openVPN-Config
This commit is contained in:
parent
e5995033bf
commit
77d7b6938a
109
etc/openvpn/ca.crt
Normal file
109
etc/openvpn/ca.crt
Normal file
@ -0,0 +1,109 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 3 (0x3)
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
Issuer: C=NA, ST=None, L=None, O=Mullvad, CN=Mullvad CA/emailAddress=info@mullvad.net
|
||||
Validity
|
||||
Not Before: Mar 24 16:19:48 2009 GMT
|
||||
Not After : Mar 22 16:19:48 2019 GMT
|
||||
Subject: C=NA, ST=None, L=None, O=Mullvad, CN=master.mullvad.net/emailAddress=info@mullvad.net
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
RSA Public Key: (2048 bit)
|
||||
Modulus (2048 bit):
|
||||
00:c5:00:39:5d:fe:9b:0c:b7:ff:76:a4:93:bf:26:
|
||||
1b:d6:c8:4a:e5:3c:ce:1c:2c:16:80:a2:61:a6:e9:
|
||||
63:4b:70:a1:80:6f:0e:0c:bb:a9:b6:d1:bd:f5:a0:
|
||||
78:82:09:4d:94:22:aa:77:7c:09:36:42:cd:a5:a6:
|
||||
90:73:27:42:00:31:e4:d4:8b:49:36:65:a3:25:82:
|
||||
b8:26:d7:d1:f5:b5:a9:be:57:93:9d:7c:d6:1c:df:
|
||||
9a:87:81:53:0b:17:81:d1:0d:ca:dc:4d:19:13:fa:
|
||||
11:e6:da:68:eb:81:05:39:e3:1e:3a:3f:fc:e2:64:
|
||||
3c:98:3c:89:a9:42:b3:30:70:57:56:a1:f5:08:b2:
|
||||
75:12:a0:36:93:9d:69:e9:7e:11:71:d9:1c:e8:7d:
|
||||
ec:03:21:11:7a:0a:7a:03:35:ba:b8:b2:0c:3a:6f:
|
||||
57:88:62:45:3d:0c:6c:18:ff:21:49:37:ae:40:78:
|
||||
6d:45:52:29:ac:21:ad:4a:01:61:67:0b:01:c4:ac:
|
||||
b0:88:97:52:ff:cb:3a:21:f0:14:2b:c1:79:8d:79:
|
||||
35:14:fc:9c:3f:6c:c9:62:fc:8c:c7:a8:51:34:75:
|
||||
1c:23:d5:db:b9:44:08:1c:0c:17:2c:21:2a:b4:29:
|
||||
db:15:59:e7:a9:1c:d6:19:19:ef:e4:6b:ea:78:6d:
|
||||
76:8d
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Subject Key Identifier:
|
||||
75:8A:14:92:0D:F3:6E:B7:36:4F:8B:4F:15:6C:3F:18:15:90:64:DE
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:E1:63:B4:3E:55:A3:D2:37:5F:DE:3A:91:48:51:4B:20:1A:F2:9B:C5
|
||||
DirName:/C=NA/ST=None/L=None/O=Mullvad/CN=Mullvad CA/emailAddress=info@mullvad.net
|
||||
serial:84:68:2E:A0:51:2A:BB:D4
|
||||
|
||||
X509v3 Basic Constraints:
|
||||
CA:TRUE
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
a4:b4:62:3d:cb:7e:57:b3:bd:2a:41:e0:3b:94:d0:4c:08:69:
