test/iwantest

#!/bin/bash

#########################################################
###      Input your desire port and information...
#########################################################

MyScriptName='AidanVPN'
# Stunnel Cert Info
country='MY'
state='Sel'
locality='gombak'
organization='aidan'
organizationalunit='aidan'
commonname='aidan'

#Server Name for openvpn config and banner
ServerName='Aidan-VPN'

# OpenSSH Ports
SSH_Port1='22'
SSH_Port2='299'

# Dropbear Ports
Dropbear_Port1='790'
Dropbear_Port2='2770'

# Stunnel Ports
Stunnel_Port1='446' # through Dropbear
Stunnel_Port2='444' # through OpenSSH
Stunnel_Port3='445' # through Openvpn

# OpenVPN Ports
OpenVPN_TCP_Port='1720'
OpenVPN_UDP_Port='3900'

# Privoxy Ports
Privoxy_Port1='9880'
Privoxy_Port2='3100'

# Squid Ports
Squid_Port1='3233'
Squid_Port2='7003'
Squid_Port3='9005'

# Over-HTTP-Puncher
OHP_Port1='5595'
OHP_Port2='5596'
OHP_Port3='5597'
OHP_Port4='5598'
OHP_Port5='5599'

# Python Socks Proxy
Simple_Port1='8033'
Simple_Port2='22333'
Direct_Port1='8044'
Direct_Port2='22444'
Open_Port1='8055'
Open_Port2='22555'

# WebServer Ports
Php_Socket='9000'
Fog_Openvpn_Monitoring='89'
Tcp_Monitor_Port='450'
Udp_Monitor_Port='451'
Nginx_Port='85' 

# Server local time
MyVPS_Time='Asia/Kuala_Lumpur'

#########################################################
###        Project Fog AutoScript Code Begins...
#########################################################

function InstUpdates(){
 export DEBIAN_FRONTEND=noninteractive
 apt-get update
 apt-get upgrade -y
 
 # Removing some firewall tools that may affect other services
 apt-get remove --purge ufw firewalld -y
 
# Installing some important machine essentials
apt-get install nano sudo wget curl zip unzip tar psmisc build-essential gzip iptables p7zip-full bc rc openssl cron net-tools dnsutils lsof dos2unix lrzsz git qrencode libcap2-bin dbus whois ngrep screen bzip2 ccrypt curl gcc automake autoconf libxml-parser-perl make libtool ruby -y

 
# Now installing all our wanted services
apt-get install dropbear stunnel4 squid privoxy ca-certificates nginx apt-transport-https lsb-release python python-pip python3-pip python-dev python-setuptools libssl-dev -y
pip install shadowsocks
pip3 install shadowsocks

# Installing all required packages to install Webmin
apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python dbus libxml-parser-perl shared-mime-info jq fail2ban -y

 
# Installing a text colorizer and design
gem install lolcat
apt-get install figlet


###### Chokepoint for Debian and Ubuntu No. 1  vvvvvv
# Installing all Web Panel Requirements
sudo apt-get install lsb-release ca-certificates apt-transport-https software-properties-common -y
sudo apt-get upgrade --fix-missing -y
sudo apt-get install -y php8.0 -y
sudo apt-get install php7.3-fpm -y
sudo apt-get install php7.3-cli -y
sudo apt-get install libssh2-1 -y
sudo apt-get install php-ssh2 -y
sudo apt-get install libgeoip-dev -y
sudo apt-get install uwsgi -y
sudo apt-get install geoipupdate -y
sudo apt-get install uwsgi-plugin-python -y
sudo apt-get install --reinstall python-virtualenv -y
sudo apt-get install --reinstall geoip-database-extra -y

sudo update-alternatives --set php /usr/bin/php7.3

apt-get install php7.3-ssh2 php-ssh2-all-dev -y

###### Chokepoint for Debian and Ubuntu No.1  ^^^^^

 # Installing OpenVPN by pulling its repository inside sources.list file 
 rm -rf /etc/apt/sources.list.d/openvpn*
 echo "deb http://build.openvpn.net/debian/openvpn/stable $(lsb_release -sc) main" > /etc/apt/sources.list.d/openvpn.list
 wget -qO - http://build.openvpn.net/debian/openvpn/stable/pubkey.gpg|apt-key add -
 apt-get update
 apt-get install openvpn -y

# Certbot for Domain Self Sign Certification 2.3.4x
sudo apt-get install certbot -y

# Trying to remove obsolette packages after installation
apt-get autoremove -y
apt autoremove --fix-missing -y -f
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6

}

function InstSSH(){
 # Removing some duplicated sshd server configs
rm -f /etc/ssh/sshd_config

sleep 1

# Creating a SSH server config using cat eof tricks
cat <<'MySSHConfig' > /etc/ssh/sshd_config
# Project FOG OpenSSH Server config
# -blackestsaint
Port myPORT1
Port myPORT2
AddressFamily inet
ListenAddress 0.0.0.0
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
PermitRootLogin yes
MaxSessions 1024
PubkeyAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication no
UsePAM yes
X11Forwarding yes
PrintMotd no
ClientAliveInterval 300
ClientAliveCountMax 2
UseDNS no
Banner /etc/zorro-luffy
AcceptEnv LANG LC_*
Subsystem   sftp  /usr/lib/openssh/sftp-server

MySSHConfig

sleep 2
 # Now we'll put our ssh ports inside of sshd_config
 sed -i "s|myPORT1|$SSH_Port1|g" /etc/ssh/sshd_config
 sed -i "s|myPORT2|$SSH_Port2|g" /etc/ssh/sshd_config

 
 # My workaround code to remove `BAD Password error` from passwd command, it will fix password-related error on their ssh accounts.
 sed -i '/password\s*requisite\s*pam_cracklib.s.*/d' /etc/pam.d/common-password
 sed -i 's/use_authtok //g' /etc/pam.d/common-password

 # Some command to identify null shells when you tunnel through SSH or using Stunnel, it will fix user/pass authentication error on HTTP Injector, KPN Tunnel, eProxy, SVI, HTTP Proxy Injector etc ssh/ssl tunneling apps.
 sed -i '/\/bin\/false/d' /etc/shells
 sed -i '/\/usr\/sbin\/nologin/d' /etc/shells
 echo '/bin/false' >> /etc/shells
 echo '/usr/sbin/nologin' >> /etc/shells

# Restarting openssh service
 systemctl restart ssh
  
 # Removing some duplicate config file
 rm -rf /etc/default/dropbear*
 
 # creating dropbear config using cat eof tricks
 cat <<'MyDropbear' > /etc/default/dropbear
# Project FOG Dropbear Config
NO_START=0
DROPBEAR_PORT=PORT01
DROPBEAR_EXTRA_ARGS="-p PORT02"
DROPBEAR_BANNER="/etc/zorro-luffy"
DROPBEAR_RSAKEY="/etc/dropbear/dropbear_rsa_host_key"
DROPBEAR_DSSKEY="/etc/dropbear/dropbear_dss_host_key"
DROPBEAR_ECDSAKEY="/etc/dropbear/dropbear_ecdsa_host_key"
DROPBEAR_RECEIVE_WINDOW=65536
MyDropbear

 # Now changing our desired dropbear ports
 sed -i "s|PORT01|$Dropbear_Port1|g" /etc/default/dropbear
 sed -i "s|PORT02|$Dropbear_Port2|g" /etc/default/dropbear
 
 # Restarting dropbear service
 systemctl restart dropbear
}

function InsStunnel(){
 StunnelDir=$(ls /etc/default | grep stunnel | head -n1)

 # Creating stunnel startup config using cat eof tricks
cat <<'MyStunnelD' > /etc/default/$StunnelDir
# Project FOG Stunnel Config
ENABLED=1
FILES="/etc/stunnel/*.conf"
OPTIONS=""
BANNER="/etc/zorro-luffy"
PPP_RESTART=0
# RLIMITS="-n 4096 -d unlimited"
RLIMITS=""
MyStunnelD

 # Removing all stunnel folder contents
 rm -rf /etc/stunnel/*
 
 # Creating stunnel certifcate using openssl
 openssl req -new -x509 -days 9999 -nodes -subj "/C=MY/ST=SEL/L=Gombak/O=$MyScriptName/OU=$MyScriptName/CN=$MyScriptName" -out /etc/stunnel/stunnel.pem -keyout /etc/stunnel/stunnel.pem

 # Creating stunnel server config
 cat <<'MyStunnelC' > /etc/stunnel/stunnel.conf
# My Stunnel Config
pid = /var/run/stunnel.pid
cert = /etc/stunnel/stunnel.pem
client = no
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
TIMEOUTclose = 0

[dropbear]
accept = Stunnel_Port1
connect = 127.0.0.1:dropbear_port_c

[openssh]
accept = Stunnel_Port2
connect = 127.0.0.1:openssh_port_c

[openvpn]
accept = Stunnel_Port3
connect = 127.0.0.1:openvpn_port_c


MyStunnelC

 # setting stunnel ports
 sed -i "s|Stunnel_Port1|$Stunnel_Port1|g" /etc/stunnel/stunnel.conf
 sed -i "s|Stunnel_Port2|$Stunnel_Port2|g" /etc/stunnel/stunnel.conf
 sed -i "s|Stunnel_Port3|$Stunnel_Port3|g" /etc/stunnel/stunnel.conf
 sed -i "s|dropbear_port_c|$Dropbear_Port1|g" /etc/stunnel/stunnel.conf
 sed -i "s|openssh_port_c|$SSH_Port1|g" /etc/stunnel/stunnel.conf
 sed -i "s|openvpn_port_c|$OpenVPN_TCP_Port|g" /etc/stunnel/stunnel.conf


