#!/bin/bash # Orignal Script JohnFordTV's VPN Premium Script # © Github.com/johndesu090 # Orignal Repository: https://github.com/johndesu090/AutoScriptDB # Modified By PR Aiman # Telegram: https://t.me/PR_Aiman # Thanks for using this script, Enjoy Highspeed OpenVPN Service ############################# ############################# # Variables (Can be changed depends on your preferred values) # Script name MyScriptName='Revolution Become True' MYIP=$(wget -qO- icanhazip.com); MYIP2="s/xxxxxxxxx/$MYIP/g"; # OpenSSH Ports SSH_Port1='22' SSH_Port2='226' # Your SSH Banner SSH_Banner='https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Plugins/issue.net' # Dropbear Ports Dropbear_Port1='442' Dropbear_Port2='110' # Stunnel Ports Stunnel_Port1='443' # through Dropbear Stunnel_Port2='444' # through OpenSSH # OpenVPN Ports OpenVPN_TCP_Port='1194' OpenVPN_UDP_Port='445' # Privoxy Ports Privoxy_Port1='9000' Privoxy_Port2='9999' # Squid Ports Squid_Port1='3128' Squid_Port2='8080' Squid_Port3='8000' # OpenVPN Config Download Port OvpnDownload_Port='85' # Before changing this value, please read this document. It contains all unsafe ports for Google Chrome Browser, please read from line #23 to line #89: https://chromium.googlesource.com/chromium/src.git/+/refs/heads/raw/master/net/base/port_util.cc # Server local time MyVPS_Time='Asia/Kuala_Lumpur' ############################# # Install curl & wget apt-get install wget -y apt-get install curl -y #Install Iptables Rules apt-get install netfilter-persistent -y ############################# ############################# ## All function used for this script ############################# ## WARNING: Do not modify or edit anything ## if you did'nt know what to do. ## This part is too sensitive. ############################# ############################# function InstUpdates(){ export DEBIAN_FRONTEND=noninteractive apt update -y apt upgrade -y apt-get update -y apt-get upgrade -y # Install Ssl & Certificates apt install ssl-cert -y apt install ca-certificates -y # Removing some firewall tools that may affect other services apt-get remove --purge ufw firewalld -y apt-get remove --purge exim4 -y # Installing some important machine essentials apt-get install nano -y apt-get install zip -y apt-get install unzip -y apt-get install tar -y apt-get install gzip -y apt-get install p7zip-full -y apt-get install bc -y apt-get install rc -y apt-get install openssl -y apt-get install cron -y apt-get install net-tools -y apt-get install dnsutils -y apt-get install dos2unix -y apt-get install screen -y apt-get install bzip2 -y apt-get install ccrypt -y # Now installing all our wanted services apt-get install dropbear -y apt-get install stunnel4 -y apt-get install privoxy -y apt-get install ca-certificates -y apt-get install nginx -y apt-get install ruby -y apt-get install apt-transport-https -y apt-get install lsb-release -y apt-get install squid3 -y apt-get install squid -y # Installing all required packages to install Webmin apt-get install perl -y apt-get install libnet-ssleay-perl -y apt-get install openssl -y apt-get install libauthen-pam-perl -y apt-get install libpam-runtime -y apt-get install libio-pty-perl -y apt-get install apt-show-versions -y apt-get install python -y apt-get install dbus -y apt-get install libxml-parser-perl -y apt-get install shared-mime-info -y apt-get install jq -y apt-get install fail2ban -y # Installing a text colorizer gem install lolcat # Trying to remove obsolette packages after installation apt-get autoremove -y # go to root cd # Edit file /etc/systemd/system/rc-local.service cat > /etc/systemd/system/rc-local.service <<-END [Unit] Description=/etc/rc.local ConditionPathExists=/etc/rc.local [Service] Type=forking ExecStart=/etc/rc.local start TimeoutSec=0 StandardOutput=tty RemainAfterExit=yes SysVStartPriority=99 [Install] WantedBy=multi-user.target END # nano /etc/rc.local cat > /etc/rc.local <<-END #!/bin/sh -e # rc.local # By default this script does nothing. exit 0 END # Change Permission Access chmod +x /etc/rc.local # enable rc local systemctl enable rc-local systemctl start rc-local.service # disable ipv6 echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6 sed -i '$ i\echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6' /etc/rc.local # Installing OpenVPN by pulling its repository inside sources.list file rm -rf /etc/apt/sources.list.d/openvpn* echo "deb http://build.openvpn.net/debian/openvpn/stable $(lsb_release -sc) main" > /etc/apt/sources.list.d/openvpn.list wget -qO - http://build.openvpn.net/debian/openvpn/stable/pubkey.gpg|apt-key add - apt-get update -y apt-get install openvpn -y } function InstWebmin(){ # Download the webmin .deb package # You may change its webmin version depends on the link you've loaded in this variable(.deb file only, do not load .zip or .tar.gz file): apt-get install apt-transport-https -y apt-get install gnupg2 -y apt-get install curl -y sudo echo "deb https://download.webmin.com/download/repository sarge contrib" \ > /etc/apt/sources.list.d/webmin.list curl https://download.webmin.com/jcameron-key.asc | sudo apt-key add - # Installing .deb package for webmin apt-get update -y apt-get install webmin -y # Configuring webmin server config to use only http instead of https sed -i 's|ssl=1|ssl=0|g' /etc/webmin/miniserv.conf # Then restart to take effect systemctl restart webmin } function InstSSH(){ # Removing some duplicated sshd server configs rm -f /etc/ssh/sshd_config* # Creating a SSH server config using cat eof tricks cat <<'MySSHConfig' > /etc/ssh/sshd_config # My OpenSSH Server