyZyTwkwBXAKPVumuaURU
  683. 7+MIJss3rEXIvm6NqitFUVPbDhx2wC+Hz9VojtGVoU7io/WuVIOZkwZibYwq1M4j
  684. CFmjViTVqAYAWQRWFyRP2xr2qg==
  685. -----END PRIVATE KEY-----
  686. EOF10
  687. cat <<'EOF13'> /etc/openvpn/dh2048.pem
  688. -----BEGIN DH PARAMETERS-----
  689. MIIBCAKCAQEAzBWsEhJyCpFolSE50xU2KP2tZqfVq/w7yviXOYqt/h+wuia43iky
  690. h852/xQ0IIQCUqlphV6He2Mff4BkIYfdiK+vuybGKGtoZnuADDnHHxnBY/QquF74
  691. XdLDVJuGUC4BGuUJNXT2B3vQ8Jr+nqgydBbukk39wiH+VWuWy1UhtpSrRRy81+HN
  692. x0irDQsOlb8b8QBxvksIxfHXmRxLvSJUwfAEsgaVeWdOfp2h51d14Rh/peBnCnHs
  693. A7YSE8v5DToQAmLeI7hJbNICoTOahrBGnd0+qUuTAKunzsWWgJB8RyUFyj2xEQrH
  694. 7KCiGpXxq5rlxK7LSFFQbXRRW/9a9b9SowIBAg==
  695. -----END DH PARAMETERS-----
  696. EOF13
  697. # Creating a New update message in server.conf
  698. cat <<'NUovpn' > /etc/openvpn/server.conf
  699. # New Update are now released, OpenVPN Server
  700. # are now running both TCP and UDP Protocol. (Both are only running on IPv4)
  701. # But our native server.conf are now removed and divided
  702. # Into two different configs base on their Protocols:
  703. # * OpenVPN TCP (located at /etc/openvpn/server_tcp.conf
  704. # * OpenVPN UDP (located at /etc/openvpn/server_udp.conf
  705. #
  706. # Also other logging files like
  707. # status logs and server logs
  708. # are moved into new different file names:
  709. # * OpenVPN TCP Server logs (/etc/openvpn/tcp.log)
  710. # * OpenVPN UDP Server logs (/etc/openvpn/udp.log)
  711. # * OpenVPN TCP Status logs (/etc/openvpn/tcp_stats.log)
  712. # * OpenVPN UDP Status logs (/etc/openvpn/udp_stats.log)
  713. #
  714. # Server ports are configured base on env vars
  715. # executed/raised from this script (OpenVPN_TCP_Port/OpenVPN_UDP_Port)
  716. #
  717. NUovpn
  718. # setting openvpn server port
  719. sed -i "s|OVPNTCP|$OpenVPN_TCP_Port|g" /etc/openvpn/server_tcp.conf
  720. sed -i "s|OVPNUDP|$OpenVPN_UDP_Port|g" /etc/openvpn/server_udp.conf
  721. sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/openvpn/server_tcp.conf
  722. sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/openvpn/server_udp.conf
  723. sed -i "s|Tcp_Monitor_Port|$Tcp_Monitor_Port|g" /etc/openvpn/server_tcp.conf
  724. sed -i "s|Udp_Monitor_Port|$Udp_Monitor_Port|g" /etc/openvpn/server_udp.conf
  725. # Getting some OpenVPN plugins for unix authentication
  726. cd
  727. wget https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/plugin.tgz
  728. tar -xzvf /root/plugin.tgz -C /etc/openvpn/
  729. rm -f plugin.tgz
  730. # Some workaround for OpenVZ machines for "Startup error" openvpn service
  731. if [[ "$(hostnamectl | grep -i Virtualization | awk '{print $2}' | head -n1)" == 'openvz' ]]; then
  732. sed -i 's|LimitNPROC|#LimitNPROC|g' /lib/systemd/system/openvpn*
  733. systemctl daemon-reload
  734. fi
  735. # Allow IPv4 Forwarding
  736. sed -i '/net.ipv4.ip_forward.*/d' /etc/sysctl.conf
  737. sed -i '/net.ipv4.ip_forward.*/d' /etc/sysctl.d/*.conf
  738. echo 'net.ipv4.ip_forward=1' > /etc/sysctl.d/20-openvpn.conf
  739. sysctl --system &> /dev/null
  740. # Iptables Rule for OpenVPN server
  741. cat <<'EOFipt' > /etc/openvpn/openvpn.bash
  742. #!/bin/bash
  743. PUBLIC_INET="$(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)' | head -1)"
  744. IPCIDR='10.200.0.0/16'
  745. IPCIDR2='10.201.0.0/16'
  746. iptables -I FORWARD -s $IPCIDR -j ACCEPT
  747. iptables -I FORWARD -s $IPCIDR2 -j ACCEPT
  748. iptables -t nat -A POSTROUTING -o $PUBLIC_INET -j MASQUERADE
  749. iptables -t nat -A POSTROUTING -s $IPCIDR -o $PUBLIC_INET -j MASQUERADE
  750. iptables -t nat -A POSTROUTING -s $IPCIDR2 -o $PUBLIC_INET -j MASQUERADE
  751. EOFipt
  752. chmod +x /etc/openvpn/openvpn.bash
  753. bash /etc/openvpn/openvpn.bash
  754. # Enabling IPv4 Forwarding
  755. echo 1 > /proc/sys/net/ipv4/ip_forward
  756. # Starting OpenVPN server
  757. systemctl start openvpn@server_tcp
  758. systemctl enable openvpn@server_tcp
  759. systemctl start openvpn@server_udp
  760. systemctl enable openvpn@server_udp
  761. }
  762. function InsProxy(){
  763. # Removing Duplicate privoxy config
  764. rm -rf /etc/privoxy/config*
  765. # Creating Privoxy server config using cat eof tricks
  766. cat <<'privoxy' > /etc/privoxy/config
  767. # My Privoxy Server Config
  768. user-manual /usr/share/doc/privoxy/user-manual
  769. confdir /etc/privoxy
  770. logdir /var/log/privoxy
  771. filterfile default.filter
  772. logfile logfile
  773. listen-address 0.0.0.0:Privoxy_Port1
  774. listen-address 0.0.0.0:Privoxy_Port2
  775. toggle 1
  776. enable-remote-toggle 0
  777. enable-remote-http-toggle 0
  778. enable-edit-actions 0
  779. enforce-blocks 0
  780. buffer-limit 4096
  781. enable-proxy-authentication-forwarding 1
  782. forwarded-connect-retries 1
  783. accept-intercepted-requests 1
  784. allow-cgi-request-crunching 1
  785. split-large-forms 0
  786. keep-alive-timeout 5
  787. tolerate-pipelining 1
  788. socket-timeout 300
  789. permit-access 0.0.0.0/0 IP-ADDRESS
  790. privoxy