|
||||
8a:b1:73:15:13:20:c9:d7:b0:b6:5d:65:4a:4d:1d:27:cc:ca:
|
||||
11:0e:86:fa:65:61:26:39:c2:54:8e:da:eb:78:21:37:0e:c7:
|
||||
a4:d2:17:8a:4b:ad:17:84:25:5e:24:0e:9a:81:ff:d1:1b:0e:
|
||||
32:9b:f4:81:e0:07:e9:8f:9d:c1:43:7f:40:30:01:07:7c:02:
|
||||
c7:c4:9c:05:48:4c:bf:41:69:57:c1:d3:bb:a3:5a:01:17:96:
|
||||
b0:c9:00:22:57:2f:84:da:45:33:6e:6c:2b:13:c5:af:75:a7:
|
||||
b2:6b:71:6e:13:2c:97:0e:d9:93:da:6d:d9:34:c6:06:7d:0e:
|
||||
e2:b8:d2:78:13:79:0f:ac:ac:a8:68:a9:72:73:7a:d8:ab:7b:
|
||||
0a:b0:54:b5:f3:ce:29:0d:47:82:0c:b4:d9:20:64:ff:ef:17:
|
||||
46:92:de:65:e8:67:ce:3a:92:de:e4:3e:99:73:9f:7a:7c:00:
|
||||
72:07:39:78:77:37:62:89:a2:db:24:fd:60:2a:e0:82:57:f6:
|
||||
55:94:f6:79:47:19:c9:13:3b:5d:b7:6b:66:14:d4:7d:3c:76:
|
||||
75:e9:a3:55:ba:b4:92:30:3b:ad:66:72:0c:39:4b:cc:95:a9:
|
||||
bc:06:ef:2b
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEQjCCAyqgAwIBAgIBAzANBgkqhkiG9w0BAQUFADBzMQswCQYDVQQGEwJOQTEN
|
||||
MAsGA1UECBMETm9uZTENMAsGA1UEBxMETm9uZTEQMA4GA1UEChMHTXVsbHZhZDET
|
||||
MBEGA1UEAxMKTXVsbHZhZCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0BtdWxsdmFk
|
||||
Lm5ldDAeFw0wOTAzMjQxNjE5NDhaFw0xOTAzMjIxNjE5NDhaMHsxCzAJBgNVBAYT
|
||||
Ak5BMQ0wCwYDVQQIEwROb25lMQ0wCwYDVQQHEwROb25lMRAwDgYDVQQKEwdNdWxs
|
||||
dmFkMRswGQYDVQQDExJtYXN0ZXIubXVsbHZhZC5uZXQxHzAdBgkqhkiG9w0BCQEW
|
||||
EGluZm9AbXVsbHZhZC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
|
||||
AQDFADld/psMt/92pJO/JhvWyErlPM4cLBaAomGm6WNLcKGAbw4Mu6m20b31oHiC
|
||||
CU2UIqp3fAk2Qs2lppBzJ0IAMeTUi0k2ZaMlgrgm19H1tam+V5OdfNYc35qHgVML
|
||||
F4HRDcrcTRkT+hHm2mjrgQU54x46P/ziZDyYPImpQrMwcFdWofUIsnUSoDaTnWnp
|
||||
fhFx2RzofewDIRF6CnoDNbq4sgw6b1eIYkU9DGwY/yFJN65AeG1FUimsIa1KAWFn
|
||||
CwHErLCIl1L/yzoh8BQrwXmNeTUU/Jw/bMli/IzHqFE0dRwj1du5RAgcDBcsISq0
|
||||
KdsVWeepHNYZGe/ka+p4bXaNAgMBAAGjgdgwgdUwHQYDVR0OBBYEFHWKFJIN8263
|
||||
Nk+LTxVsPxgVkGTeMIGlBgNVHSMEgZ0wgZqAFOFjtD5Vo9I3X946kUhRSyAa8pvF
|
||||
oXekdTBzMQswCQYDVQQGEwJOQTENMAsGA1UECBMETm9uZTENMAsGA1UEBxMETm9u
|
||||
ZTEQMA4GA1UEChMHTXVsbHZhZDETMBEGA1UEAxMKTXVsbHZhZCBDQTEfMB0GCSqG
|
||||
SIb3DQEJARYQaW5mb0BtdWxsdmFkLm5ldIIJAIRoLqBRKrvUMAwGA1UdEwQFMAMB
|