config Port myPORT1 Port myPORT2 AddressFamily inet ListenAddress 0.0.0.0 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key PermitRootLogin yes MaxSessions 1024 PubkeyAuthentication yes PasswordAuthentication yes PermitEmptyPasswords no ChallengeResponseAuthentication no UsePAM yes X11Forwarding yes PrintMotd no ClientAliveInterval 240 ClientAliveCountMax 2 UseDNS no Banner /etc/banner AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server MySSHConfig # Now we'll put our ssh ports inside of sshd_config sed -i "s|myPORT1|$SSH_Port1|g" /etc/ssh/sshd_config sed -i "s|myPORT2|$SSH_Port2|g" /etc/ssh/sshd_config # Download our SSH Banner rm -f /etc/banner wget -qO /etc/banner "$SSH_Banner" dos2unix -q /etc/banner # My workaround code to remove `BAD Password error` from passwd command, it will fix password-related error on their ssh accounts. sed -i '/password\s*requisite\s*pam_cracklib.s.*/d' /etc/pam.d/common-password sed -i 's/use_authtok //g' /etc/pam.d/common-password # Some command to identify null shells when you tunnel through SSH or using Stunnel, it will fix user/pass authentication error on HTTP Injector, KPN Tunnel, eProxy, SVI, HTTP Proxy Injector etc ssh/ssl tunneling apps. sed -i '/\/bin\/false/d' /etc/shells sed -i '/\/usr\/sbin\/nologin/d' /etc/shells echo '/bin/false' >> /etc/shells echo '/usr/sbin/nologin' >> /etc/shells # Restarting openssh service systemctl restart ssh # Removing some duplicate config file rm -rf /etc/default/dropbear* # creating dropbear config using cat eof tricks cat <<'MyDropbear' > /etc/default/dropbear # My Dropbear Config NO_START=0 DROPBEAR_PORT=PORT01 DROPBEAR_EXTRA_ARGS="-p PORT02" DROPBEAR_BANNER="/etc/banner" DROPBEAR_RSAKEY="/etc/dropbear/dropbear_rsa_host_key" DROPBEAR_DSSKEY="/etc/dropbear/dropbear_dss_host_key" DROPBEAR_ECDSAKEY="/etc/dropbear/dropbear_ecdsa_host_key" DROPBEAR_RECEIVE_WINDOW=65536 MyDropbear # Now changing our desired dropbear ports sed -i "s|PORT01|$Dropbear_Port1|g" /etc/default/dropbear sed -i "s|PORT02|$Dropbear_Port2|g" /etc/default/dropbear # Restarting dropbear service systemctl restart dropbear } function InsStunnel(){ StunnelDir=$(ls /etc/default | grep stunnel | head -n1) # Creating stunnel startup config using cat eof tricks cat <<'MyStunnelD' > /etc/default/$StunnelDir # My Stunnel Config ENABLED=1 FILES="/etc/stunnel/*.conf" OPTIONS="" BANNER="/etc/banner" PPP_RESTART=0 # RLIMITS="-n 4096 -d unlimited" RLIMITS="" MyStunnelD # Removing all stunnel folder contents rm -rf /etc/stunnel/* # Creating stunnel certifcate using openssl openssl req -new -x509 -days 9999 -nodes -subj "/C=PH/ST=NCR/L=Kuala_Lumpur/O=$MyScriptName/OU=$MyScriptName/CN=$MyScriptName" -out /etc/stunnel/stunnel.pem -keyout /etc/stunnel/stunnel.pem &> /dev/null ## > /dev/null 2>&1 # Creating stunnel server config cat <<'MyStunnelC' > /etc/stunnel/stunnel.conf # My Stunnel Config pid = /var/run/stunnel.pid cert = /etc/stunnel/stunnel.pem client = no socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 TIMEOUTclose = 0 [dropbear] accept = Stunnel_Port1 connect = 127.0.0.1:dropbear_port_c [openssh] accept = Stunnel_Port2 connect = 127.0.0.1:openssh_port_c MyStunnelC # setting stunnel ports sed -i "s|Stunnel_Port1|$Stunnel_Port1|g" /etc/stunnel/stunnel.conf sed -i "s|dropbear_port_c|$(netstat -tlnp | grep -i dropbear | awk '{print $4}' | cut -d: -f2 | xargs | awk '{print $2}' | head -n1)|g" /etc/stunnel/stunnel.conf sed -i "s|Stunnel_Port2|$Stunnel_Port2|g" /etc/stunnel/stunnel.conf sed -i "s|openssh_port_c|$(netstat -tlnp | grep -i ssh | awk '{print $4}' | cut -d: -f2 | xargs | awk '{print $2}' | head -n1)|g" /etc/stunnel/stunnel.conf sed -i 's/ENABLED=0/ENABLED=1/g' /etc/default/stunnel4 } function InsOpenVPN(){ # Checking if openvpn folder is accidentally deleted or purged if [[ ! -e /etc/openvpn ]]; then mkdir -p /etc/openvpn fi # Removing all existing openvpn server files rm -rf /etc/openvpn/* # Creating server.conf, ca.crt, server.crt and server.key cat <<'myOpenVPNconf' > /etc/openvpn/server_tcp.conf # OpenVPN TCP port OVPNTCP proto tcp dev tun ca /etc/openvpn/ca.crt cert /etc/openvpn/server.crt key /etc/openvpn/server.key dh /etc/openvpn/dh2048.pem verify-client-cert none username-as-common-name key-direction 0 plugin /etc/openvpn/plugins/openvpn-plugin-auth-pam.so login server 10.200.0.0 255.255.0.0 ifconfig-pool-persist ipp.txt push "route-method exe" push "route-delay 2" keepalive 10 120 comp-lzo user nobody group nogroup persist-key persist-tun status openvpn-status.log log tcp.log verb 2 ncp-disable cipher none auth none myOpenVPNconf cat <<'myOpenVPNconf2' > /etc/openvpn/server_udp.conf # OpenVPN UDP port OVPNUDP proto udp dev tun ca /etc/openvpn/ca.crt cert /etc/openvpn/server.crt key /etc/openvpn/server.key dh /etc/openvpn/dh2048.pem verify-client-cert none username-as-common-name key-direction 0 plugin /etc/openvpn/plugins/openvpn-plugin-auth-pam.so login server 10.201.0.0 255.255.0.0 ifconfig-pool-persist ipp.txt push "route-method exe" push "route-delay 2" keepalive 10 120 comp-lzo user nobody group nogroup persist-key persist-tun status openvpn-status.log log udp.log verb 2 ncp-disable cipher none auth none myOpenVPNconf2 cat <<'EOF7'> /etc/openvpn/ca.crt -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgIJAIxbDcvh6vPEMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD VQQGEwJQSDEPMA0GA1UECBMGVGFybGFjMRMwEQYDVQQHEwpDb25jZXBjaW9uMRMw EQYDVQQKEwpKb2huRm9yZFRWMRMwEQYDVQQLEwpKb2huRm9yZFRWMRIwEAYDVQQD EwlEZWJpYW5WUE4xHTAbBgNVBCkTFEpvaG4gRm9yZCBNYW5naWxpbWFuMSIwIAYJ KoZIhvcNAQkBFhNhZG1pbkBqb2huZm9yZHR2Lm1lMB4XDTE5MTEyNTA4MDUzMFoX