Indlela yokusebenzisa i-AntispamSniper yeThe Bat!

Abanye abasebenzisi banesithakazelo ekwakheni inethiwekhi yangasese yangasese phakathi kwama-computer amabili. Inikeza lo msebenzi ngosizo lwe-VPN ubuchwepheshe (Inethiwekhi Yobumfihlo Ye-Virtual). Ukuxhumeka kuqaliswa ngamasevisi nezinhlelo ezivulekile noma ezivaliwe. Ngemva kokufaka ngempumelelo nokucushwa kwazo zonke izingxenye, inqubo ingacatshangwa iphelele, nokuxhumeka - kuphephile. Ngaphezu kwalokho, singathanda ukuxoxa ngokuningiliziwe ukuqaliswa kobuchwepheshe obucatshangelwayo ngokusebenzisa ikhasimende le-OpenVPN ohlelweni lokusebenza olusekelwe ku-Linux kernel.

Faka i-OpenVPN ku-Linux

Njengoba abasebenzisi abaningi basebenzisa ukunikezwa okusekelwe ku-Ubuntu, namuhla imiyalo izosuselwa kulezi zinguqulo. Kwezinye izimo, umehluko oyinhloko ekufakweni nasekusetshenzisweni kwe-OpenVPN ngeke ubone, ngaphandle kokuthi ulandele i-syntax yokusatshalaliswa, ongayifunda mayelana nemibhalo esemthethweni yesistimu yakho. Sinikeza wena ukuba uzijwayele yonke inqubo ngesinyathelo ngesinyathelo ukuze uqonde ngokuningiliziwe isenzo ngasinye.

Qinisekisa ukukhumbula ukuthi ukusebenza kwe-OpenVPN kubonakala ngamanothi amabili (ikhompyutha noma iseva), okusho ukuthi ukufakwa nokucushwa kusebenza kubo bonke abahlanganyeli ekuxhumaneni. Isifundo sethu esilandelayo sizogxila ekusebenzeni nemithombo emibili.

Isinyathelo 1: Faka i-OpenVPN

Yiqiniso, kufanele uqale ngokungeza yonke imilayibhuku edingekayo kumakhompyutha. Lungiselela ukuqinisekisa ukuthi umsebenzi ozosetshenziswa uzokwakhiwa kuphela kwi-OS. "Isikhumbuzo".

  1. Vula imenyu bese uqala i-console. Ungenza lokhu ngokucindezela inhlanganisela yokhiye I-Ctrl + Alt + T.

  2. Bhalisa iqembuSudo apt faka openvpn lula-rsaukufaka zonke izinto ezidingekayo. Ngemva kokungena uchofoze Ngena.

  3. Cacisa iphasiwedi ye-akhawunti engaphezulu. Izinhlamvu zokudayela aziveli ebhokisini.

  4. Qinisekisa ukwengeza kwamafayela amasha ngokukhetha inketho efanele.

Iya kwisinyathelo esilandelayo kuphela uma ukufakwa kwenziwa kumadivayisi womabili.

Isinyathelo 2: Ukudala nokulungisa Isiphathimandla Sokuqinisekiswa

Isikhungo sokucacisa sinesibopho sokuqinisekisa okhiye bomphakathi futhi inikeza ukubethela okuqinile. Idalwe kudivayisi lapho abanye abasebenzisi abazokuxhuma kamuva, ngakho vula i-console kwi-PC oyifunayo bese ulandela lezi zinyathelo:

  1. Ifolda yokugcina zonke izinkomba idala kuqala. Ungayifaka noma kuphi, kodwa kungcono ukuthola indawo ephephile. Sebenzisa kulo myalosudo mkdir / njll / openvpn / lula-rsakuphi / njll / openvpn / lula-rsa - Indawo yokudala isiqondisi.

  2. Okuqhubekayo kule folda kuyadingeka ukuthi ufake izikripthi ezongezwayo ezilula, futhi lokhu kwenziwasudo cp -R / usr / share / kulula-rsa / njll / openvpn /.