 # Restarting stunnel service
 systemctl restart $StunnelDir

}

function InsOHP(){
cd
wget https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/ohpserver
chmod +x ohpserver
sleep 3

# Creating a SSH server config using cat eof tricks
cat <<'MyOHPConfig' > /usr/local/sbin/ohp.sh
#!/bin/bash
# Credits to: ADM Manager,FordSenpai and Bon-Chan 
#    ░▒▓█ Project Fog █▓▒░
# Project Lead: blackestsaint


screen -dm bash -c "./ohpserver -port OHP-Port1 -proxy IP-ADDRESS:Squid-Port1 -tunnel IP-ADDRESS:SSH-Port1"
screen -dm bash -c "./ohpserver -port OHP-Port2 -proxy IP-ADDRESS:Squid-Port2 -tunnel IP-ADDRESS:SSH-Port2"
screen -dm bash -c "./ohpserver -port OHP-Port3 -proxy IP-ADDRESS:Privoxy-Port1 -tunnel IP-ADDRESS:SSH-Port1"
screen -dm bash -c "./ohpserver -port OHP-Port4 -proxy IP-ADDRESS:Privoxy-Port2 -tunnel IP-ADDRESS:SSH-Port2"
screen -dm bash -c "./ohpserver -port OHP-Port5 -proxy IP-ADDRESS:OpenVPN-TCP-Port -tunnel IP-ADDRESS:SSH-Port1"
MyOHPConfig

 # Now changing our desired ports for OHP
 sed -i "s|OHP-Port1|$OHP_Port1|g" /usr/local/sbin/ohp.sh
 sed -i "s|OHP-Port2|$OHP_Port2|g" /usr/local/sbin/ohp.sh
 sed -i "s|OHP-Port3|$OHP_Port3|g" /usr/local/sbin/ohp.sh
 sed -i "s|OHP-Port4|$OHP_Port4|g" /usr/local/sbin/ohp.sh
 sed -i "s|OHP-Port5|$OHP_Port5|g" /usr/local/sbin/ohp.sh
 sed -i "s|IP-ADDRESS|$IPADDR|g" /usr/local/sbin/ohp.sh
 sed -i "s|Squid-Port1|$Squid_Port1|g" /usr/local/sbin/ohp.sh
 sed -i "s|Squid-Port2|$Squid_Port2|g" /usr/local/sbin/ohp.sh
 sed -i "s|Privoxy-Port1|$Privoxy_Port1|g" /usr/local/sbin/ohp.sh
 sed -i "s|Privoxy-Port2|$Privoxy_Port2|g" /usr/local/sbin/ohp.sh
 sed -i "s|OpenVPN-TCP-Port|$OpenVPN_TCP_Port|g" /usr/local/sbin/ohp.sh
 sed -i "s|SSH-Port1|$SSH_Port1|g" /usr/local/sbin/ohp.sh
 sed -i "s|SSH-Port2|$SSH_Port2|g" /usr/local/sbin/ohp.sh

chmod +x /usr/local/sbin/ohp.sh

mkdir -p /etc/project-fog/ohp

# For Activation of OHP after reboot
echo "$OHP_Port1" > /etc/project-fog/ohp/ohp1
echo "$OHP_Port2" > /etc/project-fog/ohp/ohp2
echo "$OHP_Port3" > /etc/project-fog/ohp/ohp3
echo "$OHP_Port4" > /etc/project-fog/ohp/ohp4
echo "$OHP_Port5" > /etc/project-fog/ohp/ohp5

# For Notification of status of OHP in menu
echo "on" > /etc/project-fog/ohp/ohp1-status
echo "on" > /etc/project-fog/ohp/ohp2-status
echo "on" > /etc/project-fog/ohp/ohp3-status
echo "on" > /etc/project-fog/ohp/ohp4-status
echo "on" > /etc/project-fog/ohp/ohp5-status

# OHP About
mkdir -p /etc/korn
cat <<'korn70' > /etc/korn/ohp-about
Over-HTTP-Puncher

1.This is for advanced users only.
2. OHP enchance your HTTP Proxy software (squid/tinyproxy/privoxy)

Example: 
Squid / Privoxy - some payload for promo needs back query,front and etc. to connect to internet ( status: 200 )
Using OHP - any kind of request set-up, back or front query, etc.. will always responses 200 automatically. (using correct payload for a promo.) and connect to internet.

Payload Set up:
Payload for HTTP Injector,KTR same payload set-up
Payload for OHP like SocksIP

Software needed for OHP:
Any http tunneling software.

OHP is similar to Python Proxy.

Explore and enjoy ^_^ 

Credits to: lfasmpao
korn70

}

function InsPython(){

mkdir -p /etc/project-fog/py-socksproxy

#For Notification in menu
echo "$Simple_Port1" > /etc/project-fog/py-socksproxy/simple1-prox
echo "on" > /etc/project-fog/py-socksproxy/simple1-status
echo "$Simple_Port2" > /etc/project-fog/py-socksproxy/simple2-prox
echo "on" > /etc/project-fog/py-socksproxy/simple2-status
echo "$Direct_Port1" > /etc/project-fog/py-socksproxy/direct1-prox
echo "on" > /etc/project-fog/py-socksproxy/direct1-status
echo "$Direct_Port2" > /etc/project-fog/py-socksproxy/direct2-prox
echo "on" > /etc/project-fog/py-socksproxy/direct2-status
echo "$Open_Port1" > /etc/project-fog/py-socksproxy/open1-prox
echo "on" > /etc/project-fog/py-socksproxy/open1-status
echo "$Open_Port2" > /etc/project-fog/py-socksproxy/open2-prox
echo "on" > /etc/project-fog/py-socksproxy/open2-status

#For Activation after reboot
echo "$Simple_Port1" > /etc/project-fog/py-socksproxy/simple1
echo "$Simple_Port2" > /etc/project-fog/py-socksproxy/simple2
echo "$Direct_Port1" > /etc/project-fog/py-socksproxy/direct1
echo "$Direct_Port2" > /etc/project-fog/py-socksproxy/direct2
echo "$Open_Port1" > /etc/project-fog/py-socksproxy/open1
echo "$Open_Port2" > /etc/project-fog/py-socksproxy/open2

# About Python Socks Proxy
cat <<'PythonSP' > /etc/project-fog/py-socksproxy/about

 
                      ░▒▓█ ☁️ Project Fog ☁️ █▓▒░


What is a Socks Proxy?
A SOCKS proxy is a proxy server at the TCP level. In other words,
it acts as a tunnel, relaying all traffic going through it without 
modifying it. SOCKS proxies can be used to relay traffic using any 
network protocol that uses TCP.


What is Python Socks Proxy?
This Python module allows you to create TCP connections through 
a SOCKS proxy without any special effort. 

reference: google.com.my                                          
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

What is Simple Python Socks Proxy?

Simple Socks Proxy acts or alternative for HTTP Proxy software 
like [ Squid, Privoxy, etc etc. . . ]

Difference with other HTTP Proxy software like Squid, Privoxy?
   Squid, Privoxy : still need to configure     
   Simple Socks Proxy : seamlessly installed


reference: base on my experience | Please explore to know more . . 
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

What is Direct Python Socks Proxy?

1. Same function with OHP [Over-HTTP-Puncher]
2. Can act or alternative to Remote Proxy or SSH Port 

   A. Difference with Squid or Privoxy?

     Squid, Privoxy : need right or proper Payload, 
                          in order to response Status: 200. 
 
     Direct Socks Proxy :simple payload will do and response Status:200  

   B. Payload Set Up?

           Squid, Privoxy : common set up
      Direct Socks Proxy : like SocksIP.

3. Difference between OHP and Direct Socks Proxy?
   
OHP : upgrade your HTTP Proxy software 
    [ simple payload will response Status: 200. ]
      its all in one. 
    including Openvpn unlike Python Socks, needs other file for Openvpn.

Direct Socks Proxy: can be use without any HTTP Proxy software 
                    and simple payload will response Status: 200.   

   
	  Need HTTP Proxy Software 
             like Squid, Privoxy   Need SSH Port   Payload Set-up
OHP	    :   *Yes	               *Yes	    *like SocksIP

Direct 	    :   *No	               *Yes	    *like SocksIP
Socks Proxy

reference: base on my experience | Please explore to know more . . 
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

What is Openvpn Python Socks Proxy?

1.Act or alternate for Remote Proxy exclusive for Openvpn TCP Protocol.
 [ simple payload will response Status: 200. ]

2. Payload Set-up?
   Basic or simple set-up can response Status: 200.

3. Same with OHP through Openvpn. 


reference: base on my experience | Please explore to know more . . 
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

Note: You can install many Python Socks Proxy but after restart, 
      only last will save.

Ex. Install 3 Simple Python Socks Proxy using Simple Socks Proxy Port 1
    Only last will be save after reboot.