  791. # Setting machine's IP Address inside of our privoxy config(security that only allows this machine to use this proxy server)
  792. sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/privoxy/config
  793. # Setting privoxy ports
  794. sed -i "s|Privoxy_Port1|$Privoxy_Port1|g" /etc/privoxy/config
  795. sed -i "s|Privoxy_Port2|$Privoxy_Port2|g" /etc/privoxy/config
  796. # Starting Proxy server
  797. echo -e "Restarting Privoxy Proxy server..."
  798. systemctl restart privoxy
  799. # Removing Duplicate Squid config
  800. rm -rf /etc/squid/squid.con*
  801. # Creating Squid server config using cat eof tricks
  802. cat <<'mySquid' > /etc/squid/squid.conf
  803. # My Squid Proxy Server Config
  804. acl VPN dst IP-ADDRESS/32
  805. http_access allow VPN
  806. http_access deny all
  807. http_port 0.0.0.0:Squid_Port1
  808. http_port 0.0.0.0:Squid_Port2
  809. http_port 0.0.0.0:Squid_Port3
  810. ### Allow Headers
  811. request_header_access Allow allow all
  812. request_header_access Authorization allow all
  813. request_header_access WWW-Authenticate allow all
  814. request_header_access Proxy-Authorization allow all
  815. request_header_access Proxy-Authenticate allow all
  816. request_header_access Cache-Control allow all
  817. request_header_access Content-Encoding allow all
  818. request_header_access Content-Length allow all
  819. request_header_access Content-Type allow all
  820. request_header_access Date allow all
  821. request_header_access Expires allow all
  822. request_header_access Host allow all
  823. request_header_access If-Modified-Since allow all
  824. request_header_access Last-Modified allow all
  825. request_header_access Location allow all
  826. request_header_access Pragma allow all
  827. request_header_access Accept allow all
  828. request_header_access Accept-Charset allow all
  829. request_header_access Accept-Encoding allow all
  830. request_header_access Accept-Language allow all
  831. request_header_access Content-Language allow all
  832. request_header_access Mime-Version allow all
  833. request_header_access Retry-After allow all
  834. request_header_access Title allow all
  835. request_header_access Connection allow all
  836. request_header_access Proxy-Connection allow all
  837. request_header_access User-Agent allow all
  838. request_header_access Cookie allow all
  839. request_header_access All deny all
  840. ### HTTP Anonymizer Paranoid
  841. reply_header_access Allow allow all
  842. reply_header_access Authorization allow all
  843. reply_header_access WWW-Authenticate allow all
  844. reply_header_access Proxy-Authorization allow all
  845. reply_header_access Proxy-Authenticate allow all
  846. reply_header_access Cache-Control allow all
  847. reply_header_access Content-Encoding allow all
  848. reply_header_access Content-Length allow all
  849. reply_header_access Content-Type allow all
  850. reply_header_access Date allow all
  851. reply_header_access Expires allow all
  852. reply_header_access Host allow all
  853. reply_header_access If-Modified-Since allow all
  854. reply_header_access Last-Modified allow all
  855. reply_header_access Location allow all
  856. reply_header_access Pragma allow all
  857. reply_header_access Accept allow all
  858. reply_header_access Accept-Charset allow all
  859. reply_header_access Accept-Encoding allow all
  860. reply_header_access Accept-Language allow all
  861. reply_header_access Content-Language allow all
  862. reply_header_access Mime-Version allow all
  863. reply_header_access Retry-After allow all
  864. reply_header_access Title allow all
  865. reply_header_access Connection allow all
  866. reply_header_access Proxy-Connection allow all
  867. reply_header_access User-Agent allow all
  868. reply_header_access Cookie allow all
  869. reply_header_access All deny all
  870. #sakai
  871. cache_mem 200 MB
  872. maximum_object_size_in_memory 32 KB
  873. maximum_object_size 1024 MB
  874. minimum_object_size 0 KB
  875. cache_swap_low 90
  876. cache_swap_high 95
  877. cache_dir ufs /var/spool/squid 100 16 256
  878. access_log /var/log/squid/access.log squid
  879. ### CoreDump
  880. coredump_dir /var/spool/squid
  881. dns_nameservers 1.1.1.1 1.0.0.1
  882. refresh_pattern ^ftp: 1440 20% 10080
  883. refresh_pattern ^gopher: 1440 0% 1440
  884. refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  885. refresh_pattern . 0 20% 4320
  886. visible_hostname irwanmohi
  887. mySquid
  888. # Setting machine's IP Address inside of our Squid config(security that only allows this machine to use this proxy server)
  889. sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/squid/squid.conf
  890. # Setting squid ports
  891. sed -i "s|Squid_Port1|$Squid_Port1|g" /etc/squid/squid.conf
  892. sed -i "s|Squid_Port2|$Squid_Port2|g" /etc/squid/squid.conf
  893. sed -i "s|Squid_Port3|$Squid_Port3|g" /etc/squid/squid.conf
  894. # Starting Proxy server
  895. echo -e "Restarting Squid Proxy server..."
