DD-WRT Startup Script
(remember not to enable OpenVPN in the DD-WRT GUI since this script calls it for you)
echo 'sleep 8' >> /tmp/vpngo.sh
mkdir /tmp/openvpn
echo "
-----BEGIN CERTIFICATE-----
***Add Your IPcop Server Cert HERE!!***
-----END CERTIFICATE-----
" > /tmp/openvpn/ca.crt
echo "
-----BEGIN CERTIFICATE-----
***ADD Your IPcop Client Cert HERE!!***
-----END CERTIFICATE-----
" > /tmp/openvpn/client.crt
echo "
-----BEGIN RSA PRIVATE KEY-----
***Add Your IPCop Private Key HERE!!**
-----END RSA PRIVATE KEY-----
" > /tmp/openvpn/client.key
echo "client
dev tun
proto udp
remote ***YOUR PUBLIC IPCOP SERVER*** 1194
resolv-retry infi nite
nobind
persist-key
persist-tun
fl oat
keepalive 10 120
tun-mtu 1400
tun-mtu-extra 32
mssfi x 1300
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/client.crt
key /tmp/openvpn/client.key" > /tmp/openvpn/openvpn.conf
echo 'iptables -A POSTROUTING -t nat -o tun0 -j MASQUERADE' > /tmp/openvpn/route-up.sh
echo 'iptables -D POSTROUTING -t nat -o tun0 -j MASQUERADE' > /tmp/openvpn/route-down.sh
echo 'iptables -t nat -I PREROUTING -i tun0 -p udp --dport 5000:5300 - j DNAT --to-destination 192.168.1.10' >> /tmp/vpngo.sh
echo 'iptables -I INPUT -p tcp --dport 443 -j logaccept' >> /tmp/vpngo.sh
echo 'iptables -I INPUT -p tcp --dport 22 -j logaccept' >> /tmp/vpngo.sh
chmod 777 /tmp/openvpn/route-up.sh
chmod 777 /tmp/openvpn/route-down.sh
echo 'result=0' >> /tmp/vpngo.sh
echo 'pingloss=0' >> /tmp/vpngo.sh
echo 'pingloss2=0' >> /tmp/vpngo.sh
echo 'rm /tmp/vpngo.sh' >> /tmp/vpngo.sh
echo 'rm /tmp/vpngo.sh' >> /tmp/vpngo.sh
echo 'rm /tmp/keypass' >> /tmp/vpngo.sh
echo 'date 092011082007' >> /tmp/vpngo.sh
echo 'touch /tmp/keypass' >> /tmp/vpngo.sh
echo 'echo '***PKCS12 File Password***' > /tmp/keypass' >> /tmp/vpngo.sh
echo '/usr/sbin/openvpn --confi g /tmp/openvpn/openvpn.conf --route-up /tmp/openvpn/route- up.sh --down /tmp/openvpn/route-down.sh --askpass /tmp/keypass' >> /tmp/vpngo.sh
echo ' sleep 60' >> /tmp/vpngo2.sh
echo ' while [ "x" ]' >> /tmp/vpngo2.sh
echo ' do' >> /tmp/vpngo2.sh
echo ' sleep 12' >> /tmp/vpngo2.sh
echo ' result=`ifconfi g tun0 2>&1 | grep -c RUNNING`' >> /tmp/vpngo2.sh
echo ' if [ $result -eq 0 ]' >> /tmp/vpngo2.sh
echo ' then' >> /tmp/vpngo2.sh
echo ' sleep 10' >> /tmp/vpngo2.sh
echo ' result=`ifconfi g tun0 2>&1 | grep -c RUNNING`' >> /tmp/vpngo2.sh
echo ' if [ $result -eq 0 ]' >> /tmp/vpngo2.sh
echo ' then' >> /tmp/vpngo2.sh
echo ' while [ $result -eq 0 ]' >> /tmp/vpngo2.sh
echo ' do' >> /tmp/vpngo2.sh
echo ' killall openvpn' >> /tmp/vpngo2.sh
echo ' /usr/sbin/openvpn --confi g /tmp/openvpn/openvpn.conf --route-up /tmp/openvpn/route-up.sh --down /tmp/openvpn/route-down.sh --askpass /tmp/keypass &' >> /tmp/vpngo2.sh
echo ' sleep 40' >> /tmp/vpngo2.sh
echo ' iptables -t nat -I PREROUTING -i tun0 -p udp --dport 5000:5300 -j DNAT --to-destination 192.168.1.10' >> /tmp/vpngo2.sh
echo ' iptables -I INPUT -p tcp --
dport 443 -j logaccept' >> /tmp/vpngo2.sh
echo ' iptables -I INPUT -p tcp --dport 22 -j logaccept' >> /tmp/vpngo2.sh
echo ' result=`ifconfi g tun0 2>&1 | grep -c RUNNING`' >> /tmp/vpngo2.sh
echo ' done' >> /tmp/vpngo2.sh
echo ' result=`ifconfi g tun0 2>&1 | grep -c RUNNING`' >> /tmp/vpngo2.sh
echo ' fi ' >> /tmp/vpngo2.sh
echo ' fi ' >> /tmp/vpngo2.sh
echo ' sleep 11' >> /tmp/vpngo2.sh
echo ' pingloss2=`ping -c 5 172.16.201.11 | grep -c "100% packet loss"`' >> /tmp/vpngo2.sh
echo ' if [ $pingloss2 -eq 1 ]' >> /tmp/vpngo2.sh
echo ' then' >> /tmp/vpngo2.sh
echo ' sleep 10' >> /tmp/vpngo2.sh
echo ' pingloss2=`ping -c 8 172.16.201.11 | grep -c "100% packet loss"`' >> /tmp/vpngo2.sh
echo ' if [ $pingloss2 -eq 1 ]' >> /tmp/vpngo2.sh
echo ' then' >> /tmp/vpngo2.sh
echo ' pingloss3=`ping -c 8 ***YOUR PUBLIC IPCOP SERVER*** | grep -c "100% packet loss"`' >> /tmp/vpngo2.sh
echo ' if [ $pingloss3 -eq 0 ]' >> /tmp/vpngo2.sh
echo ' then' >> /tmp/vpngo2.sh
echo ' killall openvpn' >> /tmp/vpngo2.sh
echo ' sleep 1' >> /tmp/vpngo2.sh
echo ' /usr/sbin/openvpn --confi g /tmp/openvpn/openvpn.conf --route-up /tmp/openvpn/route-up.sh --down /tmp/openvpn/route-down.sh --askpass /tmp/keypass &' >> /tmp/vpngo2.sh
echo ' sleep 2' >> /tmp/vpngo2.sh
echo ' fi ' >> /tmp/vpngo2.sh
echo ' fi ' >> /tmp/vpngo2.sh
echo ' fi ' >> /tmp/vpngo2.sh
echo ' done' >> /tmp/vpngo2.sh
chmod 777 /tmp/vpngo.sh
chmod 777 /tmp/vpngo2.sh
chmod 777 /tmp/keypass
sh /tmp/vpngo.sh &
sh /tmp/vpngo2.sh
***DD-WRT Firewall Script****
iptables -t nat -I PREROUTING -i tun0 -p udp --dport 5000:5300 -j DNAT --to-destination 192.168.1.10
iptables -I INPUT -p tcp --dport 22 -j logaccept
iptables -I INPUT -p tcp --dport 443 -j logaccept