||||
Af8wDQYJKoZIhvcNAQEFBQADggEBAKS0Yj3LflezvSpB4DuU0EwIaYqxcxUTIMnX
|
||||
sLZdZUpNHSfMyhEOhvplYSY5wlSO2ut4ITcOx6TSF4pLrReEJV4kDpqB/9EbDjKb
|
||||
9IHgB+mPncFDf0AwAQd8AsfEnAVITL9BaVfB07ujWgEXlrDJACJXL4TaRTNubCsT
|
||||
xa91p7JrcW4TLJcO2ZPabdk0xgZ9DuK40ngTeQ+srKhoqXJzetirewqwVLXzzikN
|
||||
R4IMtNkgZP/vF0aS3mXoZ846kt7kPplzn3p8AHIHOXh3N2KJotsk/WAq4IJX9lWU
|
||||
9nlHGckTO123a2YU1H08dnXpo1W6tJIwO61mcgw5S8yVqbwG7ys=
|
||||
-----END CERTIFICATE-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEQjCCAyqgAwIBAgIJAIRoLqBRKrvUMA0GCSqGSIb3DQEBBQUAMHMxCzAJBgNV
|
||||
BAYTAk5BMQ0wCwYDVQQIEwROb25lMQ0wCwYDVQQHEwROb25lMRAwDgYDVQQKEwdN
|
||||
dWxsdmFkMRMwEQYDVQQDEwpNdWxsdmFkIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
|
||||
QG11bGx2YWQubmV0MB4XDTA5MDMyNDA2NDcyNVoXDTE5MDMyMjA2NDcyNVowczEL
|
||||
MAkGA1UEBhMCTkExDTALBgNVBAgTBE5vbmUxDTALBgNVBAcTBE5vbmUxEDAOBgNV
|
||||
BAoTB011bGx2YWQxEzARBgNVBAMTCk11bGx2YWQgQ0ExHzAdBgkqhkiG9w0BCQEW
|
||||
EGluZm9AbXVsbHZhZC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
|
||||
AQDNNzZOrq+gMaA6wfyWdNFmxlM2OB1czwFgtPiDd9f6F8m6CGYBQog3Q2Wx3yAv
|
||||
hxt/uchFBCKtYz6Yh59BCxXKfNAQT2uaMC6KAvKFgz0wppi4S8YbWg2KDelNO/Zv
|
||||
Rb1QT4CBWMbtYzCQZvlJpHr2ZwuXG2OiT477oMyX5Hmf+iT0drmqi+wylRr7CRBs
|
||||
LBu+fxLZ2LFD5g6MATuL3ql5JLIoVjlSqIgbld74pD4WUnM61HRwFsKoCEjq409Y
|
||||
QNP1xO7BeaJu3uQvg/HJhXnGZxTatXhqvdCuAPQRppQ4UnkUzxdSTrfgM3hqMony
|
||||
vX1vy0dX1S8iTQCIeyzAYNObAgMBAAGjgdgwgdUwHQYDVR0OBBYEFOFjtD5Vo9I3
|
||||
X946kUhRSyAa8pvFMIGlBgNVHSMEgZ0wgZqAFOFjtD5Vo9I3X946kUhRSyAa8pvF
|
||||
oXekdTBzMQswCQYDVQQGEwJOQTENMAsGA1UECBMETm9uZTENMAsGA1UEBxMETm9u
|
||||
ZTEQMA4GA1UEChMHTXVsbHZhZDETMBEGA1UEAxMKTXVsbHZhZCBDQTEfMB0GCSqG
|
||||
SIb3DQEJARYQaW5mb0BtdWxsdmFkLm5ldIIJAIRoLqBRKrvUMAwGA1UdEwQFMAMB
|
||||
Af8wDQYJKoZIhvcNAQEFBQADggEBAMjMAFPDeFOrQsvMXD/x+CuARwegS2PDZuB5
|
||||
f1Svw3YDF6cB1jlc0F12nh9SZxaYRwKIlpYoolLCOLoUCLwQJ0gsokxLV7G4gVb8
|
||||
dzETnNq4HG/QOPwPisjoOCaEmcd0tx1EkyNY0KLqFZTS0VdmDHCn89dDFA/6yuYI
|
||||
5u04uJs7c/K4qaW7X6ajOOdneqjbtPeVOvx9DWXHxA0xz4Y+/w4laX/OTRD7jySq
|
||||
K9fLfRliE5zsxzpUr5EWxAnqiABoWL71SiItk5fG8k3MJJ9SVr+YnTHmE7S4KNqu
|
||||