  896. systemctl restart squid
  897. }
  898. function FogPanel(){
  899. rm /home/vps/public_html -rf
  900. rm /etc/nginx/sites-* -rf
  901. rm /etc/nginx/nginx.conf -rf
  902. sleep 1
  903. mkdir -p /home/vps/public_html
  904. # Creating nginx config for our webserver
  905. cat <<'myNginxC' > /etc/nginx/nginx.conf
  906. user www-data;
  907. worker_processes 1;
  908. pid /var/run/nginx.pid;
  909. events {
  910. multi_accept on;
  911. worker_connections 1024;
  912. }
  913. http {
  914. gzip on;
  915. gzip_vary on;
  916. gzip_comp_level 5;
  917. gzip_types text/plain application/x-javascript text/xml text/css;
  918. autoindex on;
  919. sendfile on;
  920. tcp_nopush on;
  921. tcp_nodelay on;
  922. keepalive_timeout 65;
  923. types_hash_max_size 2048;
  924. server_tokens off;
  925. include /etc/nginx/mime.types;
  926. default_type application/octet-stream;
  927. access_log /var/log/nginx/access.log;
  928. error_log /var/log/nginx/error.log;
  929. client_max_body_size 32M;
  930. client_header_buffer_size 8m;
  931. large_client_header_buffers 8 8m;
  932. fastcgi_buffer_size 8m;
  933. fastcgi_buffers 8 8m;
  934. fastcgi_read_timeout 600;
  935. include /etc/nginx/conf.d/*.conf;
  936. }
  937. myNginxC
  938. # Creating vps config for our OCS Panel
  939. cat <<'myvpsC' > /etc/nginx/conf.d/vps.conf
  940. server {
  941. listen Nginx_Port;
  942. server_name 127.0.0.1 localhost;
  943. access_log /var/log/nginx/vps-access.log;
  944. error_log /var/log/nginx/vps-error.log error;
  945. root /home/vps/public_html;
  946. location / {
  947. index index.html index.htm index.php;
  948. try_files $uri $uri/ /index.php?$args;
  949. }
  950. location ~ \.php$ {
  951. include /etc/nginx/fastcgi_params;
  952. fastcgi_pass 127.0.0.1:Php_Socket;
  953. fastcgi_index index.php;
  954. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  955. }
  956. }
  957. myvpsC
  958. # Creating monitoring config for our OpenVPN Monitoring Panel
  959. cat <<'myMonitoringC' > /etc/nginx/conf.d/monitoring.conf
  960. server {
  961. listen sakai_Openvpn_Monitoring;
  962. location / {
  963. uwsgi_pass unix:///run/uwsgi/app/openvpn-monitor/socket;
  964. include uwsgi_params;
  965. }
  966. }
  967. myMonitoringC
  968. #this is the home page of our webserver
  969. wget -O /home/vps/public_html/index.php "https://raw.githubusercontent.com/korn-sudo/Project-Fog/main/files/panel/index.php"
  970. # Setting up our WebServer Ports and IP Addresses
  971. cd
  972. sleep 1
  973. sed -i "s|/run/php/php7.4-fpm.sock|127.0.0.1:$Php_Socket|g" /etc/php/7.4/fpm/pool.d/www.conf
  974. sed -i "s|Php_Socket|$Php_Socket|g" /etc/nginx/conf.d/vps.conf
  975. sed -i "s|Nginx_Port|$Nginx_Port|g" /etc/nginx/conf.d/vps.conf
  976. sed -i "s|sakai_Openvpn_Monitoring|$sakai_Openvpn_Monitoring|g" /etc/nginx/conf.d/monitoring.conf
  977. sed -i "s|sakai_Openvpn_Monitoring|$sakai_Openvpn_Monitoring|g" /home/vps/public_html/index.php
  978. sed -i "s|sakaiserverip|$IPADDR|g" /home/vps/public_html/index.php
  979. sed -i "s|v2portas|65432|g" /home/vps/public_html/index.php
  980. sed -i "s|SSH_Port1|$SSH_Port1|g" /home/vps/public_html/index.php
  981. sed -i "s|SSH_Port2|$SSH_Port2|g" /home/vps/public_html/index.php
  982. sed -i "s|Dropbear_Port1|$Dropbear_Port1|g" /home/vps/public_html/index.php
  983. sed -i "s|Dropbear_Port2|$Dropbear_Port2|g" /home/vps/public_html/index.php
  984. sed -i "s|Stunnel_Port1|$Stunnel_Port1|g" /home/vps/public_html/index.php
  985. sed -i "s|Stunnel_Port2|$Stunnel_Port2|g" /home/vps/public_html/index.php
  986. sed -i "s|Stunnel_Port3|$Stunnel_Port3|g" /home/vps/public_html/index.php
  987. sed -i "s|Privoxy_Port1|$Privoxy_Port1|g" /home/vps/public_html/index.php
  988. sed -i "s|Privoxy_Port2|$Privoxy_Port1|g" /home/vps/public_html/index.php
  989. sed -i "s|Squid_Port1|$Squid_Port1|g" /home/vps/public_html/index.php
  990. sed -i "s|Squid_Port2|$Squid_Port2|g" /home/vps/public_html/index.php
  991. sed -i "s|Squid_Port3|$Squid_Port3|g" /home/vps/public_html/index.php