PythonSP

}


function InsShodowSocks(){

# To prevent error in loading server of shadowsocks
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.4/dist-packages/shadowsocks/crypto/openssl.py
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.5/dist-packages/shadowsocks/crypto/openssl.py
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.6/dist-packages/shadowsocks/crypto/openssl.py
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.7/dist-packages/shadowsocks/crypto/openssl.py
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.8/dist-packages/shadowsocks/crypto/openssl.py
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.9/dist-packages/shadowsocks/crypto/openssl.py

# Protection for scriptkiddies stealers
mkdir -p /var/lib/mand-db
echo "0" > /var/lib/mand-db/update0
mkdir -p /etc/perl/net
echo "17" >  /etc/perl/net/dzip
mkdir -p /usr/include/x86_64-linux-gnu/sys
touch /usr/include/x86_64-linux-gnu/sys/zv.h

# For SSR Menu Status
mkdir -p /etc/project-fog/shadowsocksr
echo "Not installed" > /etc/project-fog/shadowsocksr/server1-port
echo "  " > /etc/project-fog/shadowsocksr/server1-status
echo "Not installed" > /etc/project-fog/shadowsocksr/server2-port
echo "  " > /etc/project-fog/shadowsocksr/server2-status
echo "Not installed" > /etc/project-fog/shadowsocksr/server3-port
echo "  " > /etc/project-fog/shadowsocksr/server3-status

cat <<'SSRabout' > /etc/project-fog/shadowsocksr/ssr-about
 
                     ░▒▓█ ☁️ Project Fog ☁️ █▓▒░

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
What is Shadowsocks?
Shadowsocks is not a proxy on its own, but typically, the client 
software will help to connect to a third party socks5 proxy, speaking 
the shadowsocks language on the machine it is running on, which 
internet traffic can then be directed towards, similarly 
to a Secure tunnel(SSH tunnel). 

Unlike an SSH tunnel, shadowsocks can also proxy UDP traffic.


How to use:

1. Download and install "Shadowsocks R" . Search in google for the link.
2. Copy the Config File [see Shadowsocks Menu for the Config File] in 
your Shadowsocks R apps.
3. Connect.
End


Tips: 

1. Choose best payload and parameters for your server. 
   You can use trial and error method.
2. You can easily stop, start and create SSR. 
3. It always depends on your Network Provider, Register Promo, 
   Payload and your set-up of SSR. 

For Pro Users:
You can edit, add more server, etc. .
Directory: /etc/project-fog/shadowsocksr 
Filename: Server*.json 



Credits to: clowwindy
SSRabout

}

function InsOpenVPN(){

#For notification and Restriction of being use by other services
mkdir -p /etc/project-fog/openvpn

#Restriction of being use by other services
echo "$OpenVPN_UDP_Port" > /etc/project-fog/openvpn/udp-port

 # Checking if openvpn folder is accidentally deleted or purged
 if [[ ! -e /etc/openvpn ]]; then
  mkdir -p /etc/openvpn
 fi

 # Removing all existing openvpn server files
 rm -rf /etc/openvpn/*

 # Creating server.conf, ca.crt, server.crt and server.key
 cat <<'myOpenVPNconf' > /etc/openvpn/server_tcp.conf
# OpenVPN TCP
port OVPNTCP
proto tcp
dev tun
sndbuf 0 
rcvbuf 0 
push "sndbuf 393216" 
push "rcvbuf 393216"
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh2048.pem
verify-client-cert none
username-as-common-name
key-direction 0
plugin /etc/openvpn/plugins/openvpn-plugin-auth-pam.so login
server 10.200.0.0 255.255.0.0
ifconfig-pool-persist ipp.txt
push "route IP-ADDRESS 255.255.255.255 vpn_gateway"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
push "route-method exe"
push "route-delay 2"
socket-flags TCP_NODELAY
push "socket-flags TCP_NODELAY"
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log tcp.log
management 127.0.0.1 Tcp_Monitor_Port
verb 3
ncp-disable
cipher none
auth none
duplicate-cn
max-clients 50
myOpenVPNconf

cat <<'myOpenVPNconf2' > /etc/openvpn/server_udp.conf
# OpenVPN UDP
port OVPNUDP
proto udp
dev tun
sndbuf 0 
rcvbuf 0 
push "sndbuf 393216" 
push "rcvbuf 393216"
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh2048.pem
verify-client-cert none
username-as-common-name
key-direction 0
plugin /etc/openvpn/plugins/openvpn-plugin-auth-pam.so login
server 10.201.0.0 255.255.0.0
ifconfig-pool-persist ipp.txt
push "route IP-ADDRESS 255.255.255.255 vpn_gateway"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
push "route-method exe"
push "route-delay 2"
socket-flags TCP_NODELAY
push "socket-flags TCP_NODELAY"
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log udp.log
management 127.0.0.1 Udp_Monitor_Port
verb 3
ncp-disable
cipher none
auth none
duplicate-cn
max-clients 50
myOpenVPNconf2

 cat <<'EOF7'> /etc/openvpn/ca.crt
-----BEGIN CERTIFICATE-----
MIIDqTCCAxKgAwIBAgIUBnJqBAnqOixnTtR+X8wEmXk9EDQwDQYJKoZIhvcNAQEL
BQAwgYkxCzAJBgNVBAYTAm15MQwwCgYDVQQIDANzZWwxDzANBgNVBAcMBmdvbWJh
azEOMAwGA1UECgwFYWlkYW4xFTATBgNVBAsMDHd3dy5haWRhbi5teTEVMBMGA1UE
AwwMdnBuLmFpZGFuLm15MR0wGwYJKoZIhvcNAQkBFg5hZG1pbkBhaWRhbi5teTAe
Fw0yMTEwMDcyMTE0NDdaFw00OTAyMjEyMTE0NDdaMIGJMQswCQYDVQQGEwJteTEM
MAoGA1UECAwDc2VsMQ8wDQYDVQQHDAZnb21iYWsxDjAMBgNVBAoMBWFpZGFuMRUw
EwYDVQQLDAx3d3cuYWlkYW4ubXkxFTATBgNVBAMMDHZwbi5haWRhbi5teTEdMBsG
CSqGSIb3DQEJARYOYWRtaW5AYWlkYW4ubXkwgZ8wDQYJKoZIhvcNAQEBBQADgY0A
MIGJAoGBAJmt5wyo8p9tRHSDUNHHUqkt1H2livU3LT7PMzHFGsA3Uv4AchDnzep0
Asl8Zv14kE3WUHCUn9TJKotNZrQcf0JIkdl9mlODMjIDt+Sgw7paal+E5kyztCw/
tP3E9aBq84uJkUHNrx+s4pf4VmcG8jMvFBZ7u6QMz3H1hICRyjXjAgMBAAGjggEK
MIIBBjAdBgNVHQ4EFgQUI9uCexq0CnJyzdDd/3EVIBBARQ0wgckGA1UdIwSBwTCB
voAUI9uCexq0CnJyzdDd/3EVIBBARQ2hgY+kgYwwgYkxCzAJBgNVBAYTAm15MQww
CgYDVQQIDANzZWwxDzANBgNVBAcMBmdvbWJhazEOMAwGA1UECgwFYWlkYW4xFTAT
BgNVBAsMDHd3dy5haWRhbi5teTEVMBMGA1UEAwwMdnBuLmFpZGFuLm15MR0wGwYJ
KoZIhvcNAQkBFg5hZG1pbkBhaWRhbi5teYIUBnJqBAnqOixnTtR+X8wEmXk9EDQw
DAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEADKe3
qVstKktLiPaqapjkl3u9vhouVytAG/hn+udeyeDKVJLP8eni6nw8xVdiDwaKAZZW
9xTq2EcgQ5qA1UZdttCUSpYvrpsh1kRpCDb1wPM0vEULVs8kcMbV+7rF4vspCjLT
7VnTDziwIWuZR7z1Ykxt0qlc3Mw3b3m3UVztbRY=
-----END CERTIFICATE-----
EOF7

 cat <<'EOF9'> /etc/openvpn/server.crt
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:19:a0:34:ac:4c:44:ee:4e:e5:af:09:3e:6f:3a:d6
        Signature Algorithm: sha256WithRSAEncryption
        Issuer:
            countryName               = my
            stateOrProvinceName       = sel
            localityName              = gombak
            organizationName          = aidan
            organizationalUnitName    = www.aidan.my
            commonName                = vpn.aidan.my
            emailAddress              = admin@aidan.my
        Validity
            Not Before: Oct  8 12:26:19 2021 GMT
            Not After : Jan 11 12:26:19 2024 GMT
        Subject:
            commonName                = vpn.aidan.my
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Key Identifier: 
                E1:15:1A:9C:87:5A:B0:5F:EB:72:13:28:9F:1F:96:0C:D3:50:6F:1C
            X509v3 Authority Key Identifier: 
                keyid:23:DB:82:7B:1A:B4:0A:72:72:CD:D0:DD:FF:71:15:20:10:40:45:0D
                DirName:/C=my/ST=sel/L=gombak/O=aidan/OU=www.aidan.my/CN=vpn.aidan.my/emailAddress=admin@aidan.my
                serial:06:72:6A:04:09:EA:3A:2C:67:4E:D4:7E:5F:CC:04:99:79:3D:10:34