DTI5MTEyMjA4MDUzMFowgbQxCzAJBgNVBAYTAlBIMQ8wDQYDVQQIEwZUYXJsYWMx EzARBgNVBAcTCkNvbmNlcGNpb24xEzARBgNVBAoTCkpvaG5Gb3JkVFYxEzARBgNV BAsTCkpvaG5Gb3JkVFYxEjAQBgNVBAMTCURlYmlhblZQTjEdMBsGA1UEKRMUSm9o biBGb3JkIE1hbmdpbGltYW4xIjAgBgkqhkiG9w0BCQEWE2FkbWluQGpvaG5mb3Jk dHYubWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf+WkN868YMiCl d3z1Tq2OeRNb6ljiRGzEi1qrIvj/gXq6o0QD0SD+Nf3QWJrrJYFi1GECq72PNFhy 2jLFgZH0RRLOVZfG+jwZ9itxofweiwALvgMdz2e+mpQItMxKh1ZYkzNw+4zJ7zJV u0Tq7YGPaMFPkLNU3V454rDYCdI8GG/wPDoW5FMc3FogI8fwylQvTWyE0yxHMxH6 FkISA5hOuSo6MO1FgAfDdNNwxa/MAbpHwJ+W6RBHv4lhE6bQePMCj/90pgt3NpxF i++qwpSRfOR6OuuyDr1c++z6qhjLB7YzDLzj+HXCyfsPWPj+gJ0+3ckhW4gf/nhR uB+BTd8fAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQULXGeDQBLXCPId0F3r/58FDCm jC4wgekGA1UdIwSB4TCB3oAULXGeDQBLXCPId0F3r/58FDCmjC6hgbqkgbcwgbQx CzAJBgNVBAYTAlBIMQ8wDQYDVQQIEwZUYXJsYWMxEzARBgNVBAcTCkNvbmNlcGNp b24xEzARBgNVBAoTCkpvaG5Gb3JkVFYxEzARBgNVBAsTCkpvaG5Gb3JkVFYxEjAQ BgNVBAMTCURlYmlhblZQTjEdMBsGA1UEKRMUSm9obiBGb3JkIE1hbmdpbGltYW4x IjAgBgkqhkiG9w0BCQEWE2FkbWluQGpvaG5mb3JkdHYubWWCCQCMWw3L4erzxDAM BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBZUpwZ+LQWAQI8VW3hdZVN WV+P12yYQ1UzyagtB3MqBR4aZhjk42NFBrwPZwpvWUXB0GB4DhBuvbVPtqnt5p4V sDtQ6vKYeDlE/KDGDc0oJDsgxo2wwIXy+y/14EDqidAVjtf1rk5MDAAEVvonHxkP 861kzoIOZ0+D7sJDo3aZ8uNy8UznrRSzLDT63o28DkL3iLASyt1GHWu05wYmgzsg m+w+AWvN5rL65mzyn/Bipf0I9snVB4saCgfy7TCI/4slOcMCNc2e6oOwOLvFA+s8 dZMt2qg62PEOj/LblYGD+qLn0xLRwqK0UWSmWobz5LXoxyssZLK2KiMkS41PHkfh -----END CERTIFICATE----- EOF7 cat <<'EOF9'> /etc/openvpn/server.crt Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: C=PH, ST=Tarlac, L=Concepcion, O=PR Aiman, OU=PR Aiman, CN=VPN/name=PR Aiman/emailAddress=admin@PR Aiman.me Validity Not Before: Nov 25 08:06:59 2019 GMT Not After : Nov 22 08:06:59 2029 GMT Subject: C=PH, ST=Tarlac, L=Concepcion, O=PR Aiman, OU=PR Aiman, CN=VPN/name=PR Aiman/emailAddress=admin@PR Aiman.me Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c6:6d:3d:64:58:08:e2:70:9b:a3:55:75:ec:5a: 6e:9d:bc:7c:45:f5:64:c5:f6:23:2e:b0:1f:28:2e: cb:60:8d:71:73:3d:c4:e6:f7:e3:36:0b:ad:9d:87: f5:4b:2f:85:5f:d8:c9:88:d9:86:4a:52:ce:2b:39: c6:b9:83:e0:7e:ab:8e:1f:2f:11:cc:08:15:12:62: dd:8d:94:b1:79:3c:52:d9:cb:0a:6a:db:64:8b:ff: c7:41:5c:cc:f9:18:4f:74:1a:e7:c1:b4:b8:89:fd: 56:5f:5c:65:c4:21:a8:08:98:3d:8e:35:44:b3:6f: 93:b5:01:59:b4:35:23:99:00:79:fa:44:df:b3:4c: 76:bf:3c:e4:f7:39:3e:50:e0:fe:85:8c:a0:e2:63: b1:ec:a3:32:cd:6b:9d:5a:0e:f6:66:92:ac:6f:15: 5e:bb:3a:48:d9:3d:63:94:ff:9c:fb:d2:fe:5a:11: b5:1a:c1:6c:8a:9e:d3:29:8d:d6:ff:fc:9f:9f:a4: ad:9d:a0:ca:2b:6f:63:47:7f:7b:3c:98:bf:14:18: 6c:36:38:7a:c3:5d:a9:5a:26:28:12:33:9d:17:1b: 6f:2f:5d:33:e7:b5:8f:57:3a:3a:29:57:6a:0e:9e: 84:7a:60:d9:9c:fb:c7:f3:f8:93:a7:cd:43:89:ec: 3f:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Cert Type: SSL Server Netscape Comment: Easy-RSA Generated Server Certificate X509v3 Subject Key Identifier: 50:31:04:C4:7A:47:C1:DA:46:CC:77:38:DE:1C:63:10:40:C3:80:22 X509v3 Authority Key Identifier: keyid:2D:71:9E:0D:00:4B:5C:23:C8:77:41:77:AF:FE:7C:14:30:A6:8C:2E DirName:/C=PH/ST=Tarlac/L=Concepcion/O=PR Aiman/OU=PR Aiman/CN=VPN/name=PR Aiman/emailAddress=admin@PR Aiman.me serial:8C:5B:0D:CB:E1:EA:F3:C4 X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Key Usage: Digital Signature, Key Encipherment X509v3 Subject Alternative Name: DNS:server Signature Algorithm: sha256WithRSAEncryption 87:59:21:fd:7d:41:c8:87:8f:ff:13:85:e9:ae:31:da:43:bc: 48:3b:32:41:ba:65:82:9e:76:25:cd:43:8b:fc:07:16:49:c3: 8d:bd:ad:bf:0e:f6:d3:53:35:de:f2:c6:a6:62:c2:79:e1:49: a5:ba:55:cf:b9:e9:58:d8:e5:02:96:0a:2a:97:7d:82:85:0b: 38:b5:dc:0d:6b:bd:51:a6:f7:3f:71:94:90:c9:ad:51:69:15: 24:58:04:99:96:69:40:9d:a1:9c:1c:a3:34:be:b9:c2:86:61: ab:18:03:9b:27:b1:9f:1d:a3:5e:29:47:16:6f:7e:55:62:93: 57:85:45:34:2c:cb:10:2c:da:f0:9a:ee:3d:b2:92:87:d4:7e: 1b:c7:66:22:e9:4c:a2:95:d0:df:32:1a:87:ce:8a:27:08:f2: 87:a9:e6:eb:16:37:71:35:37:4d:8c:0e:df:12:d3:e0:63:0a: 53:7d:c8:02:c5:34:c5:23:68:c3:ba:33:5b:ad:92:bd:e2:d0: 9d:bc:bd:bd:0d:64:50:0f:f4:bd:91:fc:10:e0:ec:01:e8:a1: 50:ed:79:bf:12:49:bc:a4:93:17:d6:71:ed:9e:99:f3:42:6d: 26:b3:2d:ac:32:62:98:71:d1:e4:83:6c:58:02:e6:49:b6:c9: 73:76:eb:8b -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgIBATANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCUEgx DzANBgNVBAgTBlRhcmxhYzETMBEGA1UEBxMKQ29uY2VwY2lvbjETMBEGA1UEChMK Sm9obkZvcmRUVjETMBEGA1UECxMKSm9obkZvcmRUVjESMBAGA1UEAxMJRGViaWFu VlBOMR0wGwYDVQQpExRKb2huIEZvcmQgTWFuZ2lsaW1hbjEiMCAGCSqGSIb3DQEJ ARYTYWRtaW5Aam9obmZvcmR0di5tZTAeFw0xOTExMjUwODA2NTlaFw0yOTExMjIw ODA2NTlaMIG0MQswCQYDVQQGEwJQSDEPMA0GA1UECBMGVGFybGFjMRMwEQYDVQQH EwpDb25jZXBjaW9uMRMwEQYDVQQKEwpKb2huRm9yZFRWMRMwEQYDVQQLEwpKb2hu Rm9yZFRWMRIwEAYDVQQDEwlEZWJpYW5WUE4xHTAbBgNVBCkTFEpvaG4gRm9yZCBN YW5naWxpbWFuMSIwIAYJKoZIhvcNAQkBFhNhZG1pbkBqb2huZm9yZHR2Lm1lMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxm09ZFgI4nCbo1V17Fpunbx8 RfVkxfYjLrAfKC7LYI1xcz3E5vfjNgutnYf1Sy+FX9jJiNmGSlLOKznGuYPgfquO Hy8RzAgVEmLdjZSxeTxS2csKattki//HQVzM+RhPdBrnwbS4if1WX1xlxCGoCJg9 jjVEs2+TtQFZtDUjmQB5+kTfs0x2vzzk9zk+UOD+hYyg4mOx7KMyzWudWg72ZpKs bxVeuzpI2T1jlP+c+9L+WhG1GsFsip7TKY3W//yfn6StnaDKK29jR397PJi/FBhs Njh6w12pWiYoEjOdFxtvL10z57WPVzo6KVdqDp6EemDZnPvH8/iTp81Diew/0wID AQABo4IBmDCCAZQwCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAwNAYJYIZI AYb4QgENBCcWJUVhc3ktUlNBIEdlbmVyYXRlZCBTZXJ2ZXIgQ2VydGlmaWNhdGUw HQYDVR0OBBYEFFAxBMR6R8HaRsx3ON4cYxBAw4AiMIHpBgNVHSMEgeEwgd6AFC1x ng0AS1wjyHdBd6/+fBQwpowuoYG6pIG3MIG0MQswCQYDVQQGEwJQSDEPMA0GA1UE CBMGVGFybGFjMRMwEQYDVQQHEwpDb25jZXBjaW9uMRMwEQYDVQQKEwpKb2huRm9y