  992. sed -i "s|OHP_Port1|$OHP_Port1|g" /home/vps/public_html/index.php
  993. sed -i "s|OHP_Port2|$OHP_Port2|g" /home/vps/public_html/index.php
  994. sed -i "s|OHP_Port3|$OHP_Port3|g" /home/vps/public_html/index.php
  995. sed -i "s|OHP_Port4|$OHP_Port4|g" /home/vps/public_html/index.php
  996. sed -i "s|OHP_Port5|$OHP_Port5|g" /home/vps/public_html/index.php
  997. sed -i "s|Simple_Port1|$Simple_Port1|g" /home/vps/public_html/index.php
  998. sed -i "s|Simple_Port2|$Simple_Port2|g" /home/vps/public_html/index.php
  999. sed -i "s|Direct_Port1|$Direct_Port1|g" /home/vps/public_html/index.php
  1000. sed -i "s|Direct_Port2|$Direct_Port2|g" /home/vps/public_html/index.php
  1001. sed -i "s|Open_Port1|$Open_Port1|g" /home/vps/public_html/index.php
  1002. sed -i "s|Open_Port2|$Open_Port2|g" /home/vps/public_html/index.php
  1003. sed -i "s|NXPort|$Nginx_Port|g" /home/vps/public_html/index.php
  1004. service nginx restart
  1005. apt -y install python3-virtualenv geoip-database geoip-database-extra
  1006. apt -y install git apache2 libapache2-mod-wsgi python3-geoip2 python3-humanize python3-bottle python3-semantic-version geoip-database geoip-database-extra
  1007. apt -y install git gcc nginx uwsgi uwsgi-plugin-python3 virtualenv python3-dev libgeoip-dev geoip-database geoip-database-extra
  1008. # Setting Up OpenVPN monitoring
  1009. wget -O /srv/openvpn-monitor.zip "https://github.com/korn-sudo/Project-Fog/raw/main/files/panel/openvpn-monitor.zip"
  1010. cd /srv
  1011. unzip -qq openvpn-monitor.zip
  1012. rm -f openvpn-monitor.zip
  1013. cd openvpn-monitor
  1014. virtualenv -p python3 .
  1015. . bin/activate
  1016. pip install -r requirements.txt
  1017. #updating ports for openvpn monitoring
  1018. sed -i "s|Tcp_Monitor_Port|$Tcp_Monitor_Port|g" /srv/openvpn-monitor/openvpn-monitor.conf
  1019. sed -i "s|Udp_Monitor_Port|$Udp_Monitor_Port|g" /srv/openvpn-monitor/openvpn-monitor.conf
  1020. # Creating monitoring .ini for our OpenVPN Monitoring Panel
  1021. cat <<'myMonitorINI' > /etc/uwsgi/apps-available/openvpn-monitor.ini
  1022. [uwsgi]
  1023. base = /srv
  1024. project = openvpn-monitor
  1025. logto = /var/log/uwsgi/app/%(project).log
  1026. plugins = python3
  1027. chdir = %(base)/%(project)
  1028. virtualenv = %(chdir)
  1029. module = openvpn-monitor:application
  1030. manage-script-name = true
  1031. mount=/openvpn-monitor=openvpn-monitor.py
  1032. myMonitorINI
  1033. ln -s /etc/uwsgi/apps-available/openvpn-monitor.ini /etc/uwsgi/apps-enabled/
  1034. # GeoIP For OpenVPN Monitor
  1035. mkdir -p /var/lib/GeoIP
  1036. wget -O /var/lib/GeoIP/GeoLite2-City.mmdb.gz "https://github.com/korn-sudo/Project-Fog/raw/main/files/panel/GeoLite2-City.mmdb.gz"
  1037. gzip -d /var/lib/GeoIP/GeoLite2-City.mmdb.gz
  1038. function ip_address(){
  1039. local IP="$( ip addr | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | egrep -v "^192\.168|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-2]\.|^10\.|^127\.|^255\.|^0\." | head -n 1 )"
  1040. [ -z "${IP}" ] && IP="$( wget -qO- -t1 -T2 ipv4.icanhazip.com )"
  1041. [ -z "${IP}" ] && IP="$( wget -qO- -t1 -T2 ipinfo.io/ip )"
  1042. [ ! -z "${IP}" ] && echo "${IP}" || echo
  1043. }
  1044. IPADDR="$(ip_address)"
  1045. # Applying cron job
  1046. cd
  1047. echo "SHELL=/bin/sh
  1048. PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin" | crontab -
  1049. sleep 1
  1050. echo "#OHP Server
  1051. @reboot /usr/local/sbin/sakai-ohp-updater-sakai-obs
  1052. #Multi-login Limit ON dropbear,ssh,ssl (not included: openvpn)
  1053. @reboot /usr/local/sbin/limiter-sakai-obs
  1054. @reboot /usr/local/sbin/sakai-limiter-activator-obs
  1055. # Python Socks Server
  1056. @reboot /usr/local/sbin/sakai-python-updater-sakai-obs
  1057. # Timer for Auto-reconnect
  1058. @reboot /usr/local/sbin/disable-orasan
  1059. " >> /var/spool/cron/crontabs/root
  1060. }
  1061. ###### Chokepoint for Debian and Ubuntu No.2 vvvvvv
  1062. function ConfMenu(){
  1063. echo -e " Creating Menu scripts.."