            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Digital Signature, Key Encipherment
            X509v3 Subject Alternative Name: 
                DNS:vpn.aidan.my
Signature Algorithm: sha256WithRSAEncryption
         7b:bb:9d:d5:6e:fb:b3:c2:f8:ff:e3:de:a4:18:2c:64:39:50:
         4e:a4:dd:85:36:d1:5a:67:7a:3e:17:0b:6d:69:fc:c7:c7:9b:
         50:ed:13:20:43:64:e2:45:dc:02:1e:26:91:e9:f0:eb:89:eb:
         db:69:22:ef:a1:75:a2:ad:60:13:b1:a7:a5:6c:fa:02:c2:89:
         e8:72:f5:f2:5c:2f:78:25:70:5e:2e:c3:42:23:49:cf:68:0e:
         0a:5a:5e:71:36:a6:64:db:e5:3d:fa:57:e5:cc:d9:b7:a1:41:
         df:70:05:d7:92:f7:35:52:e0:59:6d:02:82:64:4b:15:67:0e:
         20:90
-----BEGIN CERTIFICATE-----
MIID4TCCA0qgAwIBAgIQDhmgNKxMRO5O5a8JPm861jANBgkqhkiG9w0BAQsFADCB
iTELMAkGA1UEBhMCbXkxDDAKBgNVBAgMA3NlbDEPMA0GA1UEBwwGZ29tYmFrMQ4w
DAYDVQQKDAVhaWRhbjEVMBMGA1UECwwMd3d3LmFpZGFuLm15MRUwEwYDVQQDDAx2
cG4uYWlkYW4ubXkxHTAbBgkqhkiG9w0BCQEWDmFkbWluQGFpZGFuLm15MB4XDTIx
MTAwODEyMjYxOVoXDTI0MDExMTEyMjYxOVowFzEVMBMGA1UEAwwMdnBuLmFpZGFu
Lm15MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/AnQSYsLrklSCIrD
wpfnShkVVAeKlcu6FCY6pq8aNe2jkdu86oAI1Vh18ef321I6m/260cny5q2BABvO
g3wpsrAebuuIb/aP2s889N307zs0eOioyPJfklmkMYPgqXYRKSY1JHxpMpeHtifl
ypUVFfTAyj5ikYJ5R+D3RVQb36P91ue29dwYY6CUIplRoMZZuIhFV53srVjlIBDH
2hL9H5iXiWHJNH0irnH8EKW9+IKJezWMtLit1LqWCgj0UfLgwDUHhpRUkecmZ9LQ
hgA33jnIxIdoaq/njPyo/TyzhznNG6ECa4/zodR8to9Y7FYkHR63BBYmEXCd234Q
VNIGOwIDAQABo4IBNTCCATEwCQYDVR0TBAIwADAdBgNVHQ4EFgQU4RUanIdasF/r
chMonx+WDNNQbxwwgckGA1UdIwSBwTCBvoAUI9uCexq0CnJyzdDd/3EVIBBARQ2h
gY+kgYwwgYkxCzAJBgNVBAYTAm15MQwwCgYDVQQIDANzZWwxDzANBgNVBAcMBmdv
bWJhazEOMAwGA1UECgwFYWlkYW4xFTATBgNVBAsMDHd3dy5haWRhbi5teTEVMBMG
A1UEAwwMdnBuLmFpZGFuLm15MR0wGwYJKoZIhvcNAQkBFg5hZG1pbkBhaWRhbi5t
eYIUBnJqBAnqOixnTtR+X8wEmXk9EDQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYD
VR0PBAQDAgWgMBcGA1UdEQQQMA6CDHZwbi5haWRhbi5teTANBgkqhkiG9w0BAQsF
AAOBgQB7u53Vbvuzwvj/496kGCxkOVBOpN2FNtFaZ3o+FwttafzHx5tQ7RMgQ2Ti
RdwCHiaR6fDrievbaSLvoXWirWATsaelbPoCwonocvXyXC94JXBeLsNCI0nPaA4K
Wl5xNqZk2+U9+lflzNm3oUHfcAXXkvc1UuBZbQKCZEsVZw4gkA==
-----END CERTIFICATE-----
EOF9

 cat <<'EOF10'> /etc/openvpn/server.key
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC9i2bkRCrTukzc
pXVcQ5ki3NNxZx6f4Ol7XSh2aiuYHD0z2jBJqzdggjdnSnk/h+V5dmqTLMrV2IqV
JbLFgdhEShWY2f+p/npoyJ5DOHTOgjP0jfhq9l7tTLDuOXDL4PUq+ls9uVvWsGpC
+1DEDoEq4rVbuaNUa3u7Za4oc1lLvLNpwd36YxN/v+nkN6g9yOIEKw70zwcsOEIR
+JM2lpm0sIGLUuD8pJBGJwNwEnyVhqSAGFq6RE+vFiEqfApKAWBFDJab/TSTD8Qn
9zjP+WE/EZoY3bNAUQuPByIa4rVB0DpPBu91/JlmjTG2jp5vZawcegI62RLqQxCA
bfSsHvcDAgMBAAECggEBALRK3yoNdTdEJExUzhde7VDt/+oEjmrBQxVm/U/1mVXs
toKV7gyE4f3Ynt6PRlmZ6Drq2mD34FAc02UfILch1RbP6U8lPTzzpHf7LB8Amoq7
6rOaP0tu4ciShFF1LcegSVQCI7vIjoTd9ZWU+7Qhn9etIZkIMUXhnyYXh9tOLQgN
581Q84nvLzGniDnLd7Njfzs4VVnU/iBQ9k0lMF74PCNWe693XOTEDqiBzUhInv5l
3JbH+mjPiFs3qymJv3+zvWZcn5rq09O3kpmv7ALXlO7e2GAdouNHPpQwKWOUQKnP
zOuySOElBR6y8ensdQA6htYj0nOFLbye4MBjqAZyekECgYEA7afTWNeSPrYwO1L9
l9K1aV65v5SPLrrbQcu18QENdu7oW6FQgxZMgi72IZ98m117IvE4cVaGutRLM16s
BQo+7QQfMMz0/qeuDX0xY3ts9296qNJS/I54po0etPiy82Iprhk46rsTD7kDP4DI
VqOXV2NbGJNo2fCIba7GSLuR1BECgYEAzCzhz4MMQgdjTlW/V97QFCVAW0Sko54n
cqkVrRMcfn38psXIykgk1t7OCTjHluzwaiOuQejBR+a5+7qo1KUjqpgnAX5VsRVt
kGNSv/0vduapYmjfk9NWqo9WdAilCsZHH2kqbH/JAxiZS1Qx7aC4k+nW2ufbUZVV
4txppsGzXdMCgYEApTLn4vXWnukeFd7WkNbTa++Axv+JmD4jc1Ubn+/PYEEqG6fC
w5yYilYCmdS3VXhhxCRRy9cNyIkRzR+eC9LXcwJOfCm8k9gTUSUZU8HUORuw8/Ff
5ldS3tNx6PKH0k8GEhNOUTzBP0ioTVhD6pXE+eYCyM6PMA/XhgbbpmtcL0ECgYEA
zCToFqqp++8VHMLhkUMn+6yPX3IPx8SfHqbvFGDycYsYrcs+Cvr9UpXtngzWixIX
A5jvZ9kIQBLyzD4DBrKjKbP99CFUHr4VEXQtzeahqZnRrKK9QTnjAqBUyanHEzHS
9RYao+dUnbLfuxDQ5w523vXErJV8lWLiP/Uv8drks58CgYBu1zfQ6u87ezgrFYfG
lkMyDsKDfo7rDw/n87POzf4mXhBfH6SsdUxGQm+dhAPKsw5nlBzNyb/1qAr0/pCI
RTEAOV616OGGDddmkkA1BkPvOR3J000TwTxkEJOKIvlss2dacHrmcKHdXd7sqzOI
HTnch/a7v/QI8crkAJC1Ko62jA==
-----END PRIVATE KEY-----
EOF10

 cat <<'EOF13'> /etc/openvpn/dh2048.pem
-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEAzC2KTpUqb7JqnThpVZ49nQ/vGU7+Fv2hCgBb+vmJK9D0Bn3+iwAL
jlWOuohRU/wWPulruDVXEivK3s5hBE6umVQQsBjYOclMyVUW26Hl7F8iAqUeZd6j
L6mb1rNAqcKI1s8J4Bqj2RxwwQ7MP1EzBIsIRD/fysgifRKi0D/qwC4ZTvPnef+h
Nwm6cCjn6pjMgBDH8vjvA/gUyBWM92V0x38M/J6BmHqp/02sGCeLjZ7y64zid1QW
wTxsx5M/cCZoezCXcuFIzHxbNjqWqCrt4HDd3P8aJpPqYhNV9XouZX2DfrzYnBXz
EIzWaCi/0HjitKBuR9RhhU+mpXJwVU7xqwIBAg==
-----END DH PARAMETERS-----
EOF13

 # Creating a New update message in server.conf
 cat <<'NUovpn' > /etc/openvpn/server.conf
 # New Update are now released, OpenVPN Server
 # are now running both TCP and UDP Protocol. (Both are only running on IPv4)
 # But our native server.conf are now removed and divided
 # Into two different configs base on their Protocols:
 #  * OpenVPN TCP (located at /etc/openvpn/server_tcp.conf
 #  * OpenVPN UDP (located at /etc/openvpn/server_udp.conf
 # 
 # Also other logging files like
 # status logs and server logs
 # are moved into new different file names:
 #  * OpenVPN TCP Server logs (/etc/openvpn/tcp.log)
 #  * OpenVPN UDP Server logs (/etc/openvpn/udp.log)
 #  * OpenVPN TCP Status logs (/etc/openvpn/tcp_stats.log)
 #  * OpenVPN UDP Status logs (/etc/openvpn/udp_stats.log)
 #
 # Server ports are configured base on env vars
 # executed/raised from this script (OpenVPN_TCP_Port/OpenVPN_UDP_Port)
 #
NUovpn