4wTksvkb0Tmjae1lRSlMd6u2AulAxVcVKAod2QVffhj+hdkYM94=
|
||||
-----END CERTIFICATE-----
|
31
etc/openvpn/crl.pem
Normal file
31
etc/openvpn/crl.pem
Normal file
@ -0,0 +1,31 @@
|
||||
-----BEGIN X509 CRL-----
|
||||
MIIFVTCCBD0wDQYJKoZIhvcNAQEFBQAwezELMAkGA1UEBhMCTkExDTALBgNVBAgT
|
||||
BE5vbmUxDTALBgNVBAcTBE5vbmUxEDAOBgNVBAoTB011bGx2YWQxGzAZBgNVBAMT
|
||||
Em1hc3Rlci5tdWxsdmFkLm5ldDEfMB0GCSqGSIb3DQEJARYQaW5mb0BtdWxsdmFk
|
||||
Lm5ldBcNMTQwNDA4MjE1MjI2WhcNMjQwNDA1MjE1MjI2WjCCA48wEgIBARcNMTQw
|
||||
NDA4MjEzNTAyWjASAgEDFw0xNDA0MDgyMTM1MDlaMBICASkXDTE0MDQwODIxMzUx
|
||||
MFowEwICDasXDTE0MDQwODIxMzUxNFowEwICDawXDTE0MDQwODIxMzUxNVowEwIC
|
||||
Da0XDTE0MDQwODIxMzUxOVowEwICDx4XDTE0MDQwODIxMzUyMFowEwICGxsXDTE0
|
||||
MDQwODIxMzUyNFowEwICPf4XDTE0MDQwODIxMzUyNVowEwICSrUXDTE0MDQwODIx
|
||||
MzUzMFowFAIDAbbXFw0xNDA0MDgyMTM1MzJaMBQCAwaeUBcNMTQwNDA4MjEzNTM1
|
||||
WjAUAgMGnlUXDTE0MDQwODIxMzUzOVowFAIDCheTFw0xNDA0MDgxNjA4NDFaMBQC
|
||||
AwpvDBcNMTQwNDA4MTYwOTQzWjAUAgML2jcXDTE0MDQwODIxMzU0MlowFAIDDCfI
|
||||
Fw0xNDA0MDgxNzU1MzRaMBQCAwwrKhcNMTQwNDA4MTc1NzI2WjAUAgMMNWEXDTE0
|
||||
MDQwODIxMzU1MVowFAIDDDViFw0xNDA0MDgxNzU4MzZaMBQCAwyXhRcNMTQwNDA4
|
||||
MTgwMDMzWjAUAgMM99UXDTE0MDQwODIxMzU1N1owFAIDDPfWFw0xNDA0MDgxNzU3
|
||||
NDRaMBQCAwz31xcNMTQwNDA4MjEzNTU4WjAUAgMM9+MXDTE0MDQwODE3NTgyMVow
|
||||
FAIDDPfkFw0xNDA0MDgxNzU4NThaMBQCAwz35RcNMTQwNDA4MTgwMjE5WjAUAgMN
|
||||
FHEXDTE0MDQwODIxMzU0MVowFAIDDRSLFw0xNDA0MDgxNzU5MDhaMBQCAw1FfBcN
|
||||
MTQwNDA4MjEzNjA1WjAUAgMNUWcXDTE0MDQwODIxMzYwNlowFAIDDVFoFw0xNDA0
|
||||
MDgyMTM2MDhaMBQCAw1RbBcNMTQwNDA4MjEzNjEyWjAUAgMN2AoXDTE0MDQwODIx
|
||||
MzU1MFowFAIDDdgLFw0xNDA0MDgxODAxMDdaMBQCAw6G3xcNMTQwNDA4MjEzNjE2
|
||||
WjAUAgMOkpwXDTE0MDQwODE1MTY1OFowFAIDDpKdFw0xNDA0MDgxNjA5NTFaMBQC
|
||||
Aw7DWhcNMTQwNDA4MTgwMDQ2WjAUAgMPFEEXDTE0MDQwODIxMzYxN1owFAIDDyaP
|
||||
Fw0xNDA0MDgyMDQwNTZaMBQCAw9D1xcNMTQwNDA4MTgwMjMyWjANBgkqhkiG9w0B
|
||||
AQUFAAOCAQEAvb0Y/nuHADGFRV1XG1BZNSENb7xsTrCd8n011j1i/Rpca97ivhdm
|
||||
4gVZ4Fjm4aU7Hjy9dQDuwtQNcFxb0sZDY8xR2iNrBy4rMCHS0vied0QQI3e7xkYf
|
||||
eIPHTcDI1IXMo7D1wbmyr5MbTnAyx2u5XrAfR1C+57NpQGrdOK2xTwRcO0ZTYan6
|
||||
iMnHMFgASHX900q9oWQL3TC9ZuhS/UQT4fcfwalK+c/0a+72i2ZECN+qQnyBbgJQ
|
||||