  1064. cd /usr/local/sbin/
  1065. wget -q 'https://github.com/korn-sudo/Project-Fog/raw/main/files/menu/menu-deb-v301.zip'
  1066. unzip -qq menu-deb-v301.zip
  1067. rm -f menu-deb-v301.zip
  1068. chmod +x ./*
  1069. dos2unix ./* &> /dev/null
  1070. sed -i 's|/etc/squid/squid.conf|/etc/privoxy/config|g' ./*
  1071. sed -i 's|http_port|listen-address|g' ./*
  1072. cd ~
  1073. wget -O /usr/bin/uninstaller-sakai-obs "https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/debian_unins-fog-obs"
  1074. chmod +x /usr/bin/uninstaller-sakai-obs
  1075. }
  1076. function ports_info(){
  1077. # For Edit Port dependencies
  1078. mkdir -p /etc/project-sakai/service-ports
  1079. mkdir -p /etc/project-sakai/v2
  1080. echo "$SSH_Port1" > /etc/project-sakai/service-ports/sshp1
  1081. echo "$SSH_Port2" > /etc/project-sakai/service-ports/sshp2
  1082. echo "$OpenVPN_TCP_Port" > /etc/project-sakai/service-ports/openvpn-tcp
  1083. echo "$OpenVPN_UDP_Port" > /etc/project-sakai/service-ports/openvpn-udp
  1084. echo "$Squid_Port1" > /etc/project-sakai/service-ports/squid1
  1085. echo "$Squid_Port2" > /etc/project-sakai/service-ports/squid2
  1086. echo "$Squid_Port3" > /etc/project-sakai/service-ports/squid3
  1087. echo "$Privoxy_Port1" > /etc/project-sakai/service-ports/priv1
  1088. echo "$Privoxy_Port2" > /etc/project-sakai/service-ports/priv2
  1089. echo "$Dropbear_Port1" > /etc/project-sakai/service-ports/dropbear1
  1090. echo "$Dropbear_Port2" > /etc/project-sakai/service-ports/dropbear2
  1091. echo "$Stunnel_Port2" > /etc/project-sakai/service-ports/stunnel-ssh
  1092. echo "$Stunnel_Port1" > /etc/project-sakai/service-ports/stunnel-drop
  1093. echo "$Stunnel_Port3" > /etc/project-sakai/service-ports/stunnel-open
  1094. echo "65432" > /etc/project-sakai/v2/panel_port
  1095. }
  1096. function InsV2ray(){
  1097. bash <(curl -Ls https://raw.githubusercontent.com/irwan-aidan/v2-ui/main/install.sh)
  1098. sleep 1
  1099. cat <<'v2about' > /etc/project-sakai/v2/about
  1100. ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
  1101. ░▒▓█ ☁️ Project sakai ☁️ █▓▒░
  1102. What is V2Ray?
  1103. Multiple inbound/outbound proxies: one V2Ray instance supports in
  1104. parallel multiple inbound and outbound protocols. Each protocol works
  1105. independently.
  1106. Current Supported Protocols:
  1107. 1. Vmess 5. Dokodemo-door
  1108. 2. Vless 6. Socks
  1109. 3. Trojan 7. HTTP
  1110. 4. Shadowsocks
  1111. How to Use V2Ray?
  1112. 1. Go to your browser and enter this link:
  1113. http://IP-ADDRESS:65432
  1114. 2. Login Username: admin
  1115. Login Password: admin
  1116. 3. Go to Accounts
  1117. 4. Tap or click the " + " button. its color blue.
  1118. 5. Add Account Tab will appear and
  1119. fill in and choose parameters for your V2Ray.
  1120. REMINDERS:
  1121. 1. Please use port ramdomly given V2Ray Panel.
  1122. 2. If you want preferred port, make sure it is not
  1123. currently use by other services or else
  1124. your all V2Ray connection will not work.
  1125. 3. iF you accidentally hit current use port in your V2Ray config,
  1126. A. Go to Panel > Accounts > : and delete all accounts.
  1127. B. Go to your VPS and restart V2ray using Menu.
  1128. or simply reboot your VPS.