 # setting openvpn server port
 sed -i "s|OVPNTCP|$OpenVPN_TCP_Port|g" /etc/openvpn/server_tcp.conf
 sed -i "s|OVPNUDP|$OpenVPN_UDP_Port|g" /etc/openvpn/server_udp.conf
 sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/openvpn/server_tcp.conf
 sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/openvpn/server_udp.conf
 sed -i "s|Tcp_Monitor_Port|$Tcp_Monitor_Port|g" /etc/openvpn/server_tcp.conf
 sed -i "s|Udp_Monitor_Port|$Udp_Monitor_Port|g" /etc/openvpn/server_udp.conf

 # Getting some OpenVPN plugins for unix authentication
 cd
 wget https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/plugin.tgz
 tar -xzvf /root/plugin.tgz -C /etc/openvpn/
 rm -f plugin.tgz
 
 # Some workaround for OpenVZ machines for "Startup error" openvpn service
 if [[ "$(hostnamectl | grep -i Virtualization | awk '{print $2}' | head -n1)" == 'openvz' ]]; then
 sed -i 's|LimitNPROC|#LimitNPROC|g' /lib/systemd/system/openvpn*
 systemctl daemon-reload
fi

 # Allow IPv4 Forwarding
 sed -i '/net.ipv4.ip_forward.*/d' /etc/sysctl.conf
 sed -i '/net.ipv4.ip_forward.*/d' /etc/sysctl.d/*.conf
 echo 'net.ipv4.ip_forward=1' > /etc/sysctl.d/20-openvpn.conf
 sysctl --system &> /dev/null

 # Iptables Rule for OpenVPN server
 cat <<'EOFipt' > /etc/openvpn/openvpn.bash
#!/bin/bash
PUBLIC_INET="$(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)' | head -1)"
IPCIDR='10.200.0.0/16'
IPCIDR2='10.201.0.0/16'
iptables -I FORWARD -s $IPCIDR -j ACCEPT
iptables -I FORWARD -s $IPCIDR2 -j ACCEPT
iptables -t nat -A POSTROUTING -o $PUBLIC_INET -j MASQUERADE
iptables -t nat -A POSTROUTING -s $IPCIDR -o $PUBLIC_INET -j MASQUERADE
iptables -t nat -A POSTROUTING -s $IPCIDR2 -o $PUBLIC_INET -j MASQUERADE
EOFipt
 chmod +x /etc/openvpn/openvpn.bash
 bash /etc/openvpn/openvpn.bash

 # Enabling IPv4 Forwarding
 echo 1 > /proc/sys/net/ipv4/ip_forward
 
 # Starting OpenVPN server
 systemctl start openvpn@server_tcp
 systemctl enable openvpn@server_tcp
 systemctl start openvpn@server_udp
 systemctl enable openvpn@server_udp

}
function InsProxy(){

 # Removing Duplicate privoxy config
 rm -rf /etc/privoxy/config*
 
 # Creating Privoxy server config using cat eof tricks
 cat <<'privoxy' > /etc/privoxy/config
# My Privoxy Server Config
user-manual /usr/share/doc/privoxy/user-manual
confdir /etc/privoxy
logdir /var/log/privoxy
filterfile default.filter
logfile logfile
listen-address 0.0.0.0:Privoxy_Port1
listen-address 0.0.0.0:Privoxy_Port2
toggle 1
enable-remote-toggle 0
enable-remote-http-toggle 0
enable-edit-actions 0
enforce-blocks 0
buffer-limit 4096
enable-proxy-authentication-forwarding 1
forwarded-connect-retries 1
accept-intercepted-requests 1
allow-cgi-request-crunching 1
split-large-forms 0
keep-alive-timeout 5
tolerate-pipelining 1
socket-timeout 300
permit-access 0.0.0.0/0 IP-ADDRESS
privoxy

 # Setting machine's IP Address inside of our privoxy config(security that only allows this machine to use this proxy server)
 sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/privoxy/config
 
 # Setting privoxy ports
 sed -i "s|Privoxy_Port1|$Privoxy_Port1|g" /etc/privoxy/config
 sed -i "s|Privoxy_Port2|$Privoxy_Port2|g" /etc/privoxy/config

 # Starting Proxy server
echo -e "Restarting Privoxy Proxy server..."
systemctl restart privoxy

 # Removing Duplicate Squid config
 rm -rf /etc/squid/squid.con*
 
 # Creating Squid server config using cat eof tricks
 cat <<'mySquid' > /etc/squid/squid.conf
# My Squid Proxy Server Config
acl VPN dst IP-ADDRESS/32
http_access allow VPN
http_access deny all 
http_port 0.0.0.0:Squid_Port1
http_port 0.0.0.0:Squid_Port2
http_port 0.0.0.0:Squid_Port3
### Allow Headers
request_header_access Allow allow all 
request_header_access Authorization allow all 
request_header_access WWW-Authenticate allow all 
request_header_access Proxy-Authorization allow all 
request_header_access Proxy-Authenticate allow all 
request_header_access Cache-Control allow all 
request_header_access Content-Encoding allow all 
request_header_access Content-Length allow all 
request_header_access Content-Type allow all 
request_header_access Date allow all 
request_header_access Expires allow all 
request_header_access Host allow all 
request_header_access If-Modified-Since allow all 
request_header_access Last-Modified allow all 
request_header_access Location allow all 
request_header_access Pragma allow all 
request_header_access Accept allow all 
request_header_access Accept-Charset allow all 
request_header_access Accept-Encoding allow all 
request_header_access Accept-Language allow all 
request_header_access Content-Language allow all 
request_header_access Mime-Version allow all 
request_header_access Retry-After allow all 
request_header_access Title allow all 
request_header_access Connection allow all 
request_header_access Proxy-Connection allow all 
request_header_access User-Agent allow all 
request_header_access Cookie allow all 
request_header_access All deny all
### HTTP Anonymizer Paranoid
reply_header_access Allow allow all 
reply_header_access Authorization allow all 
reply_header_access WWW-Authenticate allow all 
reply_header_access Proxy-Authorization allow all 
reply_header_access Proxy-Authenticate allow all 
reply_header_access Cache-Control allow all 
reply_header_access Content-Encoding allow all 
reply_header_access Content-Length allow all 
reply_header_access Content-Type allow all 
reply_header_access Date allow all 
reply_header_access Expires allow all 
reply_header_access Host allow all 
reply_header_access If-Modified-Since allow all 
reply_header_access Last-Modified allow all 
reply_header_access Location allow all 
reply_header_access Pragma allow all 
reply_header_access Accept allow all 
reply_header_access Accept-Charset allow all 
reply_header_access Accept-Encoding allow all 
reply_header_access Accept-Language allow all 
reply_header_access Content-Language allow all 
reply_header_access Mime-Version allow all 
reply_header_access Retry-After allow all 
reply_header_access Title allow all 
reply_header_access Connection allow all 
reply_header_access Proxy-Connection allow all 
reply_header_access User-Agent allow all 
reply_header_access Cookie allow all 
reply_header_access All deny all
#Korn
cache_mem 200 MB
maximum_object_size_in_memory 32 KB
maximum_object_size 1024 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid 100 16 256
access_log /var/log/squid/access.log squid
### CoreDump
coredump_dir /var/spool/squid
dns_nameservers 1.1.1.1 1.0.0.1
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
visible_hostname blackestsaint
mySquid

 # Setting machine's IP Address inside of our Squid config(security that only allows this machine to use this proxy server)
 sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/squid/squid.conf
 
 # Setting squid ports
 sed -i "s|Squid_Port1|$Squid_Port1|g" /etc/squid/squid.conf
 sed -i "s|Squid_Port2|$Squid_Port2|g" /etc/squid/squid.conf
 sed -i "s|Squid_Port3|$Squid_Port3|g" /etc/squid/squid.conf

 # Starting Proxy server
 echo -e "Restarting Squid Proxy server..."
 systemctl restart squid
}

function FogPanel(){

rm /home/vps/public_html -rf
rm /etc/nginx/sites-* -rf
rm /etc/nginx/nginx.conf -rf
sleep 1
mkdir -p /home/vps/public_html

# Creating nginx config for our webserver
cat <<'myNginxC' > /etc/nginx/nginx.conf

user www-data;

worker_processes 1;
pid /var/run/nginx.pid;

events {
	multi_accept on;
  worker_connections 1024;
}

http {
	gzip on;
	gzip_vary on;
	gzip_comp_level 5;
	gzip_types    text/plain application/x-javascript text/xml text/css;

	autoindex on;
  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  keepalive_timeout 65;
  types_hash_max_size 2048;
  server_tokens off;
  include /etc/nginx/mime.types;
  default_type application/octet-stream;
  access_log /var/log/nginx/access.log;
  error_log /var/log/nginx/error.log;
  client_max_body_size 32M;
	client_header_buffer_size 8m;
	large_client_header_buffers 8 8m;

	fastcgi_buffer_size 8m;
	fastcgi_buffers 8 8m;

	fastcgi_read_timeout 600;


  include /etc/nginx/conf.d/*.conf;
}

myNginxC

# Creating vps config for our OCS Panel
cat <<'myvpsC' > /etc/nginx/conf.d/vps.conf
server {
  listen       Nginx_Port;
  server_name  127.0.0.1 localhost;
  access_log /var/log/nginx/vps-access.log;
  error_log /var/log/nginx/vps-error.log error;
  root   /home/vps/public_html;

  location / {
    index  index.html index.htm index.php;
    try_files $uri $uri/ /index.php?$args;
  }

  location ~ \.php$ {
    include /etc/nginx/fastcgi_params;
    fastcgi_pass  127.0.0.1:Php_Socket;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  }
}

myvpsC

# Creating monitoring config for our OpenVPN Monitoring Panel
cat <<'myMonitoringC' > /etc/nginx/conf.d/monitoring.conf

server {
    listen Fog_Openvpn_Monitoring;
    location / {
        uwsgi_pass unix:///run/uwsgi/app/openvpn-monitor/socket;
        include uwsgi_params;
    }
}

myMonitoringC

#this is the home page of our webserver
wget -O /home/vps/public_html/index.php "https://raw.githubusercontent.com/korn-sudo/Project-Fog/main/files/panel/index.php"