MSN19u3Kso6hFw+AaCAFvKgcM39oNdQxKAPXl3V/P+qlflAF3W39Gyavq4z1ABln
|
||||
RvHGDUXlOF/EwrWR1av036ITZQZrHiCEEw==
|
||||
-----END X509 CRL-----
|
5
etc/openvpn/mullvad-up
Executable file
5
etc/openvpn/mullvad-up
Executable file
@ -0,0 +1,5 @@
|
||||
#!/bin/bash
|
||||
logger -t OPENVPN VPN Gateway: /sbin/ip route add default via ${route_vpn_gateway} dev ${dev} table fff
|
||||
#/sbin/ip route add default via ${route_vpn_gateway} dev ${dev} table fff
|
||||
/sbin/ip route replace default via ${route_vpn_gateway} dev ${dev} proto static table fff
|
||||
iptables -t nat -A POSTROUTING -o ${dev} -j MASQUERADE
|
90
etc/openvpn/mullvad.crt
Normal file
90
etc/openvpn/mullvad.crt
Normal file
@ -0,0 +1,90 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 2184275 (0x215453)
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
Issuer: C=NA, ST=None, L=None, O=Mullvad, CN=master.mullvad.net/emailAddress=info@mullvad.net
|
||||
Validity
|
||||
Not Before: Jan 1 00:00:00 2009 GMT
|
||||
Not After : Nov 16 20:40:18 2026 GMT
|
||||
Subject: CN=Mullvad800441255487
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (2048 bit)
|
||||
Modulus:
|
||||
00:b5:6b:24:af:a7:87:38:25:6c:8f:ef:e9:c4:df:
|
||||
49:50:62:1f:8d:a1:d1:35:46:fb:9e:e2:84:7d:d2:
|
||||
ad:2a:c1:f0:09:82:23:77:53:14:73:a2:d7:46:a0:
|
||||
22:46:9a:f4:15:58:0a:d8:d8:df:1e:ac:86:c0:c3:
|
||||
32:11:8a:d1:ad:1e:df:e0:f1:f3:44:85:2c:c4:3a:
|
||||
b3:c5:91:99:07:5b:1a:c4:bc:5e:35:82:50:fd:87:
|
||||
93:6a:00:7f:3a:05:d6:e2:d3:a9:b3:2e:2a:65:d8:
|
||||
87:d8:d0:ed:27:2d:a0:e4:0a:ea:d1:8a:94:63:8c:
|
||||
20:95:0b:a1:e8:43:49:c9:f4:16:de:ae:06:30:52:
|
||||
47:2d:d5:db:35:aa:18:e6:fa:ad:97:10:09:88:be:
|
||||
2b:a0:4c:ba:28:6a:a0:c9:99:a2:12:92:76:90:66:
|
||||
6d:68:45:8b:3f:a9:d2:a0:6f:84:e6:bf:6b:52:39:
|
||||
ce:08:c8:76:56:c0:79:d2:04:fe:31:5f:97:b6:15:
|
||||
fc:1f:aa:f1:17:8b:f1:83:c2:87:9f:54:30:d2:1b:
|
||||
ed:dc:cb:b6:bb:76:7d:86:4a:89:6d:4b:b1:72:e1:
|
||||
f4:1f:f5:6b:56:d9:51:5a:11:73:f5:f4:e5:c8:54:
|
||||
5f:84:93:f1:e6:41:02:19:92:ed:23:fc:ff:cd:84:
|
||||
ad:4d
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
Netscape Comment:
|
||||
