最近在研究OpenVPN 然后想把自己的Evplex和ss-panel接入OpenVPN认证,于是就开始研究了

1. /etc/server.conf

1# 添加下列行 会调用verify.sh进行认证并且不要求CA证书
2auth-user-pass-verify ./verify.sh via-env
3client-cert-not-required
4username-as-common-name
5
6# 添加下列行会调用connect和disconnect进行对链接的传入和传出进行控制
7script-security 3 system
8client-connect ./connect.sh
9client-disconnect ./disconnect.sh

对disconnect.sh和connect.sh 的参数解释

Value NameMean
$bytes_received收到的流量
$bytes_sent发送的流量
$trusted_ip链接的IP
$trusted_port链接的端口
$ifconfig_pool_remote_ip链接者的IP
$common_name用户名

对面板的用户获取

大家知道 ss-panel的V3有webapi, Evplex当然也有webapi Evplex的WebApi是为了接入更多类型的节点和方便不使用mysql作为数据库的用户

 1Main.py:
 2---
 3import Config
 4import urllib
 5import json
 6import time
 7
 8def main():
 9    API_obj  = urllib.urlopen(Config.API_URL + "users?key=" + Config.API_PASS)
10
11    API_json = json.load(API_obj)
12    user_list = []
13    if API_json["ret"]:
14        for item in API_json["data"]:
15            if item["enable"]:
16                user_list.append(item["user_name"] + " " + item["passwd"])
17    with open(Config.STOAGE_PATH, "w") as file:
18        file.write("\n".join(user_list))
19        
20if __name__ == "__main__":
21    while True:
22        main()
23        time.sleep(Config.RSYNC_TIME * 60)
24---
25
26Config.py
27---
28API_URL     = "http://127.0.0.1:8000/api/"
29API_PASS    = "Pleasechangeit"
30
31STOAGE_PATH = "users"
32RSYNC_TIME  = 0.1                       # min
33---