├── README.md ├── conf ├── openvpn │ ├── accounts │ ├── checkpsw.sh │ ├── createovpn.sh │ ├── getip.sh │ ├── server.conf │ ├── vpn │ └── vpnstart.sh └── scripts │ ├── build-ca.sh │ ├── build-cs.sh │ ├── build-dh.sh │ ├── init.sh │ └── sign-req.sh ├── install.sh ├── shell ├── foll ├── funs.sh ├── readhat │ ├── install-lzo.sh │ └── yum-install.sh └── run.sh └── soft ├── lzo-2.06.tar.gz └── openvpn-2.3.12.tar.gz /README.md: -------------------------------------------------------------------------------- 1 | # dvpn 开源免流 2 | 3 | ## 前言 4 | > 什么**免流**(见名知义,就是免费使用流量的意思啦),原理就是把一只**羊**伪装成一头儿**狼**,羊儿就是我们平时上网,狼就是跟三大运营商合作的小伙伴啦,一般进他们的官网是不花任何流量滴,再深一点就要说到HTTP请求协议这块咯,粗略地讲就是把你化妆成狼,技术解释方面不细讲,大家可以自行百度或者谷歌,此项目就是告诉大家其实免流很容易(不要再花钱去买那些一键脚本平台了,当心后台),当然是根据各个地区而定的啦,此项目一方面仅限用于测试交流,另一方面也在提醒运营商存在这方面的漏洞(理论上:**使用IP地扯池或域名地扯池可解决此漏洞**). 5 | 6 | ## 声明 7 | 8 | > **此项目源码全部开源,不存在后台,可自行检查。** 9 | 10 | 11 | ## 使用指南(仅限linux系统) 12 | 13 | ### 傻瓜式一键安装 14 | 15 | 16 | 17 | ```shell 18 | 复制命令到控制台运行即可 19 | 20 | > curl -fsSL https://github.com/dounine/dvpn/raw/master/shell/foll | sh 21 | 22 | ``` 23 | 24 | -------------------------------------------------------------------------------- /conf/openvpn/accounts: -------------------------------------------------------------------------------- 1 | test test123 2 | -------------------------------------------------------------------------------- /conf/openvpn/checkpsw.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ########################################################### 3 | # checkpsw.sh (C) 2004 Mathias Sundman 4 | # 5 | # This script will authenticate OpenVPN users against 6 | # a plain text file. The passfile should simply contain 7 | # one row per user with the username first followed by 8 | # one or more space(s) or tab(s) and then the password. 9 | 10 | PASSFILE="/etc/openvpn/accounts" 11 | LOG_FILE="/var/log/openvpn-password.log" 12 | TIME_STAMP=`date "+%Y-%m-%d %T"` 13 | 14 | ########################################################### 15 | 16 | if [ ! -r "${PASSFILE}" ]; then 17 | echo "${TIME_STAMP}: Could not open password file \"${PASSFILE}\" for reading." >> ${LOG_FILE} 18 | exit 1 19 | fi 20 | 21 | CORRECT_PASSWORD=`awk '!/^;/&&!/^#/&&$1=="'${username}'"{print $2;exit}' ${PASSFILE}` 22 | 23 | if [ "${CORRECT_PASSWORD}" = "" ]; then 24 | echo "${TIME_STAMP}: User does not exist: username=\"${username}\", password=\"${password}\"." >> ${LOG_FILE} 25 | exit 1 26 | fi 27 | 28 | if [ "${password}" = "${CORRECT_PASSWORD}" ]; then 29 | echo "${TIME_STAMP}: Successful authentication: username=\"${username}\"." >> ${LOG_FILE} 30 | exit 0 31 | fi 32 | 33 | echo "${TIME_STAMP}: Incorrect password: username=\"${username}\", password=\"${password}\"." >> ${LOG_FILE} 34 | exit 1 35 | -------------------------------------------------------------------------------- /conf/openvpn/createovpn.