ZFRWMRMwEQYDVQQLEwpKb2huRm9yZFRWMRIwEAYDVQQDEwlEZWJpYW5WUE4xHTAb BgNVBCkTFEpvaG4gRm9yZCBNYW5naWxpbWFuMSIwIAYJKoZIhvcNAQkBFhNhZG1p bkBqb2huZm9yZHR2Lm1lggkAjFsNy+Hq88QwEwYDVR0lBAwwCgYIKwYBBQUHAwEw CwYDVR0PBAQDAgWgMBEGA1UdEQQKMAiCBnNlcnZlcjANBgkqhkiG9w0BAQsFAAOC AQEAh1kh/X1ByIeP/xOF6a4x2kO8SDsyQbplgp52Jc1Di/wHFknDjb2tvw7201M1 3vLGpmLCeeFJpbpVz7npWNjlApYKKpd9goULOLXcDWu9Uab3P3GUkMmtUWkVJFgE mZZpQJ2hnByjNL65woZhqxgDmyexnx2jXilHFm9+VWKTV4VFNCzLECza8JruPbKS h9R+G8dmIulMopXQ3zIah86KJwjyh6nm6xY3cTU3TYwO3xLT4GMKU33IAsU0xSNo w7ozW62SveLQnby9vQ1kUA/0vZH8EODsAeihUO15vxJJvKSTF9Zx7Z6Z80JtJrMt rDJimHHR5INsWALmSbbJc3briw== -----END CERTIFICATE----- EOF9 cat <<'EOF10'> /etc/openvpn/server.key -----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDGbT1kWAjicJuj VXXsWm6dvHxF9WTF9iMusB8oLstgjXFzPcTm9+M2C62dh/VLL4Vf2MmI2YZKUs4r Oca5g+B+q44fLxHMCBUSYt2NlLF5PFLZywpq22SL/8dBXMz5GE90GufBtLiJ/VZf XGXEIagImD2ONUSzb5O1AVm0NSOZAHn6RN+zTHa/POT3OT5Q4P6FjKDiY7HsozLN a51aDvZmkqxvFV67OkjZPWOU/5z70v5aEbUawWyKntMpjdb//J+fpK2doMorb2NH f3s8mL8UGGw2OHrDXalaJigSM50XG28vXTPntY9XOjopV2oOnoR6YNmc+8fz+JOn zUOJ7D/TAgMBAAECggEBALidRIRKwCFmIfhKeAfqb4aEqp8wXI0un7c9mA970i9I CijtbHh0ZEqRfPvXViqY0R/HBGM195LJDhb7j2BlSYaxOO7cjVNmpaxQnc+va5vf uzn1hgC7lQYIeSvgGrkbnDjrG3uHGDcSpLzeq7RamAs/Ee5wszW7dxLuabaXxkH/ owRXl6wvwD1WNGZsWJe8eP6GtBePm9+Ls5VLN0DPWyuJCFxhN/VpvvphECFt7EPF qY+ysAFqfSYkCyH7OklnLIx1jQ04iLbZ4HI+S9QH+w1261fDgCXAmf1kgXkgLaM6 4wK+e93JRyqw87NZZIKN3ooq35n6wAUaS2erIYQFjrkCgYEA5c6qeNORIuq4F1jP JS9aaXEjaAKIgw20qTyZfhQv6AhkJ7GASgWSdBIIfZQo1JG4EsXwqQ/0x9EwDOVu glTYMT3tMi0zrzMklYS1G8iQElywAfTro/8sngfimvkQeRljoNdlrzO4+knUXmV8 DymPDH6UGlhj2FwCFN+obhT1f48CgYEA3QrzBK+YRu6iqeMuifwXlcbUS/A+dBPJ qoYDzM6Zc0LYRTZSqhEHC8XkcQp/18LUxXFSrZXP2lcKmkqg4pgeAxALRLJW2pfz yAm1Hah5JXlvTjX4HnMTFL4fvB0oGZXsAimPNa/wUZvTSPYJRziZdEwVubW3AAxE THN3qxXoGX0CgYAWeSxwnnf+CygvmE7BmyzjTN4iiMTi1A9L0ZJNIxpAPbnVq+UY 2AynbzAHX9rSVuHCbDsJvXa5p7pkOHejJTrzLdQpaQQ56O119cFkUyvLr+bCejol EopBdhHyB9NVlGcKzqWyCYPYbinnhVMphG3p0eMX5Hb3LKBDfE/TXBdZ/wKBgEwe 3iup8M3Ulk3c/4TjPJgGvctc85Tzz4oa1qosJ6oKxgGnwHXyoTOLtay8CeSaor1P 1kITCl5NhUg3FQqTihpR5x+ELubeV0R3G1kYUIf4Nr1/Vm/d/x8wjisw+0M8Xucr urapXSAtgmho2i8drbLgFMc8bcXlc4vEY9yWEbTdAoGAMa6KTb0U9M47mpJb23zu WiO8mFqSPYAnhHmXOiBOPlCoVpRbPquk3Xq32g9KU97jPNrH4X2HKgYpboMTWYOJ kR3Y5UeFF1xurA/RXUEREcP1zg6Uei5aj7S4Sp7CVfIQCOpJ8S/I4CZdAcvwY+pI ZTC1+KZJbFyPwFcrIylEeBc= -----END PRIVATE KEY----- EOF10 cat <<'EOF13'> /etc/openvpn/dh2048.pem -----BEGIN DH PARAMETERS----- MIIBCAKCAQEAlrn8QcDrwXzqWCI7NMhPJVgEjdSxvyHw3EDVN8JrVfMegnvZA0VZ St3hduXTzlT7ceUGIxTJpM8RE6d3f1mMPnZJ4hBxJzzjrwMgSCupJrQDjSAIWGLZ elcmJS6WOAibpxzFIiPB6pRjoLaJF8b/J+YnO0bLUt1senWkg9ql8mU74VM1aG3A jOPztpLqYIRwla11bqAl4UcFLBI+PXAcPJsAIfzZ3DMn7aOa3Or6UjSmVQ8jGY/8 1F0T67NgB8U7FrOVNimRlWfSJ//FiJkP0PScHVX2NQ0Cgwdo+wekjoFN5xbPxicc LxNkdRPpCACgzdo1M77xVsurtfcxsz+RswIBAg== -----END DH PARAMETERS----- EOF13 # Getting all dns inside resolv.conf then use as Default DNS for our openvpn server grep -v '#' /etc/resolv.conf | grep 'nameserver' | grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | while read -r line; do echo "push \"dhcp-option DNS $line\"" >> /etc/openvpn/server_tcp.conf done # Creating a New update message in server.conf cat <<'NUovpn' > /etc/openvpn/server.conf # New Update are now released, OpenVPN Server # are now running both TCP and UDP Protocol. (Both are only running on IPv4) # But our native server.conf are now removed and divided # Into two different configs base on their Protocols: # * OpenVPN TCP (located at /etc/openvpn/server_tcp.conf # * OpenVPN UDP (located at /etc/openvpn/server_udp.conf # # Also other logging files like # status logs and server logs # are moved into new different file names: # * OpenVPN TCP Server logs (/etc/openvpn/tcp.log) # * OpenVPN UDP Server logs (/etc/openvpn/udp.log) # * OpenVPN TCP Status logs (/etc/openvpn/tcp_stats.log) # * OpenVPN UDP Status logs (/etc/openvpn/udp_stats.log) # # Server ports are configured base on env vars # executed/raised from this script (OpenVPN_TCP_Port/OpenVPN_UDP_Port) # # Enjoy the new update # Script Updated by PR Aiman NUovpn # setting openvpn server port sed -i "s|OVPNTCP|$OpenVPN_TCP_Port|g" /etc/openvpn/server_tcp.conf sed -i "s|OVPNUDP|$OpenVPN_UDP_Port|g" /etc/openvpn/server_udp.conf # Getting some OpenVPN plugins for unix authentication cd wget https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Plugins/plugin.tgz tar -xzvf /root/plugin.tgz -C /etc/openvpn/ rm -f plugin.tgz # Some workaround for OpenVZ machines for "Startup error" openvpn service if [[ "$(hostnamectl | grep -i Virtualization | awk '{print $2}' | head -n1)" == 'openvz' ]]; then sed -i 's|LimitNPROC|#LimitNPROC|g' /lib/systemd/system/openvpn* systemctl daemon-reload fi # Allow IPv4 Forwarding sed -i '/net.ipv4.ip_forward.*/d' /etc/sysctl.conf sed -i '/net.ipv4.ip_forward.*/d' /etc/sysctl.d/*.conf echo 'net.ipv4.ip_forward=1' > /etc/sysctl.d/20-openvpn.conf sysctl --system &> /dev/null # Iptables Rule for OpenVPN server cat <<'EOFipt' > /etc/openvpn/openvpn.bash #!