  1129. Supported Platforms:
  1130. 1. Windows
  1131. 2. Andoid Phones
  1132. 3. iPhones
  1133. 4. Mac
  1134. Notes:
  1135. This V2Ray Panel is made by Sprov.
  1136. All credits to Sprov.
  1137. Check his work at:
  1138. https://github.com/sprov065
  1139. https://blog.sprov.xyz/
  1140. ░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
  1141. v2about
  1142. sleep 1
  1143. sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/project-sakai/v2/about
  1144. }
  1145. function ScriptMessage(){
  1146. clear
  1147. echo ""
  1148. echo ""
  1149. echo ""
  1150. echo -e " ░▒▓█ ☁️ Project sakai ☁️ █▓▒░"
  1151. echo " "
  1152. echo -e " This Script is FREE always and forever . . ."
  1153. echo -e " by: irwanmohi 🦊 "
  1154. echo ""
  1155. echo ""
  1156. echo -e " Credits to:"
  1157. echo -e " PHC-Ford [FordSenpai] 🐱"
  1158. echo -e " Bon-chan 🦢"
  1159. echo -e " lfasmpao 🐯"
  1160. echo -e " ADM-Manager 🐬"
  1161. echo -e " Sprov 🌤️"
  1162. echo -e " WaGo-G 🔥"
  1163. echo -e " PHC_JAYVEE ☣️"
  1164. echo ""
  1165. echo ""
  1166. }
  1167. function InstBadVPN(){
  1168. # Pull BadVPN Binary 64bit or 32bit
  1169. if [ "$(getconf LONG_BIT)" == "64" ]; then
  1170. wget -O /usr/bin/badvpn-udpgw "https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/badvpn-udpgw64"
  1171. else
  1172. wget -O /usr/bin/badvpn-udpgw "https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/badvpn-udpgw"
  1173. fi
  1174. # Set BadVPN to Start on Boot via .profile
  1175. sed -i '$ i\screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300' /root/.profile
  1176. # Change Permission to make it Executable
  1177. chmod +x /usr/bin/badvpn-udpgw
  1178. # Start BadVPN via Screen
  1179. screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300
  1180. }
  1181. function CheckRequirements(){
  1182. ###### Chokepoint for Debian and Ubuntu No.3 vvvvvv
  1183. # Not Debian OS will be force exit
  1184. source /etc/os-release
  1185. if [[ "$ID" != 'debian' ]]; then
  1186. ScriptMessage
  1187. echo -e "[\e[1;31mError\e[0m] This script is for debian only, exiting..."
  1188. exit 1
  1189. fi
  1190. # Non-rooted machine will be force exit
  1191. # If you're on sudo user, run `sudo su -` first before running this script
  1192. if [[ $EUID -ne 0 ]];then
  1193. ScriptMessage
  1194. echo -e "[\e[1;31mError\e[0m] This script must be run as root, exiting..."
  1195. exit 1
  1196. fi
  1197. # (For OpenVPN) Checking it this machine have TUN Module, this is the tunneling interface of OpenVPN server
  1198. if [[ ! -e /dev/net/tun ]]; then
  1199. echo -e "[\e[1;31mError\e[0m] You cant use this script without TUN Module installed/embedded in your machine, file a support ticket to your machine admin about this matter"
  1200. echo -e "[\e[1;31m-\e[0m] Script is now exiting..."
  1201. exit 1
  1202. fi
  1203. ###### Chokepoint for Debian and Ubuntu No.3 ^^^^^
  1204. }
  1205. function InstOthers(){
  1206. # Running screenfetch
  1207. wget -O /usr/bin/screenfetch "https://raw.githubusercontent.com/korn-sudo/Project-Fog/main/files/plugins/screenfetch"
  1208. chmod +x /usr/bin/screenfetch
  1209. echo "/bin/bash /etc/openvpn/openvpn.bash" >> .profile
  1210. echo "clear" >> .profile
  1211. echo "screenfetch" >> .profile
  1212. # Obash
  1213. cd
  1214. curl -skL "https://github.com/louigi600/obash/archive/8976fd2fa256c583769b979036f59a741730eb48.tar.gz" -o obash.tgz
  1215. tar xf obash.tgz && rm -f obash.tgz
  1216. sleep 1
  1217. cd obash-8976fd2fa256c583769b979036f59a741730eb48
  1218. make clean
  1219. make
  1220. mv -f obash /usr/local/bin/obash
  1221. cd .. && rm -rf obash-8976fd2fa256c583769b979036f59a741730eb48
  1222. cd
  1223. #alias menu
  1224. wget -O ./.bashrc "https://raw.githubusercontent.com/korn-sudo/Project-Fog/main/files/plugins/.bashrc"
  1225. #banner
  1226. cat <<'korn77' > /etc/irwanmohi/banner
  1227. <br><font>
  1228. <br><font>
  1229. <br><font color='green'> <b> ░▒▓█ ☁️ Sakai VPN ☁️ █▓▒░</b> </br></font>
  1230. <br><font>
  1231. <br><font color='#32CD32'>: : : ★ Happy Browsing!😊 </br></font>
  1232. <br><font color='#32CD32'>: : : ★ This is FREE and Not for Sale! </br></font>
  1233. <br><font color='#FDD017'>: : : ★ Project Lead: irwanmohi 🦊</br></font>