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | dip=`bash getip.sh` 3 | echo -n "please input you vpnserver ip address[$dip]:" 4 | read ip 5 | if [ -z "$ip" ];then 6 | ip=$dip 7 | fi 8 | echo -n "please input you vpnserver port [__port__]:" 9 | read port 10 | if [ -z "$port" ];then 11 | port=__port__ 12 | fi 13 | echo -n "please input client name [client]:" 14 | read client 15 | if [ -z "$client" ];then 16 | client="client" 17 | fi 18 | echo -n "please input create ovpn filename [client]:" 19 | read filename 20 | if [ -z "$filename" ];then 21 | filename="client.ovpn" 22 | else 23 | filename=$filename".ovpn" 24 | fi 25 | str="client 26 | dev tun 27 | proto tcp 28 | remote $ip $port 29 | resolv-retry infinite 30 | nobind 31 | auth-user-pass 32 | persist-key 33 | persist-tun 34 | comp-lzo 35 | verb 3 36 | 37 | $(cat easyrsa3/pki/ca.crt) 38 | 39 | 40 | $(cat easyrsa3/pki/issued/client.crt) 41 | 42 | 43 | $(cat easyrsa3/pki/private/client.key) 44 | 45 | 46 | $(cat easyrsa3/pki/ta.key) 47 | 48 | " 49 | echo -e "$str" > $filename 50 | echo "build Successfuled." 51 | -------------------------------------------------------------------------------- /conf/openvpn/getip.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ip=$(curl -o /tmp/ip.tmp http://1212.ip138.com/ic.asp && awk -F "\r" 'NR==6{print $1}' /tmp/ip.tmp | awk -F "[" '{print $2}' | awk -F "]" '{print $1}') 3 | echo $ip 4 | -------------------------------------------------------------------------------- /conf/openvpn/server.conf: -------------------------------------------------------------------------------- 1 | script-security 3 2 | port __port__ 3 | proto tcp 4 | dev tun 5 | ca easyrsa3/pki/ca.crt 6 | cert easyrsa3/pki/issued/server.crt 7 | key easyrsa3/pki/private/server.key 8 | dh easyrsa3/pki/dh.pem 9 | auth-user-pass-verify /etc/openvpn/checkpsw.sh via-env 10 | username-as-common-name 11 | client-cert-not-required 12 | push "redirect-gateway def1 bypass-dhcp" 13 | push "dhcp-option DNS 8.8.8.8" 14 | push "dhcp-option DNS 8.8.4.4" 15 | push "route 10.0.0.0 255.255.255.0" 16 | server 10.8.0.0 255.255.255.0 17 | tls-auth easyrsa3/pki/ta.key 18 | ifconfig-pool-persist ipp.txt 19 | duplicate-cn 20 | max-clients 100 21 | keepalive 10 120 22 | user nobody 23 | group nobody 24 | comp-lzo 25 | persist-key 26 | persist-tun 27 | log ovpn.log 28 | status ovpn-status.log 29 | verb 3 30 | -------------------------------------------------------------------------------- /conf/openvpn/vpn: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | pkill squid 3 | pkill mproxy 4 | pkill openvpn 5 | systemctl start squid 6 | /usr/bin/mproxy -l __port__ -d 7 | cd /etc/openvpn && ./vpnstart.sh 8 | exit 0 9 | -------------------------------------------------------------------------------- /conf/openvpn/vpnstart.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | /etc/openvpn/sbin/openvpn --daemon --config /etc/openvpn/server.conf 3 | -------------------------------------------------------------------------------- /conf/scripts/build-ca.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/expect 2 | set loop 0 3 | spawn /etc/openvpn/easyrsa3/easyrsa build-ca nopass 4 | expect "]:" 5 | send "\r" 6 | expect eof 7 | exit 8 | -------------------------------------------------------------------------------- /conf/scripts/build-cs.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/expect 2 | set name [lindex $argv 0] 3 | spawn /etc/openvpn/easyrsa3/easyrsa gen-req $name nopass 4 | expect "]:" 5 | send "\r" 6 | expect eof 7 | exit 8 | -------------------------------------------------------------------------------- /conf/scripts/build-dh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | /etc/openvpn/easyrsa3/easyrsa gen-dh 3 | -------------------------------------------------------------------------------- /conf/scripts/init.