/bin/bash PUBLIC_INET="$(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)' | head -1)" IPCIDR='10.200.0.0/16' IPCIDR2='10.201.0.0/16' iptables -I FORWARD -s $IPCIDR -j ACCEPT iptables -I FORWARD -s $IPCIDR2 -j ACCEPT iptables -t nat -A POSTROUTING -o $PUBLIC_INET -j MASQUERADE iptables -t nat -A POSTROUTING -s $IPCIDR -o $PUBLIC_INET -j MASQUERADE iptables -t nat -A POSTROUTING -s $IPCIDR2 -o $PUBLIC_INET -j MASQUERADE EOFipt chmod +x /etc/openvpn/openvpn.bash bash /etc/openvpn/openvpn.bash # Enabling IPv4 Forwarding echo 1 > /proc/sys/net/ipv4/ip_forward # Starting OpenVPN server systemctl start openvpn@server_tcp systemctl enable openvpn@server_tcp systemctl start openvpn@server_udp systemctl enable openvpn@server_udp } function InsProxy(){ # Removing Duplicate privoxy config rm -rf /etc/privoxy/config* # Creating Privoxy server config using cat eof tricks cat <<'privoxy' > /etc/privoxy/config # My Privoxy Server Config user-manual /usr/share/doc/privoxy/user-manual confdir /etc/privoxy logdir /var/log/privoxy filterfile default.filter logfile logfile listen-address 0.0.0.0:Privoxy_Port1 listen-address 0.0.0.0:Privoxy_Port2 toggle 1 enable-remote-toggle 0 enable-remote-http-toggle 0 enable-edit-actions 0 enforce-blocks 0 buffer-limit 4096 enable-proxy-authentication-forwarding 1 forwarded-connect-retries 1 accept-intercepted-requests 1 allow-cgi-request-crunching 1 split-large-forms 0 keep-alive-timeout 5 tolerate-pipelining 1 socket-timeout 300 permit-access 0.0.0.0/0 IP-ADDRESS privoxy # Setting machine's IP Address inside of our privoxy config(security that only allows this machine to use this proxy server) sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/privoxy/config # Setting privoxy ports sed -i "s|Privoxy_Port1|$Privoxy_Port1|g" /etc/privoxy/config sed -i "s|Privoxy_Port2|$Privoxy_Port2|g" /etc/privoxy/config # Removing Duplicate Squid config rm -rf /etc/squid/squid.con* # Creating Squid server config using cat eof tricks cat <<'mySquid' > /etc/squid/squid.conf # My Squid Proxy Server Config acl VPN dst IP-ADDRESS/32 http_access allow VPN http_access deny all http_port 0.0.0.0:Squid_Port1 http_port 0.0.0.0:Squid_Port2 http_port 0.0.0.0:Squid_Port3 ### Allow Headers request_header_access Allow allow all request_header_access Authorization allow all request_header_access WWW-Authenticate allow all request_header_access Proxy-Authorization allow all request_header_access Proxy-Authenticate allow all request_header_access Cache-Control allow all request_header_access Content-Encoding allow all request_header_access Content-Length allow all request_header_access Content-Type allow all request_header_access Date allow all request_header_access Expires allow all request_header_access Host allow all request_header_access If-Modified-Since allow all request_header_access Last-Modified allow all request_header_access Location allow all request_header_access Pragma allow all request_header_access Accept allow all request_header_access Accept-Charset allow all request_header_access Accept-Encoding allow all request_header_access Accept-Language allow all request_header_access Content-Language allow all request_header_access Mime-Version allow all request_header_access Retry-After allow all request_header_access Title allow all request_header_access Connection allow all request_header_access Proxy-Connection allow all request_header_access User-Agent allow all request_header_access Cookie allow all request_header_access All deny all ### HTTP Anonymizer Paranoid reply_header_access Allow allow all reply_header_access Authorization allow all reply_header_access WWW-Authenticate allow all reply_header_access Proxy-Authorization allow all reply_header_access Proxy-Authenticate allow all reply_header_access Cache-Control allow all reply_header_access Content-Encoding allow all reply_header_access Content-Length allow all reply_header_access Content-Type allow all reply_header_access Date allow all reply_header_access Expires allow all reply_header_access Host allow all reply_header_access If-Modified-Since allow all reply_header_access Last-Modified allow all reply_header_access Location allow all reply_header_access Pragma allow all reply_header_access Accept allow all reply_header_access Accept-Charset allow all reply_header_access Accept-Encoding allow all reply_header_access Accept-Language allow all reply_header_access Content-Language allow all reply_header_access Mime-Version allow all reply_header_access Retry-After allow all reply_header_access Title allow all reply_header_access Connection allow all reply_header_access Proxy-Connection allow all reply_header_access User-Agent allow all reply_header_access Cookie allow all reply_header_access All deny all ### CoreDump coredump_dir /var/spool/squid dns_nameservers 8.8.8.8 8.8.4.4 refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 visible_hostname PR Aiman mySquid # Setting machine's IP Address inside of our Squid config(security that only allows this machine to use this proxy server) sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/squid/squid.conf # Setting squid ports sed -i "s|Squid_Port1|$Squid_Port1|g" /etc/squid/squid.conf sed -i "s|Squid_Port2|$Squid_Port2|g" /etc/squid/squid.conf sed -i "s|Squid_Port3|$Squid_Port3|g" /etc/squid/squid.conf # Starting Proxy server echo -e "\e[0;37m Restarting proxy server..." systemctl restart squid } function OvpnConfigs(){ # Creating nginx config for our ovpn config downloads webserver cat <<'myNginxC' > /etc/nginx/conf.d/PR-Aiman-ovpn-config.conf # My OpenVPN Config Download Directory server { listen 0.0.0.0:myNginx; server_name localhost; root /var/www/openvpn; index index.html; } myNginxC # Setting our nginx config port for .ovpn download site sed -i "s|myNginx|$OvpnDownload_Port|g" /etc/nginx/conf.d/PR-Aiman-ovpn-config.conf # Removing Default nginx page(port 80) rm -rf /etc/nginx/sites-* # Creating our root directory for all of our .ovpn configs rm -rf /var/www/openvpn mkdir -p /var/www/openvpn # Now creating all of our OpenVPN Configs cat < /var/www/openvpn/client-tcp.ovpn # PR-Aiman's VPN Premium Script # © Github.com/praiman99 # Telegram : https://t.me/PR_Aiman # Official Repository : https://github.com/praiman99/AutoScriptVPN # Thanks for using this script, Enjoy Highspeed OpenVPN Service client dev tun proto tcp setenv FRIENDLY_NAME "Revolution Become True" remote $IPADDR $OpenVPN_TCP_Port remote-cert-tls server connect-retry infinite resolv-retry infinite nobind persist-key persist-tun auth-user-pass auth none auth-nocache cipher none comp-lzo redirect-gateway def1 setenv CLIENT_CERT 0 reneg-sec 0 verb 1 http-proxy xxxxxxxxx $Squid_Port1 http-proxy-option VERSION 1.1 http-proxy-option AGENT Chrome/80.0.3987.87 http-proxy-option CUSTOM-HEADER Host bug.com http-proxy-option CUSTOM-HEADER X-Forward-Host bug.com http-proxy-option CUSTOM-HEADER X-Forwarded-For bug.com http-proxy-option CUSTOM-HEADER Referrer bug.com dhcp-option DNS 8.8.8.8 dhcp-option DNS 8.8.4.4 $(cat /etc/openvpn/ca.crt) EOF16 cat < /var/www/openvpn/client-tcp-privoxy.ovpn # PR-Aiman's VPN Premium Script # © Github.com/praiman99 # Telegram : https://t.me/PR_Aiman # Official Repository : https://github.com/praiman99/AutoScriptVPN # Thanks for using this script, Enjoy Highspeed OpenVPN Service client dev tun proto tcp setenv FRIENDLY_NAME "Revolution Become True" remote $IPADDR $OpenVPN_TCP_Port remote-cert-tls server connect-retry infinite resolv-retry infinite nobind persist-key persist-tun auth-user-pass auth none auth-nocache cipher none comp-lzo redirect-gateway def1 setenv CLIENT_CERT 0 reneg-sec 0 verb 1 http-proxy xxxxxxxxx $Privoxy_Port1 http-proxy-option VERSION 1.1 http-proxy-option AGENT Chrome/80.0.3987.87 http-proxy-option CUSTOM-HEADER Host bug.com http-proxy-option CUSTOM-HEADER X-Forward-Host bug.com http-proxy-option CUSTOM-HEADER X-Forwarded-For bug.com http-proxy-option CUSTOM-HEADER Referrer bug.com dhcp-option DNS 8.8.8.8 dhcp-option DNS 8.8.4.4 $(cat /etc/openvpn/ca.crt) EOF16 cat < /var/www/openvpn/client-udp.ovpn # PR-Aiman's VPN Premium Script # © Github.com/praiman99 # Telegram : https://t.me/PR_Aiman # Official Repository : https://github.com/praiman99/AutoScriptVPN # Thanks for using this script, Enjoy Highspeed OpenVPN Service client dev tun proto udp setenv FRIENDLY_NAME "Revolution Become True" remote $IPADDR $OpenVPN_UDP_Port remote-cert-tls server resolv-retry infinite float fast-io nobind persist-key persist-remote-ip persist-tun auth-user-pass auth none auth-nocache cipher none comp-lzo redirect-gateway def1 setenv CLIENT_CERT 0 reneg-sec 0 verb 1 $(cat /etc/openvpn/ca.crt) EOF162 # Creating OVPN download site index.html cat <<'mySiteOvpn' > /var/www/openvpn/index.html PR Aiman OVPN Config Download
Config List

  • Revolution Become TrueAndroid/iOS/PC/Modem
    Config OVPN Protocol UDP

    Muat Turun
  • Revolution Become True Android/iOS/PC/Modem
    Config OVPN Protocol TCP+PROXY

    Muat Turun
  • Revolution Become True Android/iOS/PC/Modem
    Config OVPN Protocol TCP+PRIVOXY

    Muat Turun
mySiteOvpn # Setting template's correct name,IP address and nginx Port sed -i "s|NGINXPORT|$OvpnDownload_Port|g" /var/www/openvpn/index.html sed -i "s|IP-ADDRESS|$IPADDR|g" /var/www/openvpn/index.html # Restarting nginx service systemctl restart nginx # Creating all .ovpn config archives cd /var/www/openvpn zip -qq -r configs.zip *.ovpn cd } function ip_address(){ local IP="$( ip addr | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | egrep -v "^192\.168|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-2]\.|^10\.|^127\.|^255\.|^0\." | head -n 1 )" [ -z "${IP}" ] && IP="$( wget -qO- -t1 -T2 ipv4.icanhazip.com )" [ -z "${IP}" ] && IP="$( wget -qO- -t1 -T2 ipinfo.io/ip )" [ ! -z "${IP}" ] && echo "${IP}" || echo } IPADDR="$(ip_address)" function ConfStartup(){ # Daily reboot time of our machine # For cron commands, visit https://crontab.guru echo "10 0 * * * root clear-log && reboot" >> /etc/crontab # Creating directory for startup script rm -rf /etc/PR-Aiman mkdir -p /etc/PR-Aiman chmod -R 755 /etc/PR-Aiman # Creating startup script using cat eof tricks cat <<'EOFSH' > /etc/PR-Aiman/startup.sh #!/bin/bash # Setting server local time ln -fs /usr/share/zoneinfo/MyVPS_Time /etc/localtime # Prevent DOS-like UI when installing using APT (Disabling APT interactive dialog) export DEBIAN_FRONTEND=noninteractive # Allowing ALL TCP ports for our machine (Simple workaround for policy-based VPS) iptables -A INPUT -s $(wget -4qO- http://ipinfo.io/ip) -p tcp -m multiport --dport 1:65535 -j ACCEPT # Allowing OpenVPN to Forward traffic /bin/bash /etc/openvpn/openvpn.bash # Deleting Expired SSH Accounts /usr/local/sbin/delete_expired &> /dev/null exit 0 EOFSH chmod +x /etc/PR-Aiman/startup.sh # Setting server local time every time this machine reboots sed -i "s|MyVPS_Time|$MyVPS_Time|g" /etc/PR-Aiman/startup.sh # rm -rf /etc/sysctl.d/99* # Setting our startup script to run every machine boots cat <<'FordServ' > /etc/systemd/system/PR-Aiman.service [Unit] Description=PR-Aiman Startup Script Before=network-online.target Wants=network-online.target [Service] Type=oneshot ExecStart=/bin/bash /etc/PR-Aiman/startup.sh RemainAfterExit=yes [Install] WantedBy=multi-user.target FordServ chmod +x /etc/systemd/system/PR-Aiman.service systemctl daemon-reload systemctl start PR-Aiman systemctl enable PR-Aiman &> /dev/null systemctl enable fail2ban &> /dev/null systemctl start fail2ban &> /dev/null # Rebooting cron service systemctl restart cron systemctl enable cron } #Create Admin useradd -m RBT echo "RBT:123" | chpasswd function ConfMenu(){ echo -e "\e[0;37m Creating Menu scripts.." # Download Script cd /usr/local/sbin/ wget -O bench-network "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/bench-network" wget -O connections "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/connections" wget -O create "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/create" wget -O create_trial "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/create_trial" wget -O delete_expired "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/delete_expired" wget -O edit_dropbear "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/edit_dropbear" wget -O edit_openssh "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/edit_openssh" wget -O edit_openvpn "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/edit_openvpn" wget -O edit_ports "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/edit_ports" wget -O edit_squid3 "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/edit_squid3" wget -O edit_stunnel4 "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/edit_stunnel4" wget -O menu "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/menu" wget -O options "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/options" wget -O ram "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/ram" wget -O reboot_sys "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/reboot_sys" wget -O reboot_sys_auto "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/reboot_sys_auto" wget -O renew_account "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/renew_account" wget -O restart_services "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/restart_services" wget -O set_multilogin_autokill "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/set_multilogin_autokill" wget -O set_multilogin_autokill_lib "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/set_multilogin_autokill_lib" wget -O show_ports "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/show_ports" wget -O user_delete "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/user_delete" wget -O user_list "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/user_list" wget -O change_timezone "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/change_timezone" wget -O speedtest "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/speedtest_cli.py" chmod +x bench-network chmod +x connections chmod +x create chmod +x create_trial chmod +x delete_expired chmod +x edit_dropbear chmod +x edit_openssh chmod +x edit_openvpn chmod +x edit_ports chmod +x edit_squid3 chmod +x edit_stunnel4 chmod +x menu chmod +x options chmod +x ram chmod +x reboot_sys chmod +x reboot_sys_auto chmod +x renew_account chmod +x restart_services chmod +x set_multilogin_autokill chmod +x set_multilogin_autokill_lib chmod +x show_ports chmod +x user_delete chmod +x user_list chmod +x change_timezone chmod +x speedtest dos2unix ./* &> /dev/null sed -i 's|/etc/squid/squid.conf|g' ./* sed -i 's|http_port|g' ./* cd ~ } function ScriptMessage(){ echo -e "" echo -e "\e[0;37m $MyScriptName VPS Installer Version 3.0 Will Begin" echo -e "" sleep 0.5 echo -e "\e[0;37m Report Bugs https://t.me/PR_Aiman" echo -e "" sleep 0.5 echo -e "\e[0;37m Script installer will be begin now..." echo -e "" sleep 0.5 } function InstBadVPN(){ # Pull BadVPN Binary 64bit or 32bit if [ "$(getconf LONG_BIT)" == "64" ]; then wget -O /usr/bin/badvpn-udpgw "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Plugins/badvpn-udpgw64" else wget -O /usr/bin/badvpn-udpgw "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Plugins/badvpn-udpgw" fi # Set BadVPN to Start on Boot via .profile sed -i '$ i\screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300' /root/.profile # Change Permission to make it Executable chmod +x /usr/bin/badvpn-udpgw # Start BadVPN via Screen screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300 } ############################################# ############################################# ########## Installation Process############## ############################################# ## WARNING: Do not modify or edit anything ## if you did'nt know what to do. ## This part is too sensitive. ############################################# ############################################# # First thing to do is check if this machine is Debian source /etc/os-release if [[ "$ID" != 'debian' ]]; then ScriptMessage echo -e "[\e[1;31mError This script is for Debian or Ubuntu only, exiting..." exit 1 fi # Now check if our machine is in root user, if not, this script exits # If you're on sudo user, run `sudo su -` first before running this script if [[ $EUID -ne 0 ]];then ScriptMessage echo -e "[\e[1;31mError This script must be run as root, exiting..." exit 1 fi # (For OpenVPN) Checking it this machine have TUN Module, this is the tunneling interface of OpenVPN server if [[ ! -e /dev/net/tun ]]; then echo -e "[\e[1;31mError\e[0m] You cant use this script without TUN Module installed/embedded in your machine, file a support ticket to your machine admin about this matter" echo -e "[\e[1;31m-\e[0m] Script is now exiting..." exit 1 fi # Begin Installation by Updating and Upgrading machine and then Installing all our wanted packages/services to be install. ScriptMessage sleep 2 InstUpdates # Configure OpenSSH and Dropbear echo -e "\e[0;37m Configuring ssh..." InstSSH # Configure Stunnel echo -e "\e[0;37m Configuring stunnel..." InsStunnel # Configure BadVPN UDPGW echo -e "\e[0;37m Configuring BadVPN UDPGW..." InstBadVPN # Configure Webmin echo -e "\e[0;37m Configuring webmin..." InstWebmin # Configure Squid echo -e "\e[0;37m Configuring proxy..." InsProxy # Configure OpenVPN echo -e "\e[0;37m Configuring OpenVPN..." InsOpenVPN # Configuring Nginx OVPN config