# Setting up our WebServer Ports and IP Addresses
cd
sleep 1

sed -i "s|/run/php/php7.3-fpm.sock|127.0.0.1:$Php_Socket|g" /etc/php/7.3/fpm/pool.d/www.conf
sed -i "s|Php_Socket|$Php_Socket|g" /etc/nginx/conf.d/vps.conf
sed -i "s|Nginx_Port|$Nginx_Port|g" /etc/nginx/conf.d/vps.conf
sed -i "s|Fog_Openvpn_Monitoring|$Fog_Openvpn_Monitoring|g" /etc/nginx/conf.d/monitoring.conf
sed -i "s|Fog_Openvpn_Monitoring|$Fog_Openvpn_Monitoring|g" /home/vps/public_html/index.php
sed -i "s|fogserverip|$IPADDR|g" /home/vps/public_html/index.php
sed -i "s|v2portas|65432|g" /home/vps/public_html/index.php

sed -i "s|SSH_Port1|$SSH_Port1|g" /home/vps/public_html/index.php
sed -i "s|SSH_Port2|$SSH_Port2|g" /home/vps/public_html/index.php
sed -i "s|Dropbear_Port1|$Dropbear_Port1|g" /home/vps/public_html/index.php
sed -i "s|Dropbear_Port2|$Dropbear_Port2|g" /home/vps/public_html/index.php
sed -i "s|Stunnel_Port1|$Stunnel_Port1|g" /home/vps/public_html/index.php
sed -i "s|Stunnel_Port2|$Stunnel_Port2|g" /home/vps/public_html/index.php
sed -i "s|Stunnel_Port3|$Stunnel_Port3|g" /home/vps/public_html/index.php
sed -i "s|Privoxy_Port1|$Privoxy_Port1|g" /home/vps/public_html/index.php
sed -i "s|Privoxy_Port2|$Privoxy_Port1|g" /home/vps/public_html/index.php
sed -i "s|Squid_Port1|$Squid_Port1|g" /home/vps/public_html/index.php
sed -i "s|Squid_Port2|$Squid_Port2|g" /home/vps/public_html/index.php
sed -i "s|Squid_Port3|$Squid_Port3|g" /home/vps/public_html/index.php
sed -i "s|OHP_Port1|$OHP_Port1|g" /home/vps/public_html/index.php
sed -i "s|OHP_Port2|$OHP_Port2|g" /home/vps/public_html/index.php
sed -i "s|OHP_Port3|$OHP_Port3|g" /home/vps/public_html/index.php
sed -i "s|OHP_Port4|$OHP_Port4|g" /home/vps/public_html/index.php
sed -i "s|OHP_Port5|$OHP_Port5|g" /home/vps/public_html/index.php
sed -i "s|Simple_Port1|$Simple_Port1|g" /home/vps/public_html/index.php
sed -i "s|Simple_Port2|$Simple_Port2|g" /home/vps/public_html/index.php
sed -i "s|Direct_Port1|$Direct_Port1|g" /home/vps/public_html/index.php
sed -i "s|Direct_Port2|$Direct_Port2|g" /home/vps/public_html/index.php
sed -i "s|Open_Port1|$Open_Port1|g" /home/vps/public_html/index.php
sed -i "s|Open_Port2|$Open_Port2|g" /home/vps/public_html/index.php
sed -i "s|NXPort|$Nginx_Port|g" /home/vps/public_html/index.php

service nginx restart


# Setting Up OpenVPN monitoring
wget -O /srv/openvpn-monitor.zip "https://github.com/korn-sudo/Project-Fog/raw/main/files/panel/openvpn-monitor.zip"
cd /srv
unzip -qq openvpn-monitor.zip
rm -f openvpn-monitor.zip
cd openvpn-monitor
virtualenv .
. bin/activate
pip install -r requirements.txt

#updating ports for openvpn monitoring
 sed -i "s|Tcp_Monitor_Port|$Tcp_Monitor_Port|g" /srv/openvpn-monitor/openvpn-monitor.conf
 sed -i "s|Udp_Monitor_Port|$Udp_Monitor_Port|g" /srv/openvpn-monitor/openvpn-monitor.conf


# Creating monitoring .ini for our OpenVPN Monitoring Panel
cat <<'myMonitorINI' > /etc/uwsgi/apps-available/openvpn-monitor.ini
[uwsgi]
base = /srv
project = openvpn-monitor
logto = /var/log/uwsgi/app/%(project).log
plugins = python
chdir = %(base)/%(project)
virtualenv = %(chdir)
module = openvpn-monitor:application
manage-script-name = true
mount=/openvpn-monitor=openvpn-monitor.py
myMonitorINI

ln -s /etc/uwsgi/apps-available/openvpn-monitor.ini /etc/uwsgi/apps-enabled/

# GeoIP For OpenVPN Monitor
mkdir -p /var/lib/GeoIP
wget -O /var/lib/GeoIP/GeoLite2-City.mmdb.gz "https://github.com/korn-sudo/Project-Fog/raw/main/files/panel/GeoLite2-City.mmdb.gz"
gzip -d /var/lib/GeoIP/GeoLite2-City.mmdb.gz

# Now creating all of our OpenVPN Configs 

# Smart Giga Games Promo TCP
cat <<Config1> /home/vps/public_html/Smart.Giga.Games.ovpn
# Created by blackestsaint

client
dev tun
proto tcp
setenv FRIENDLY_NAME "Server-Name"
remote $IPADDR $OpenVPN_TCP_Port
nobind
persist-key
persist-tun
comp-lzo
keepalive 10 120
tls-client
remote-cert-tls server
verb 2
auth-user-pass
cipher none
auth none
auth-nocache
auth-retry interact
connect-retry 0 1
nice -20
reneg-sec 0
redirect-gateway def1
setenv CLIENT_CERT 0

http-proxy $IPADDR $Squid_Port1
http-proxy-option VERSION 1.1
http-proxy-option CUSTOM-HEADER Host codm.garena.com
http-proxy-option CUSTOM-HEADER X-Forward-Host codm.garena.com
http-proxy-option CUSTOM-HEADER X-Forwarded-For codm.garena.com
http-proxy-option CUSTOM-HEADER Referrer codm.garena.com

<ca>
$(cat /etc/openvpn/ca.crt)
</ca>
Config1

# TNT Mobile Legends 10 Promo
cat <<Config2> /home/vps/public_html/ML10.ovpn
# Created by blackestsaint

client
dev tun
proto tcp
setenv FRIENDLY_NAME "Server-Name"
remote $IPADDR $OpenVPN_TCP_Port
nobind
persist-key
persist-tun
comp-lzo
keepalive 10 120
tls-client
remote-cert-tls server
verb 2
auth-user-pass
cipher none
auth none
auth-nocache
auth-retry interact
connect-retry 0 1
nice -20
reneg-sec 0
redirect-gateway def1
setenv CLIENT_CERT 0

http-proxy $IPADDR $Privoxy_Port1
http-proxy-option VERSION 1.1
http-proxy-option CUSTOM-HEADER ""
http-proxy-option CUSTOM-HEADER "GET https://web.mobilelegends.com HTTP/1.1"
http-proxy-option CUSTOM-HEADER Host web.mobilelegends.com
http-proxy-option CUSTOM-HEADER X-Forward-Host web.mobilelegends.com
http-proxy-option CUSTOM-HEADER X-Forwarded-For web.mobilelegends.com
http-proxy-option CUSTOM-HEADER Referrer web.mobilelegends.com

<ca>
$(cat /etc/openvpn/ca.crt)
</ca>
Config2

# Default TCP
cat <<Config3> /home/vps/public_html/Direct.TCP.ovpn
# Created by blackestsaint


client
dev tun
proto tcp
setenv FRIENDLY_NAME "Server-Name"
remote $IPADDR $OpenVPN_TCP_Port
nobind
persist-key
persist-tun
comp-lzo
keepalive 10 120
tls-client
remote-cert-tls server
verb 2
auth-user-pass
cipher none
auth none
auth-nocache
auth-retry interact
connect-retry 0 1
nice -20
reneg-sec 0
redirect-gateway def1
setenv CLIENT_CERT 0

<ca>
$(cat /etc/openvpn/ca.crt)
</ca>
Config3

# Default UDP
cat <<Config4> /home/vps/public_html/Direct.UDP.ovpn
# Created by blackestsaint

client
dev tun
proto udp
setenv FRIENDLY_NAME "Server-Name"
remote $IPADDR $OpenVPN_UDP_Port
nobind
persist-key
persist-tun
comp-lzo
keepalive 10 120
tls-client
remote-cert-tls server
verb 2
auth-user-pass
cipher none
auth none
auth-nocache
auth-retry interact
connect-retry 0 1
nice -20
reneg-sec 0
redirect-gateway def1
setenv CLIENT_CERT 0

