rms/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2026-05-16 23:55:44 +03:00
Code Issues Packages Projects Releases Wiki Activity

Improve IPv6 setup

Browse Source 
- Use a /116 subnet (4096 addresses) for IPv6.
- Set IPv6 forwarding in rc.local, in addition to sysctl.conf.
  In some cases, setting it in sysctl.conf may not work reliably.
This commit is contained in:
hwdsl2
2026-03-20 01:42:03 -05:00
parent 40d0be86a1
commit 5414cdfb71
5 changed files with 19 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
extras/ikev2setup.sh
View File

@@ -169,7 +169,7 @@ confirm_or_abort() {
show_header() { show_header() {
cat <<'EOF' cat <<'EOF'
IKEv2 Script Copyright (c) 2020-2026 Lin Song 16 Mar 2026 IKEv2 Script Copyright (c) 2020-2026 Lin Song 20 Mar 2026
EOF EOF
} }
@@ -1178,11 +1178,12 @@ add_ikev2_connection() {
bigecho2 "Adding a new IKEv2 connection..." bigecho2 "Adding a new IKEv2 connection..."
XAUTH_POOL=${VPN_XAUTH_POOL:-'192.168.43.10-192.168.43.250'} XAUTH_POOL=${VPN_XAUTH_POOL:-'192.168.43.10-192.168.43.250'}
IP6_NET=${VPN_IP6_NET:-'fddd:500:500:500::/64'} IP6_NET=${VPN_IP6_NET:-'fddd:500:500:500::/64'}
IP6_PREFIX=$(printf '%s' "$IP6_NET" | sed 's|/[0-9]*$||; s|::$||')
lsubnet="0.0.0.0/0" lsubnet="0.0.0.0/0"
rpool="$XAUTH_POOL" rpool="$XAUTH_POOL"
if [ -n "$VPN_PUBLIC_IP6" ]; then if [ -n "$VPN_PUBLIC_IP6" ]; then
lsubnet="0.0.0.0/0,::/0" lsubnet="0.0.0.0/0,::/0"
rpool="$XAUTH_POOL,$IP6_NET" rpool="$XAUTH_POOL,${IP6_PREFIX}::1000-${IP6_PREFIX}::1fff"
fi fi
if ! grep -qs '^include /etc/ipsec\.d/\*\.conf$' "$IPSEC_CONF"; then if ! grep -qs '^include /etc/ipsec\.d/\*\.conf$' "$IPSEC_CONF"; then
echo >> "$IPSEC_CONF" echo >> "$IPSEC_CONF"

4
extras/vpnuninstall.sh
View File

@@ -211,9 +211,9 @@ update_rclocal() {
bigecho "Updating rc.local..." bigecho "Updating rc.local..."
conf_bk "/etc/rc.local" conf_bk "/etc/rc.local"
if [ "$os_type" = "alpine" ]; then if [ "$os_type" = "alpine" ]; then
sed -i '/# Added by hwdsl2 VPN script/,+4d' /etc/rc.local sed -i '/# Added by hwdsl2 VPN script/,/)&$/d' /etc/rc.local
else else
sed --follow-symlinks -i '/# Added by hwdsl2 VPN script/,+4d' /etc/rc.local sed --follow-symlinks -i '/# Added by hwdsl2 VPN script/,/)&$/d' /etc/rc.local
fi fi
fi fi
} }

7
vpnsetup_amzn.sh
View File

@@ -579,13 +579,16 @@ enable_on_boot() {
else else
echo '#!/bin/sh' > /etc/rc.local echo '#!/bin/sh' > /etc/rc.local
fi fi
cat >> /etc/rc.local <<'EOF' ip6_fwd_rc=""
[ -n "$ip6" ] && ip6_fwd_rc='
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding'
cat >> /etc/rc.local <<EOF
# Added by hwdsl2 VPN script # Added by hwdsl2 VPN script
(sleep 15 (sleep 15
service ipsec restart service ipsec restart
service xl2tpd restart service xl2tpd restart
echo 1 > /proc/sys/net/ipv4/ip_forward)& echo 1 > /proc/sys/net/ipv4/ip_forward${ip6_fwd_rc})&
EOF EOF
fi fi
} }

7
vpnsetup_centos.sh
View File

@@ -760,13 +760,16 @@ enable_on_boot() {
else else
echo '#!/bin/sh' > /etc/rc.local echo '#!/bin/sh' > /etc/rc.local
fi fi
cat >> /etc/rc.local <<'EOF' ip6_fwd_rc=""
[ -n "$ip6" ] && ip6_fwd_rc='
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding'
cat >> /etc/rc.local <<EOF
# Added by hwdsl2 VPN script # Added by hwdsl2 VPN script
(sleep 15 (sleep 15
service ipsec restart service ipsec restart
service xl2tpd restart service xl2tpd restart
echo 1 > /proc/sys/net/ipv4/ip_forward)& echo 1 > /proc/sys/net/ipv4/ip_forward${ip6_fwd_rc})&
EOF EOF
fi fi
} }

5
vpnsetup_ubuntu.sh
View File

@@ -725,13 +725,16 @@ EOF
if uname -m | grep -qi '^arm'; then if uname -m | grep -qi '^arm'; then
rc_delay=60 rc_delay=60
fi fi
ip6_fwd_rc=""
[ -n "$ip6" ] && ip6_fwd_rc='
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding'
cat >> /etc/rc.local <<EOF cat >> /etc/rc.local <<EOF
# Added by hwdsl2 VPN script # Added by hwdsl2 VPN script
(sleep $rc_delay (sleep $rc_delay
service ipsec restart service ipsec restart
service xl2tpd restart service xl2tpd restart
echo 1 > /proc/sys/net/ipv4/ip_forward)& echo 1 > /proc/sys/net/ipv4/ip_forward${ip6_fwd_rc})&
exit 0 exit 0
EOF EOF
fi fi