download site OvpnConfigs # Some assistance and startup scripts ConfStartup ## DNS maker plugin for Revolution Become True users(for vps script usage only) wget -qO dnsmaker "https://github.com/Bonveio/BonvScripts/blob/master/DNSMaster/debian-vps" chmod +x dnsmaker ./dnsmaker rm -rf dnsmaker sed -i "s|http-proxy $IPADDR|http-proxy $(cat /tmp/abonv_mydns)|g" /var/www/openvpn/client-tcp.ovpn sed -i "s|http-proxy $IPADDR|http-proxy $(cat /tmp/abonv_mydns)|g" /var/www/openvpn/client-tcp-privoxy.ovpn sed -i "s|remote $IPADDR|remote $(cat /tmp/abonv_mydns)|g" /var/www/openvpn/client-udp.ovpn curl -4sSL "$(cat /tmp/abonv_mydns_domain)" &> /dev/null mv /tmp/abonv_mydns /etc/bonveio/my_domain_name mv /tmp/abonv_mydns_id /etc/bonveio/my_domain_id rm -rf /tmp/abonv* # VPS Menu script v1.0 ConfMenu # Setting server local time ln -fs /usr/share/zoneinfo/$MyVPS_Time /etc/localtime clear cd ~ # Install DDOS Deflate cd apt-get -y install dnsutils dsniff wget "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Others/ddos-deflate-master.zip" unzip ddos-deflate-master.zip cd ddos-deflate-master ./install.sh cd rm -rf ddos-deflate-master.zip # Blocked Torrent iptables -A FORWARD -m string --string "get_peers" --algo bm -j DROP iptables -A FORWARD -m string --string "announce_peer" --algo bm -j DROP iptables -A FORWARD -m string --string "find_node" --algo bm -j DROP iptables -A FORWARD -m string --algo bm --string "BitTorrent" -j DROP iptables -A FORWARD -m string --algo bm --string "BitTorrent protocol" -j DROP iptables -A FORWARD -m string --algo bm --string "peer_id=" -j DROP iptables -A FORWARD -m string --algo bm --string ".torrent" -j DROP iptables -A FORWARD -m string --algo bm --string "announce.php?passkey=" -j DROP iptables -A FORWARD -m string --algo bm --string "torrent" -j DROP iptables -A FORWARD -m string --algo bm --string "announce" -j DROP iptables -A FORWARD -m string --algo bm --string "info_hash" -j DROP iptables-save > /etc/iptables.up.rules iptables-restore -t < /etc/iptables.up.rules netfilter-persistent save netfilter-persistent reload # Running screenfetch wget -O /usr/bin/screenfetch "https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Plugins/screenfetch" chmod +x /usr/bin/screenfetch echo "/bin/bash /etc/openvpn/openvpn.bash" >> .profile echo "clear" >> .profile echo "screenfetch" >> .profile #Swap Ram For Free Space wget https://github.com/praiman99/AutoScriptVPN/raw/master/Files/Menu/swapkvm && chmod +x swapkvm && ./swapkvm # Showing script's banner message ScriptMessage # Showing additional information from installating this script echo "" echo -e "\e[0;37m Installation has been completed!!" echo "--------------------------------------------------------------------------------" echo -e "\e[0;37m Debian Premium Script " echo -e "\e[0;37m -FordSenpai- " echo -e "\e[0;37m Modified The Script " echo -e "\e[0;37m -PR-Aiman- " echo "--------------------------------------------------------------------------------" echo "" | tee -a log-install.txt echo -e "\e[0;37m Server Information" | tee -a log-install.txt echo -e "\e[0;37m - Timezone : Asia/Kuala_Lumpur (GMT +8)" | tee -a log-install.txt echo -e "\e[0;37m - Fail2Ban : [ON]" | tee -a log-install.txt echo -e "\e[0;37m - IPtables : [ON]" | tee -a log-install.txt echo -e "\e[0;37m - Auto-Reboot : [ON]" | tee -a log-install.txt echo -e "\e[0;37m - IPv6 : [OFF]" | tee -a log-install.txt echo "" | tee -a log-install.txt echo -e "\e[0;37m Application & Port Information" | tee -a log-install.txt echo -e "\e[0;37m - OpenVPN : TCP $OpenVPN_TCP_Port UDP $OpenVPN_UDP_Port " | tee -a log-install.txt echo -e "\e[0;37m - OpenSSH : $SSH_Port1, $SSH_Port2 " | tee -a log-install.txt echo -e "\e[0;37m - Dropbear : $Dropbear_Port1, $Dropbear_Port2" | tee -a log-install.txt echo -e "\e[0;37m - Stunnel/SSL : $Stunnel_Port1, $Stunnel_Port2" | tee -a log-install.txt echo -e "\e[0;37m - Squid Proxy : $Squid_Port1 , $Squid_Port2 (limit to IP Server)" | tee -a log-install.txt echo -e "\e[0;37m - Squid ELITE : $Squid_Port3 (limit to IP Server)" | tee -a log-install.txt echo -e "\e[0;37m - Privoxy : $Privoxy_Port1 , $Privoxy_Port2 (limit to IP Server)" | tee -a log-install.txt echo "" | tee -a log-install.txt echo "" | tee -a log-install.txt echo -e "\e[0;37m Premium Script Information" | tee -a log-install.txt echo -e "\e[0;37m To display list of commands: menu" | tee -a log-install.txt echo "" | tee -a log-install.txt echo "" | tee -a log-install.txt echo -e "\e[0;37m Important Information" | tee -a log-install.txt echo -e "\e[0;37m - Installation Log : cat /root/log-install.txt" | tee -a log-install.txt echo "" | tee -a log-install.txt echo -e "\e[0;37m - Webmin : http://$IPADDR:10000/" | tee -a log-install.txt echo "" | tee -a log-install.txt echo "" | tee -a log-install.txt echo -e "\e[0;37m OpenVPN Configs Download" | tee -a log-install.txt echo -e "\e[0;37m - Download Link : http://$IPADDR:85/configs.zip" | tee -a log-install.txt echo -e "\e[0;37m - Remodified By PR-Aiman" | tee -a log-install.txt echo -e "\e[0;37m - Telegram Contact : https://t.me/PR_Aiman" | tee -a log-install.txt echo "" | tee -a log-install.txt echo -e "\e[0;37m This script is under project of https://github.com/praiman99/AutoScriptVPN" | tee -a log-install.txt echo "" | tee -a log-install.txt echo "--------------------------------------------------------------------------------" # Clearing all logs from installation rm -rf /root/.bash_history && history -c && echo '' > /var/log/syslog echo "" echo -e "\e[0;37m Server will be reboot In 5 Sec" sleep 5 rm -f setup* reboot exit 1