  1234. <br><font>
  1235. <br><font color='#32CD32'>: : : ★ STRICTLY NO ACCOUNT SHARING</br></font>
  1236. <br><font color='#32CD32'>: : : ★ STRICTLY NO MULTI-LOGIN</br></font>
  1237. <br><font color='#32CD32'>: : : ★ STRICTLY NO TORRENT</br></font>
  1238. <br><font>
  1239. <br><font color='#FF00FF'>░▒▓█ VIOLATORS WILL BE BAN!!!</br></font>
  1240. <br><font>
  1241. <br><font>
  1242. korn77
  1243. #block-by-keyword
  1244. mkdir -p /etc/vil
  1245. echo "#!/bin/bash " >> /etc/vil
  1246. # Timer Notification in menu section checker
  1247. echo " " > /etc/sakai/timer-proxy
  1248. echo " " > /etc/sakai/timer-seconds
  1249. #Tweak for IPV4 TCP/UDP speed and maximize capability function Status: OFF
  1250. cd
  1251. mkdir -p /etc/project-sakai/others
  1252. echo "#Project sakai TCP Tweak OFF" > /etc/sysctl.conf
  1253. echo "off" > /etc/project-sakai/others/tcptweaks
  1254. # Setting server local time
  1255. ln -fs /usr/share/zoneinfo/$MyVPS_Time /etc/localtime
  1256. #version of Project sakai autoscript
  1257. echo "$ver" > /etc/sakai/version
  1258. # Start-up Application Verification (protection for modders)
  1259. mkdir -p /usr/lib/kshell
  1260. echo "75" > /usr/lib/kshell/libs
  1261. }
  1262. function Installation-log(){
  1263. clear
  1264. echo ""
  1265. echo " INSTALLATION FINISH! "
  1266. echo ""
  1267. echo ""
  1268. echo "Server Information: " | tee -a log-install.txt | lolcat
  1269. echo " • Timezone : $MyVPS_Time " tee -a log-install.txt | lolcat
  1270. echo " • Fail2Ban : [ON]" | tee -a log-install.txt | lolcat
  1271. echo " • IPtables : [ON]" | tee -a log-install.txt | lolcat
  1272. echo " • Auto-Reboot : [OFF] See menu to [ON] " | tee -a log-install.txt
  1273. echo " • TCP Speed Tweak: [OFF] See menu to [ON]" | tee -a log-install.txt | lolcat
  1274. echo " • Squid Cache : [ON]" | tee -a log-install.txt | lolcat
  1275. echo " • IPv6 : [OFF]" | tee -a log-install.txt | lolcat
  1276. echo " "| tee -a log-install.txt | lolcat
  1277. echo "Automated Features:"| tee -a log-install.txt | lolcat
  1278. echo " • Auto delete expired user account"| tee -a log-install.txt | lolcat
  1279. echo " • Auto restart server "| tee -a log-install.txt | lolcat
  1280. echo " • Auto disconnect multilogin users [Openvpn not included]."| tee -a log-install.txt | lolcat
  1281. echo " • Auto configure firewall every reboot[Protection for torrent and etc..]"| tee -a log-install.txt | lolcat
  1282. echo " • Auto updated firewall[if port change,removed or add,firewall will adapt your new port]"| tee -a log-install.txt | lolcat
  1283. echo " • Auto updated OHP[Over-HTTP-Puncher]working even theres changes in ports"| tee -a log-install.txt | lolcat
  1284. echo " " | tee -a log-install.txt | lolcat
  1285. echo "Services & Port Information:" | tee -a log-install.txt | lolcat
  1286. echo " • OpenVPN : [ON] : TCP: $OpenVPN_TCP_Port | UDP: $OpenVPN_UDP_Port" | tee -a log-install.txt | lolcat
  1287. echo " • Dropbear : [ON] : $Dropbear_Port1 | $Dropbear_Port2 " | tee -a log-install.txt | lolcat
  1288. echo " • Squid Proxy : [ON] : $Squid_Port1 | $Squid_Port2 |$Squid_Port3 | limit to IP Server" | tee -a log-install.txt | lolcat
  1289. echo " • Privoxy : [ON] : $Privoxy_Port1 | $Privoxy_Port2 | limit to IP Server" | tee -a log-install.txt | lolcat
  1290. echo " • SSL through Dropbear : [ON] : $Stunnel_Port1 " | tee -a log-install.txt | lolcat
  1291. echo " • SSL through OpenSSH : [ON] : $Stunnel_Port2" | tee -a log-install.txt | lolcat
  1292. echo " • SSL through Openvpn : [ON] : $Stunnel_Port3 " | tee -a log-install.txt | lolcat
  1293. echo " • OHP [through Squid] : [ON] : $OHP_Port1 | $OHP_Port2 " | tee -a log-install.txt | lolcat
  1294. echo " • OHP [through Privoxy]: [ON] : $OHP_Port3 | $OHP_Port4 " | tee -a log-install.txt | lolcat
  1295. echo " • OHP [through Openvpn]: [ON] : $OHP_Port5 " | tee -a log-install.txt | lolcat
  1296. echo " • Simple Socks Proxy : [ON] : $Simple_Port1 | $Simple_Port2 " | tee -a log-install.txt | lolcat
  1297. echo " • Direct Socks Proxy : [ON] : $Direct_Port1 | $Direct_Port2 " | tee -a log-install.txt | lolcat
  1298. echo " • Openvpn Socks Proxy : [ON] : $Open_Port1 | $Open_Port2 " | tee -a log-install.txt | lolcat