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dounine/dvpn/0157eaef3ac1708077ea6296ae2770b326160b34/conf/scripts/init.sh -------------------------------------------------------------------------------- /conf/scripts/sign-req.sh: -------------------------------------------------------------------------------- 1 | #/usr/bin/expect 2 | set type [lindex $argv 0] 3 | set name [lindex $argv 1] 4 | spawn /etc/openvpn/easyrsa3/easyrsa sign-req $type $name 5 | expect "details:" 6 | send "yes\r" 7 | expect eof 8 | exit 9 | -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | source shell/funs.sh 3 | #project download address:https://github.com/dounine/dvpn 4 | #project author:huanghuanlai 5 | #project version:1.0.0 6 | #project create time:2016-09-02 13:11:00 7 | 8 | #openvpn port 9 | openvpn_port=5550 10 | mproxy_port=5551 11 | squid_port=5552 12 | 13 | 14 | #获取dvpn所在工作目录 15 | workdir=$(cd `dirname $0`;pwd) 16 | opdir=/etc/openvpn 17 | log "还原项目" 18 | cd $workdir 19 | git checkout * 20 | git reset 21 | git clean -df 22 | log "环境清理中" 23 | drm $opdir 24 | drm /usr/bin/vpn 25 | yum remove squid -y 26 | #安装环境所依赖的软件 27 | log "安装软件所依赖的环境" 28 | $workdir/shell/readhat/yum-install.sh 29 | log "安装lzo必要组件" 30 | $workdir/shell/readhat/install-lzo.sh $workdir 31 | log "mproxy 转接代理下载中..." 32 | #定义mprox除y下载编译的所在目录 33 | mpdir=.mproxy 34 | if [ -d $mpdir ];then 35 | drm $mpdir 36 | fi 37 | dmkdir $mpdir && cd $mpdir/ 38 | #下载github中的单个文件 39 | mpgithub=https://github.com/dounine/mproxy/raw/master 40 | wget $mpgithub/mproxy.c 41 | wget $mpgithub/Makefile 42 | log "mproxy c代码编译中..." 43 | cd $workdir/$mpdir && make 44 | sed -i 's/8080/$mproxy_port/g' $workdir/$mpdir/mproxy.c 45 | sed -i 's/3330/$openvpn_port/g' $workdir/$mpdir/mproxy.c 46 | log "mproxy复制" 47 | cp $workdir/.mproxy/mproxy /usr/bin/ 48 | log "openvpn2.3.12 安装编译" 49 | cd $workdir/soft && tar -zxf openvpn-2.3.12.tar.gz 50 | cd $workdir/soft/openvpn-2.3.12 && ./configure --prefix=$opdir && make && make install 51 | cd $workdir/soft 52 | drm easyrsa3 53 | log "easyrsa3 下载中..." 54 | svn checkout https://github.com/dounine/easy-rsa/trunk/easyrsa3 55 | log "easyrsa3 复制==>>"$opdi 56 | cp -rf $workdir/soft/easyrsa3/ $opdir/ 57 | log "编译安装完成" 58 | log "复制证书生成脚本" 59 | cp -rf $workdir/conf/scripts/* $opdir/easyrsa3/ 60 | cp -rf $workdir/shell/funs.sh $opdir/easyrsa3/ 61 | log "生成ca证书" 62 | cd $opdir/easyrsa3 && ./init.sh $opdir/ 63 | log "生成防攻击ta.key" 64 | $opdir/sbin/openvpn --genkey --secret $opdir/easyrsa3/pki/ta.key 65 | log "复制openvpn所需脚本" 66 | cp -rf $workdir/conf/openvpn/* $opdir/ 67 | log "vpn启动脚本复制" 68 | cp -rf $workdir/conf/openvpn/vpn /usr/bin/ 69 | log "openvpn服务器脚本复制" 70 | cp -rf $workdir/conf/openvpn/server.conf $opdir/ 71 | log "端口替换" 72 | sed -i 's/__port__/$openvpn_port/g' /usr/bin/vpn 73 | sed -i 's/__port__/$openvpn_port/g' $opdir/createovpn.sh 74 | sed -i 's/__port__/$openvpn_port/g' $opdir/server.conf 75 | sed -i 's/3128/$squid_port/g' /etc/squid/squid.conf 76 | log "iptables设置" 77 | systemctl stop firewalld.service > /dev/null 2>&1 78 | systemctl disable firewalld.service 79 | systemctl enable iptables.service 