<ca>
$(cat /etc/openvpn/ca.crt)
</ca>
Config4

# Smart Giga Stories Promo TCP
cat <<Config5> /home/vps/public_html/Smart.Giga.Stories.ovpn
# Created by blackestsaint

client
dev tun
proto tcp
setenv FRIENDLY_NAME "Server-Name"
remote $IPADDR $OpenVPN_TCP_Port
nobind
persist-key
persist-tun
comp-lzo
keepalive 10 120
tls-client
remote-cert-tls server
verb 2
auth-user-pass
cipher none
auth none
auth-nocache
auth-retry interact
connect-retry 0 1
nice -20
reneg-sec 0
redirect-gateway def1
setenv CLIENT_CERT 0

http-proxy $IPADDR $Squid_Port1
http-proxy-option VERSION 1.1
http-proxy-option CUSTOM-HEADER Host static.muscdn.com
http-proxy-option CUSTOM-HEADER X-Forward-Host static.muscdn.com
http-proxy-option CUSTOM-HEADER X-Forwarded-For static.muscdn.com
http-proxy-option CUSTOM-HEADER Referrer static.muscdn.com

<ca>
$(cat /etc/openvpn/ca.crt)
</ca>
Config5

# Renaming Server Name
 sed -i "s|Server-Name|$ServerName|g" /home/vps/public_html/Smart.Giga.Stories.ovpn
 sed -i "s|Server-Name|$ServerName|g" /home/vps/public_html/Direct.UDP.ovpn
 sed -i "s|Server-Name|$ServerName|g" /home/vps/public_html/Direct.TCP.ovpn
 sed -i "s|Server-Name|$ServerName|g" /home/vps/public_html/ML10.ovpn
 sed -i "s|Server-Name|$ServerName|g" /home/vps/public_html/Smart.Giga.Games.ovpn

 # Creating OVPN download site index.html
cat <<'mySiteOvpn' > /home/vps/public_html/projectfog.html
<!DOCTYPE html>
<html lang="en">

<!-- Openvpn Config File Download site by Gwapong Lander -->

<head><meta charset="utf-8" /><title>VPN Config File Download</title><meta name="description" content="Project Fog Server -korn" /><meta content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" name="viewport" /><meta name="theme-color" content="#000000" /><link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.8.2/css/all.css"><link href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/bootstrap.min.css" rel="stylesheet"><link href="https://cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.8.3/css/mdb.min.css" rel="stylesheet"></head><body><div class="container justify-content-center" style="margin-top:9em;margin-bottom:5em;"><div class="col-md"><div class="view"><img src="https://openvpn.net/wp-content/uploads/openvpn.jpg" class="card-img-top"><div class="mask rgba-white-slight"></div></div><div class="card"><div class="card-body"><h5 class="card-title">Project Fog Config List</h5><br /><ul 

class="list-group"><li class="list-group-item justify-content-between align-items-center" style="margin-bottom:1em;"><p> Giga Games Promo <span class="badge light-blue darken-4">Android/iOS/PC/Modem</span><br /><small> For Smart, TnT and Sun </small></p><a class="btn btn-outline-success waves-effect btn-sm" 
href="http://IP-ADDRESS:NGINXPORT/Smart.Giga.Games.ovpn" style="float:right;"><i class="fa fa-download"></i> Download</a></li><li 

class="list-group-item justify-content-between align-items-center" style="margin-bottom:1em;"><p> Giga Stories Promo <span class="badge light-blue darken-4">Android/iOS/PC/Modem</span><br /><small> For Smart, TnT and Sun </small></p><a class="btn btn-outline-success waves-effect btn-sm" href="http://IP-ADDRESS:NGINXPORT/Smart.Giga.Stories.ovpn" style="float:right;"><i class="fa fa-download"></i> Download</a></li><li 

class="list-group-item justify-content-between align-items-center" style="margin-bottom:1em;"><p> Mobile Legends Promo (ML10) <span class="badge light-blue darken-4">Android/iOS/PC/Modem</span><br /><small> For any network with Mobile Legends Promo </small></p><a class="btn btn-outline-success waves-effect btn-sm" href="http://IP-ADDRESS:NGINXPORT/ML10.ovpn" style="float:right;"><i class="fa fa-download"></i> Download</a></li><li 


class="list-group-item justify-content-between align-items-center" style="margin-bottom:1em;"><p> Openvpn Default TCP <span class="badge light-blue darken-4">Android/iOS/PC/Modem</span><br /><small> This default and cannot be use for bypassing promos.</small></p><a class="btn btn-outline-success waves-effect btn-sm" href="http://IP-ADDRESS:NGINXPORT/Direct.TCP.ovpn" style="float:right;"><i class="fa fa-download"></i> Download</a></li><li 


class="list-group-item justify-content-between align-items-center" style="margin-bottom:1em;"><p> Openvpn Default UDP <span class="badge light-blue darken-4">Android/iOS/PC/Modem</span><br /><small> This default and cannot be use for bypassing promos.</small></p><a class="btn btn-outline-success waves-effect btn-sm" href="http://IP-ADDRESS:NGINXPORT/Direct.UDP.ovpn" style="float:right;"><i class="fa fa-download"></i> Download</a></li><li 

class="list-group-item justify-content-between align-items-center" style="margin-bottom:1em;"><p> Reserved <span class="badge light-blue darken-4">Android/iOS/PC/Modem</span><br /><small> Reserve by Gwapong Lander.</small></p><a class="btn btn-outline-success waves-effect btn-sm" href="http://IP-ADDRESS:NGINXPORT/null" style="float:right;"><i class="fa fa-download"></i> Download</a></li>

</ul></div></div></div></div></body></html>
mySiteOvpn
 
 # Setting template's correct name,IP address and nginx Port
 sed -i "s|NGINXPORT|$Nginx_Port|g" /home/vps/public_html/projectfog.html
 sed -i "s|IP-ADDRESS|$IPADDR|g" /home/vps/public_html/projectfog.html

 # Restarting nginx service
 systemctl restart nginx
 
 # Creating all .ovpn config archives
 cd /home/vps/public_html
 zip -qq -r config.zip *.ovpn
 cd

chown -R www-data:www-data /home/vps/public_html

}

function ip_address(){
  local IP="$( ip addr | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | egrep -v "^192\.168|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-2]\.|^10\.|^127\.|^255\.|^0\." | head -n 1 )"
  [ -z "${IP}" ] && IP="$( wget -qO- -t1 -T2 ipv4.icanhazip.com )"
  [ -z "${IP}" ] && IP="$( wget -qO- -t1 -T2 ipinfo.io/ip )"
  [ ! -z "${IP}" ] && echo "${IP}" || echo
} 
IPADDR="$(ip_address)"



function ConfStartup(){

# Creating startup 1 script using cat eof tricks
cat <<'kornz' > /etc/projectfogstartup
#!/bin/sh

# Deleting Expired SSH Accounts
/usr/local/sbin/korn-user-delete-expired &> /dev/null

# Firewall Protection ( Torrent, Brute Force, Port Scanning )
/usr/local/sbin/korn-turntable-fog-obs

# Setting server local time
ln -fs /usr/share/zoneinfo/Asia/Manila /etc/localtime

# Prevent DOS-like UI when installing using APT (Disabling APT interactive dialog)
export DEBIAN_FRONTEND=noninteractive

# Blacklisted
#/bin/bash /etc/vil/blacklist

# Allowing ALL TCP ports for our machine (Simple workaround for policy-based VPS)
iptables -A INPUT -s $(wget -4qO- http://ipinfo.io/ip) -p tcp -m multiport --dport 1:65535 -j ACCEPT

# Allowing OpenVPN to Forward traffic
/bin/bash /etc/openvpn/openvpn.bash

# SSR Server
/usr/local/sbin/korn-ssr-updater-fog-obs


######                 WARNING                           
###### MAKE SURE YOU ONLY PUT [FULLY WORKING APPS] 
######          WHOLE SCRIPT WILL COLLAPSE         
######         IF YOU ADD NOT WORKING SCRIPT       
######    TEST IT BEFORE ADD YOUR COMMAND HERE     
######              by: blackestsaint      

kornz

rm -rf /etc/sysctl.d/99*


 # Setting our startup script to run every machine boots 
cat <<'kornx' > /etc/systemd/system/projectfogstartup.service
[Unit] 
Description=/etc/projectfogstartup
ConditionPathExists=/etc/projectfogstartup

[Service] 
Type=forking 
ExecStart=/etc/projectfogstartup start 
TimeoutSec=0
StandardOutput=tty 
RemainAfterExit=yes 
SysVStartPriority=99 

[Install] 
WantedBy=multi-user.target
kornx

chmod +x /etc/projectfogstartup
systemctl enable projectfogstartup
systemctl start projectfogstartup

# Applying cron job 
cd
echo "SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin" | crontab -
sleep 1

echo "#OHP Server
@reboot /usr/local/sbin/korn-ohp-updater-fog-obs

#Multi-login Limit ON dropbear,ssh,ssl (not included: openvpn)
@reboot /usr/local/sbin/limiter-fog-obs
@reboot /usr/local/sbin/fog-limiter-activator-obs

