最近在研究OpenVPN
然后想把自己的Evplex和ss-panel接入OpenVPN认证,于是就开始研究了

1. /etc/server.conf

# 添加下列行 会调用verify.sh进行认证并且不要求CA证书
auth-user-pass-verify ./verify.sh via-env
client-cert-not-required
username-as-common-name

# 添加下列行会调用connect和disconnect进行对链接的传入和传出进行控制
script-security 3 system
client-connect ./connect.sh
client-disconnect ./disconnect.sh

对disconnect.sh和connect.sh 的参数解释

Value NameMean
$bytes_received收到的流量
$bytes_sent发送的流量
$trusted_ip链接的IP
$trusted_port链接的端口
$ifconfig_pool_remote_ip链接者的IP
$common_name用户名

对面板的用户获取

大家知道 ss-panel的V3有webapi, Evplex当然也有webapi
Evplex的WebApi是为了接入更多类型的节点和方便不使用mysql作为数据库的用户

Main.py:
---
import Config
import urllib
import json
import time

def main():
    API_obj  = urllib.urlopen(Config.API_URL + "users?key=" + Config.API_PASS)

    API_json = json.load(API_obj)
    user_list = []
    if API_json["ret"]:
        for item in API_json["data"]:
            if item["enable"]:
                user_list.append(item["user_name"] + " " + item["passwd"])
    with open(Config.STOAGE_PATH, "w") as file:
        file.write("\n".join(user_list))
        
if __name__ == "__main__":
    while True:
        main()
        time.sleep(Config.RSYNC_TIME * 60)
---

Config.py
---
API_URL     = "http://127.0.0.1:8000/api/"
API_PASS    = "Pleasechangeit"

STOAGE_PATH = "users"
RSYNC_TIME  = 0.1                       # min
---

标签: linux, python, proxy, openvpn

评论已关闭

Debug: IPAddress: 10.42.255.194 Infos: Array ( [0] => 局域网 [1] => 局域网 [2] => [3] => )