80 | iptables -F 81 | iptables -A INPUT -p TCP --dport 22 -j ACCEPT 82 | iptables -t nat -A POSTROUTING -s 10.8.0.0/16 -o eth0 -j MASQUERADE 83 | iptables -t nat -A POSTROUTING -s 10.8.0.0/16 -j SNAT --to-source $ip 84 | iptables -t nat -A POSTROUTING -j MASQUERADE 85 | iptables -A INPUT -p TCP --dport $openvpn_port -j ACCEPT 86 | iptables -A INPUT -p TCP --dport $mproxy_port -j ACCEPT 87 | iptables -A INPUT -p TCP --dport $squid_port -j ACCEPT 88 | iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 89 | service iptables save 90 | systemctl restart iptables 91 | log "linux内核转发打开" 92 | setenforce 0 > /dev/null 2>&1 93 | echo "/usr/sbin/setenforce 0" >> /etc/rc.local 94 | echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf 95 | sysctl -p >/dev/null 2>&1 96 | chmod +x /etc/rc.d/rc.local 97 | -------------------------------------------------------------------------------- /shell/foll: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | echo -e "安装git工具" 3 | yum install git -y 4 | cd ~/ 5 | echo -e "下载项目" 6 | git clone https://github.com/dounine/dvpn.git 7 | cd ~/dvpn 8 | ./install.sh 9 | -------------------------------------------------------------------------------- /shell/funs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | function log() 3 | { 4 | echo -e "\n=========>>>> \033[31m $1 \033[0m <<<<========\n" 5 | sleep 2 6 | } 7 | function drm() 8 | { 9 | filetype="文件" 10 | if [ -d $1 ];then 11 | filetype="文件夹" 12 | fi 13 | echo -e "\n=========>>>> \033[31m 删除$1:$filetype \033[0m <<<<========\n" 14 | rm -rf $1 15 | sleep 2 16 | } 17 | function dmkdir() 18 | { 19 | echo -e "\n=========>>>> \033[31m 创建文件夹$1 \033[0m <<<<=========\n" 20 | mkdir -p $1 21 | sleep 2 22 | } 23 | -------------------------------------------------------------------------------- /shell/readhat/install-lzo.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | workdir=$1 3 | cd $workdir/soft 4 | tar -zxf lzo-2.06.tar.gz && cd lzo-2.06 5 | ./configure && make && make install 6 | -------------------------------------------------------------------------------- /shell/readhat/yum-install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | yum install iptables-services expect squid svn git gcc openssl openssl-devel pam-devel net-tools -y 3 | -------------------------------------------------------------------------------- /shell/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | #"清空iptables规则" 3 | systemctl disable iptables.service 4 | systemctl enable iptables.service 5 | iptables -F 6 | #"添加nat网络地扯交换" 7 | iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE 8 | #启动iptables 9 | systemctl start iptables.service 10 | #启动vpn服务 11 | cd /etc/openvpn && bash /etc/openvpn/vpnstart.sh 12 | -------------------------------------------------------------------------------- /soft/lzo-2.06.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dounine/dvpn/0157eaef3ac1708077ea6296ae2770b326160b34/soft/lzo-2.06.tar.gz -------------------------------------------------------------------------------- /soft/openvpn-2.3.12.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dounine/dvpn/0157eaef3ac1708077ea6296ae2770b326160b34/soft/openvpn-2.3.12.tar.gz --------------------------------------------------------------------------------