# Python Socks Server
@reboot /usr/local/sbin/korn-python-updater-fog-obs

# Timer for Auto-reconnect
@reboot /usr/local/sbin/disable-orasan


" >> /var/spool/cron/crontabs/root

}

function ports_info(){

# For Edit Port dependencies
mkdir -p /etc/project-fog/service-ports
mkdir -p /etc/project-fog/v2

echo "$SSH_Port1" > /etc/project-fog/service-ports/sshp1
echo "$SSH_Port2" > /etc/project-fog/service-ports/sshp2

echo "$OpenVPN_TCP_Port" > /etc/project-fog/service-ports/openvpn-tcp
echo "$OpenVPN_UDP_Port" > /etc/project-fog/service-ports/openvpn-udp

echo "$Squid_Port1" > /etc/project-fog/service-ports/squid1
echo "$Squid_Port2" > /etc/project-fog/service-ports/squid2
echo "$Squid_Port3" > /etc/project-fog/service-ports/squid3

echo "$Privoxy_Port1" > /etc/project-fog/service-ports/priv1
echo "$Privoxy_Port2" > /etc/project-fog/service-ports/priv2

echo "$Dropbear_Port1" > /etc/project-fog/service-ports/dropbear1
echo "$Dropbear_Port2" > /etc/project-fog/service-ports/dropbear2

echo "$Stunnel_Port2" > /etc/project-fog/service-ports/stunnel-ssh
echo "$Stunnel_Port1" > /etc/project-fog/service-ports/stunnel-drop
echo "$Stunnel_Port3" > /etc/project-fog/service-ports/stunnel-open

echo "65432" > /etc/project-fog/v2/panel_port

}

function InsV2ray(){

bash <(curl -Ls https://raw.githubusercontent.com/nullptrX/v2-ui/master/install.sh)

sleep 1

cat <<'v2about' > /etc/project-fog/v2/about

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░


                     ░▒▓█ ☁️ Project Fog ☁️ █▓▒░

What is V2Ray?
Multiple inbound/outbound proxies: one V2Ray instance supports in 
parallel multiple inbound and outbound protocols. Each protocol works 
independently.


Current Supported Protocols: 
1. Vmess	5. Dokodemo-door
2. Vless 	6. Socks
3. Trojan	7. HTTP
4. Shadowsocks


How to Use V2Ray?
1. Go to your browser and enter this link: 
  
   http://IP-ADDRESS:65432

2. Login Username: admin
   Login Password: admin  
3. Go to Accounts
4. Tap or click the " + " button. its color blue.
5. Add Account Tab will appear and 
   fill in and choose parameters for your V2Ray.


REMINDERS:
1. Please use port ramdomly given V2Ray Panel.
2. If you want preferred port, make sure it is not
   currently use by other services or else
   your all V2Ray connection will not work.
3. iF you accidentally hit current use port in your V2Ray config,
   A. Go to Panel > Accounts > : and delete all accounts.
   B. Go to your VPS and restart V2ray using Menu.
      or simply reboot your VPS.


Supported Platforms:
1. Windows
2. Andoid Phones
3. iPhones
4. Mac


Notes:
This V2Ray Panel is made by Sprov.
All credits to Sprov.
Check his work at: 
https://github.com/sprov065
https://blog.sprov.xyz/

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░


v2about

sleep 1

function InstBadVPN(){
 # Pull BadVPN Binary 64bit or 32bit
if [ "$(getconf LONG_BIT)" == "64" ]; then
 wget -O /usr/bin/badvpn-udpgw "https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/badvpn-udpgw64"
else
 wget -O /usr/bin/badvpn-udpgw "https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/badvpn-udpgw"
fi
 # Set BadVPN to Start on Boot via .profile
 sed -i '$ i\screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300' /root/.profile
 # Change Permission to make it Executable
 chmod +x /usr/bin/badvpn-udpgw
 # Start BadVPN via Screen
 screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300
}

  # Running screenfetch
 wget -O /usr/bin/screenfetch "https://raw.githubusercontent.com/korn-sudo/Project-Fog/main/files/plugins/screenfetch"
 chmod +x /usr/bin/screenfetch
 echo "/bin/bash /etc/openvpn/openvpn.bash" >> .profile
 echo "clear" >> .profile
 echo "screenfetch" >> .profile

# Obash
cd
curl -skL "https://github.com/louigi600/obash/archive/8976fd2fa256c583769b979036f59a741730eb48.tar.gz" -o obash.tgz
tar xf obash.tgz && rm -f obash.tgz
sleep 1
cd obash-8976fd2fa256c583769b979036f59a741730eb48
make clean
make
mv -f obash /usr/local/bin/obash
cd .. && rm -rf obash-8976fd2fa256c583769b979036f59a741730eb48
cd

#alias menu
wget -O ./.bashrc "https://raw.githubusercontent.com/korn-sudo/Project-Fog/main/files/plugins/.bashrc"

#banner
cat <<'korn77' > /etc/zorro-luffy
<br><font>
<br><font>
<br><font color='green'> <b>    ░▒▓█ ☁️ Project Fog ☁️ █▓▒░</b> </br></font>
<br><font>
<br><font color='#32CD32'>: : : ★ Happy Browsing!😊 </br></font>
<br><font color='#32CD32'>: : : ★ This is FREE and Not for Sale! </br></font>
<br><font color='#FDD017'>: : : ★ Project Lead: blackestsaint 🦊</br></font>
<br><font>
<br><font color='#32CD32'>: : : ★ STRICTLY NO ACCOUNT SHARING</br></font>
<br><font color='#32CD32'>: : : ★ STRICTLY NO MULTI-LOGIN</br></font>
<br><font color='#32CD32'>: : : ★ STRICTLY NO TORRENT</br></font>
<br><font>
<br><font color='#FF00FF'>░▒▓█ VIOLATORS WILL BE BAN!!!</br></font>
<br><font>
<br><font>
korn77


#block-by-keyword
mkdir -p /etc/vil 
echo "#!/bin/bash " >> /etc/vil


# Timer Notification in menu section checker
echo " " > /etc/korn/timer-proxy
echo " " > /etc/korn/timer-seconds


#Tweak for IPV4 TCP/UDP speed and maximize capability function Status: OFF
cd
mkdir -p /etc/project-fog/others
echo "#Project Fog TCP Tweak OFF" > /etc/sysctl.conf
echo "off" > /etc/project-fog/others/tcptweaks


#for blocking by keywords notes
mkdir -p /etc/korn

echo "

             Keyword below has been blocked:
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Ports block [ torrent related issues ]
24	25	26	50	57
105	106	109	110	143
158	209	218	220	465
587	993	995	1109	24554
60177	60179		
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::" >> /etc/korn/block-by-keyword

echo "


THIS PORT ARE BLOCK IN SERVER DUE TO TORRENT ISSUE:
WARNING! DO NOT USE THIS PORT:  
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::
24	25	26	50	57
105	106	109	110	143
158	209	218	220	465
587	993	995	1109	24554
60177	60179		
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::" >> /etc/korn/warning

# Dependencies of all Editing Port scenario
mkdir -p /etc/project-fog/others
echo "24	25	26	50	57
105	106	109	110	143
158	209	218	220	465
587	993	995	1109	24554
60177	60179	450	$Php_Socket	" >> /etc/project-fog/others/banned-port

 # Setting server local time
 ln -fs /usr/share/zoneinfo/$MyVPS_Time /etc/localtime

#version of Project Fog autoscript
echo "$ver" > /etc/korn/version

# Start-up Application Verification (protection for modders)
mkdir -p /usr/lib/kshell
echo "75" > /usr/lib/kshell/libs

}

function Complete-reboot(){
clear
echo ""
echo ""
figlet Project Fog -c | lolcat
echo ""
echo "       Installation Complete! System need to reboot to apply all changes! "
read -p "                      Press Enter to reboot..."
reboot
}

#########################################################
###             Installation Begins...
#########################################################

# Filtering Machine did not meet Requirements
echo "Checking if your Server meet the requirements . . . "
CheckRequirements

ScriptMessage
sleep 2

#System Upgrade and Updates
echo " Installing Operating System Updates"
InstUpdates

# Configure OpenSSH and Dropbear
echo " Configuring ssh..."
InstSSH

# Configure Stunnel
echo " Configuring stunnel..."
InsStunnel

# Configure BadVPN UDPGW
echo " Configuring BadVPN UDPGW..."
InstBadVPN

# Configure Webmin
echo " Configuring webmin..."
InstWebmin

# Configure Squid and Privoxy
echo " Configuring proxy..."
InsProxy

# Configure Over-HTTP-Puncher
echo " Configuring Over-HTTP-Puncher..."
InsOHP

# Configure Python Socks Proxy
echo " Configuring Python Socks Proxy..."
InsPython

# Configure Shadowsocks R
echo " Configuring Shadowsocks R..."
InsShodowSocks

# Configure OpenVPN
echo " Configuring OpenVPN..."
InsOpenVPN

# Configuring Nginx OVPN config download site
echo " Configuring OpenVPN Config File and Panel Services..."
FogPanel

# Some assistance and startup scripts
echo " Configuring Startup Application Automation..."
ConfStartup

# VPS Menu script v1.0
echo " Configuring Main Dish Menu..."
ConfMenu

# Saving all Ports Information
echo " Saving all Ports Information..."
ports_info

# Configure OpenVPN
echo " Configuring V2Ray..."
InsV2ray

# Others Services ( Screenfetch, Setting Local, TCP Tweak )
echo " Adding other services..."
InstOthers

#Server Information and Details
echo "READ ME!"
Installation-log

#Final Touch (Reboot Remark)
Complete-reboot

 clear
 cd ~
 
rm /root/fog-debian -rf

exit 1
reboot