  3. Isikhungo sesitifiketi sidalwe esihlalweni esilungile. Okokuqala iya kule folda.cd / njll / openvpn / lula-rsa /.

  4. Bese unamathisela umyalo olandelayo ensimini:

    sudo -i
    # umthombo ./vars
    # ./clean-all
    # ./build-ca

Ngenkathi ikhompyutha yevava ingasala yodwa futhi ithuthele kumadivayisi amaklayenti.

Isinyathelo 3: Lungiselela izitifikedi zeKlayenti

Imfundo, ozoyijwayele ngezansi, kuzodingeka iqhutshwe kukhompyutha ngayinye iklayenti ukuze uhlele ukuxhumana okuphephile okusebenza kahle.

  1. Vula i-console bese ubhala umyalo lapho.sudo cp -R / usr / share / kulula-rsa / njll / openvpn /ukukopisha zonke izikripthi zethuluzi ezidingekayo.

  2. Ngaphambilini, ifayela lesitifiketi ehlukile lakhiwa kwi-PC yesiphakeli. Manje kufanele ikopishwe futhi ifakwe kufolda nezinye izingxenye. Indlela elula yokwenza lokhu iwukuba umyalo.sudo scp lomsebenzisi @ host: /etc/openvpn/easy-rsa/keys/ca.crt / njll / openvpn / lula-rsa / ukhiyekuphi igama lomsebenzisi @ umphathi - ikheli lemishini okumele uyilande.

  3. Ihlala kuphela ukudala ukhiye wemfihlo yomuntu siqu ukuze esikhathini esizayo ixhunywe kuyo. Yenza lokhu ngokuya kufolda yesitoreji script.cd / njll / openvpn / lula-rsa /.

  4. Ukwakha ifayela, sebenzisa umyalo:

    sudo -i
    # umthombo ./vars
    # ukwakha ama-Lumpics

    Ama-Lumpics kulesi simo, igama lefayela elicacisiwe. Isihluthulelo esakhiwe kumele sibe sesimenenja efanayo nezinye izihluthulelo.

  5. Ihlala kuphela ukuthumela ukhiye wokufinyelela okulungele kudivayisi yesiphakeli ukuqinisekisa ubuqiniso bokuxhumeka kwayo. Lokhu kwenziwa ngosizo lomyalo ofanayo lapho ukulanda kwenziwe khona. Udinga ukungenascp /etc/openvpn/easy-rsa/keys/Lumpics.csr lomsebenzisi @ umphathi: ~ /kuphi igama lomsebenzisi @ umphathi - igama lekhompyutha ukuthumela, futhi Lumpics.csr - igama lefayela elinesihluthulelo.

  6. Ku-PC yesiphakeli, vumela ukhiye nge-intanethi./sign-req ~ / Lumpicskuphi Ama-Lumpics - igama lefayela. Ngemuva kwalokho, buyisela emuva idokhumentisudo scp lomsebenzisi @ host: /home/Lumpics.crt / njll / openvpn / lula-rsa / okhiye.

Lokhu kungukuphela kwawo wonke umsebenzi wokuqala, konke okusele ukuletha i-OpenVPN ngokwayo esimweni esivamile futhi ungaqala ukusebenzisa uxhumano oluyimfihlo oluyimfihlo nomunye noma amaklayenti amaningi.

Isinyathelo 4: Lungiselela i-OpenVPN

Umhlahlandlela olandelayo uzosebenza kokubili iklayenti nesiphakeli. Sizohlukanisa konke ngokwezenzo futhi sixwayise mayelana noshintsho lwemishini, ngakho-ke kufanele ulandele imiyalelo.

  1. Okokuqala, dala ifayela lokumisa kwi-PC iseva usebenzisa umyalozcat /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz | sudo tee /etc/openvpn/server.conf. Uma uhlela amadivayisi wamakhasimende, leli fayela kuzodingeka lenziwe ngokuhlukile.