  1299. echo " • ShadowsocksR Server : [OFF] : Configure through menu " | tee -a log-install.txt | lolcat
  1300. echo " • BADVPN : [ON] : 7300 " | tee -a log-install.txt | lolcat
  1301. echo " • Additional SSHD Port : [ON] : $SSH_Port2" | tee -a log-install.txt | lolcat
  1302. echo " • OCS Panel : [ON] : http://$IPADDR:$Nginx_Port" | tee -a log-install.txt | lolcat
  1303. echo " • Openvpn Monitoring : [ON] : http://$IPADDR:$sakai_Openvpn_Monitoring" | tee -a log-install.txt | lolcat
  1304. echo " • V2ray Panel : [ON] : http://$IPADDR:65432 " | tee -a log-install.txt | lolcat
  1305. echo "" | tee -a log-install.txt | lolcat
  1306. echo "Notes:" | tee -a log-install.txt | lolcat
  1307. echo " ★ Edit/Change/Off/On your OHP Port and Python Socks [see in menu option] " | tee -a log-install.txt | lolcat
  1308. echo " ★ Torrent Protection [ add newest torrent port] " | tee -a log-install.txt | lolcat
  1309. echo " ★ Port Scanner Basic Protection " | tee -a log-install.txt | lolcat
  1310. echo " ★ Brute Force Attack Basic Protection " | tee -a log-install.txt | lolcat
  1311. echo " ★ All ports can be edited in Edit Menu. OHP and Socks Proxy adapt new port. " | tee -a log-install.txt | lolcat
  1312. echo " ★ Multi-login Limit customize per user [see menu]. " | tee -a log-install.txt | lolcat
  1313. echo " ★ To display list of commands: " [ menu ] or [ menu sakai ] "" | tee -a log-install.txt | lolcat
  1314. echo "" | tee -a log-install.txt | lolcat
  1315. echo " ★ Other concern and questions of these auto-scripts?" | tee -a log-install.txt | lolcat
  1316. echo " Direct Messege : www.facebook.com/sakaiips" | tee -a log-install.txt | lolcat
  1317. echo ""
  1318. read -p " Press enter.."
  1319. }
  1320. function Complete-reboot(){
  1321. clear
  1322. echo ""
  1323. echo ""
  1324. figlet Project sakai -c | lolcat
  1325. echo ""
  1326. echo " Installation Complete! System need to reboot to apply all changes! "
  1327. read -p " Press Enter to reboot..."
  1328. reboot
  1329. }
  1330. #########################################################
  1331. ### Installation Begins...
  1332. #########################################################
  1333. # Filtering Machine did not meet Requirements
  1334. echo "Checking if your Server meet the requirements . . . "
  1335. CheckRequirements
  1336. ScriptMessage
  1337. sleep 2
  1338. #System Upgrade and Updates
  1339. echo " Installing Operating System Updates"
  1340. InstUpdates
  1341. # Configure OpenSSH and Dropbear
  1342. echo " Configuring ssh..."
  1343. InstSSH
  1344. # Configure Stunnel
  1345. echo " Configuring stunnel..."
  1346. InsStunnel
  1347. # Configure BadVPN UDPGW
  1348. echo " Configuring BadVPN UDPGW..."
  1349. InstBadVPN
  1350. # Configure Webmin
  1351. echo " Configuring webmin..."
  1352. InstWebmin
  1353. # Configure Squid and Privoxy
  1354. echo " Configuring proxy..."
  1355. InsProxy
  1356. # Configure Over-HTTP-Puncher
  1357. echo " Configuring Over-HTTP-Puncher..."
  1358. InsOHP
  1359. # Configure Python Socks Proxy
  1360. echo " Configuring Python Socks Proxy..."
  1361. InsPython
  1362. # Configure Shadowsocks R
  1363. echo " Configuring Shadowsocks R..."
  1364. InsShodowSocks
  1365. # Configure OpenVPN
  1366. echo " Configuring OpenVPN..."
  1367. InsOpenVPN
  1368. # Configuring Nginx OVPN config download site
  1369. echo " Configuring OpenVPN Config File and Panel Services..."
  1370. sakaiPanel
  1371. # Some assistance and startup scripts
  1372. echo " Configuring Startup Application Automation..."
  1373. ConfStartup
  1374. # VPS Menu script v1.0
  1375. echo " Configuring Main Dish Menu..."
  1376. ConfMenu
  1377. # Saving all Ports Information
  1378. echo " Saving all Ports Information..."
  1379. ports_info
  1380. # Configure OpenVPN
  1381. echo " Configuring V2Ray..."
  1382. InsV2ray
  1383. # Others Services ( Screenfetch, Setting Local, TCP Tweak )
  1384. echo " Adding other services..."
  1385. InstOthers
  1386. #Server Information and Details
  1387. echo "READ ME!"
  1388. Installation-log
  1389. #Final Touch (Reboot Remark)
  1390. Complete-reboot
  1391. clear
  1392. cd ~
  1393. exit 1