  2. Funda amanani ajwayelekile. Njengoba ungabona, i-port ne-protocol ifana ne-standard, kodwa ayikho imingcele eyengeziwe.

  3. Qalisa ifayela lokucushwa elakhiwe ngokusebenzisa umhlelisudo nano /etc/openvpn/server.conf.

  4. Ngeke singene emininingwaneni yokuguqula wonke amanani, ngoba kwezinye izimo zodwa, kodwa imigqa ejwayelekile efayeleni kufanele ibe khona, kodwa isithombe esifanayo sibonakala kanje:

    port 1194
    proto udp
    comp-lzo
    dev tun
    ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
    i-cert /etc/openvpn/easy-rsa/2.0/keys/ca.crt
    dh /etc/openvpn/easy-rsa/2.0/keys/dh2048.pem
    i-subnet ye-topology
    iseva 10.8.0.0 255.255.255.0
    ifconfig-pool-iqhubeka ipp.txt

    Ngemuva kokuthi zonke izinguquko ziqediwe, londoloza amasethingi bese uvale ifayela.

  5. Ukusebenza nesigaba se-server kuphelile. Vula i-OpenVPN ngokusebenzisa ifayela lokucushwa elikhiqiziweopenvpn /etc/openvpn/server.conf.

  6. Manje sizoqala amadivayisi wamakhasimende. Njengoba sekushiwo kakade, ifayela lesisethingi lidalwe lapha, kodwa manje alikhiphi, ngakho umyalo unamafomu alandelayo:sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/client.conf.

  7. Sebenzisa ifayela ngendlela efanayo njengoba kuboniswe ngenhla bese ubeka imigqa elandelayo lapho:

    iklayenti
    dev tun
    proto udp
    kude 194.67.215.125 1194
    i-resolv-zama futhi okungapheli
    nobind
    ukuphikelela-ukhiye
    ukuphikelela ku-tun
    ca /etc/openvpn/easy-rsa/keys/ca.crt
    i-cert /etc/openvpn/easy-rsa/keys/Sergiy.crt
    ukhiye /etc/openvpn/easy-rsa/keys/Sergiy.key
    tls-auth ta.key 1
    comp-lzo
    isenzo 3    .

    Uma ukuhlela kuqedile, qala i-OpenVPN:openvpn /etc/openvpn/client.conf.

  8. Bhalisa iqembuifconfigukuqinisekisa ukuthi uhlelo lusebenza. Phakathi kwazo zonke izindinganiso ezibonisiwe, kufanele kube nesimo esibonakalayo tun0.

Ukuze uqondise kabusha umgwaqo futhi uvule ukufinyelela kwe-inthanethi kuwo wonke amaklayenti kwi-PC yesiphakeli, kuzodingeka usebenze imiyalo engezansi ngezansi.

sysctl-net.ipv4.ip_forward = 1
Iptables -I-INPUT -p udp - imininingwane 1194 -j YAMAMELA
Ama-iptables -IQINISO -i-tun0 -o-eth0 -j YAMUKELA
Ama-iptables -I-IMIHLANGANO -i-eth0 -o-tun0 -j YAMUKELA
Iptables -n nat -A POSTROUTING -o eth0 -j MASQUERADE

Esihlokweni samanje, usungulwe ukufakwa nokucushwa kwe-OpenVPN kusehlangothini leseva nekhasimende. Sikukwazisa ukuba unake izaziso eziboniswe kuyo "Isikhumbuzo" futhi uhlole amaphutha amakhodi, uma kukhona. Izenzo ezifanayo zizosiza ukugwema izinkinga ezengeziwe ngokuxhumana, ngoba isisombululo sokusebenza senkinga sivimbela ukuvela kwezinye izinkinga ezibangelwa.

Okuthunyelwe Popular

https://termotools.com zu.termotools.com © I-Bat! 2024