Easy-RSA Generated Certificate
|
||||
X509v3 Subject Key Identifier:
|
||||
67:64:4C:90:30:FA:8A:42:A6:56:58:64:6B:86:6F:E0:97:11:D2:DE
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:75:8A:14:92:0D:F3:6E:B7:36:4F:8B:4F:15:6C:3F:18:15:90:64:DE
|
||||
DirName:/C=NA/ST=None/L=None/O=Mullvad/CN=Mullvad CA/emailAddress=info@mullvad.net
|
||||
serial:03
|
||||
|
||||
X509v3 Extended Key Usage:
|
||||
TLS Web Client Authentication
|
||||
X509v3 Key Usage:
|
||||
Digital Signature
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
99:89:20:a2:36:3c:c6:8e:0d:40:10:ba:95:cc:bf:bf:4d:5d:
|
||||
ae:8c:44:dd:b2:5e:7a:37:31:22:12:2d:54:52:73:48:4e:b2:
|
||||
d5:f3:45:47:a9:bf:4a:2c:84:07:3f:85:88:b6:5d:ce:ef:b9:
|
||||
95:fa:4b:3d:f0:83:96:e8:78:ce:a2:2a:9b:ba:82:f8:b8:94:
|
||||
58:88:89:3e:c7:d7:0f:d5:03:24:c2:55:eb:8b:57:14:84:da:
|
||||
e9:ab:2a:92:4d:4f:86:39:c7:26:38:7b:1f:a9:01:4a:dc:12:
|
||||
1d:18:21:b0:14:08:bd:85:ab:e0:07:f3:5c:38:56:a5:80:20:
|
||||
8a:6e:89:6e:61:13:46:8c:28:3a:7f:74:b8:5b:5d:1e:a4:14:
|
||||
b5:a2:3c:fc:e9:07:7e:d6:13:28:6b:54:81:ff:d8:61:87:18:
|
||||
2f:bd:fd:ea:a1:63:26:49:c1:2c:85:8b:8f:49:d2:6b:1a:b2:
|
||||
f8:71:d4:01:4f:a0:5a:dd:8b:84:53:cd:a2:3c:1f:e6:56:c7:
|
||||
4f:a0:01:53:10:16:31:d4:58:28:ba:7a:19:51:04:1e:19:00:
|
||||
22:61:c6:75:29:d9:a4:05:24:54:70:64:6b:90:02:c8:f7:cf:
|
||||
29:71:f0:92:a2:32:cb:0f:8a:23:61:29:42:3b:47:6f:bf:7e:
|
||||
ab:ad:2c:82
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIENzCCAx+gAwIBAgIDIVRTMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNVBAYTAk5B
|
||||
MQ0wCwYDVQQIEwROb25lMQ0wCwYDVQQHEwROb25lMRAwDgYDVQQKEwdNdWxsdmFk
|
||||
MRswGQYDVQQDExJtYXN0ZXIubXVsbHZhZC5uZXQxHzAdBgkqhkiG9w0BCQEWEGlu
|
||||
Zm9AbXVsbHZhZC5uZXQwHhcNMDkwMTAxMDAwMDAwWhcNMjYxMTE2MjA0MDE4WjAe
|
||||
MRwwGgYDVQQDExNNdWxsdmFkODAwNDQxMjU1NDg3MIIBIjANBgkqhkiG9w0BAQEF
|
||||
AAOCAQ8AMIIBCgKCAQEAtWskr6eHOCVsj+/pxN9JUGIfjaHRNUb7nuKEfdKtKsHw
|
||||
CYIjd1MUc6LXRqAiRpr0FVgK2NjfHqyGwMMyEYrRrR7f4PHzRIUsxDqzxZGZB1sa
|
||||
xLxeNYJQ/YeTagB/OgXW4tOpsy4qZdiH2NDtJy2g5Arq0YqUY4wglQuh6ENJyfQW
|
||||
3q4GMFJHLdXbNaoY5vqtlxAJiL4roEy6KGqgyZmiEpJ2kGZtaEWLP6nSoG+E5r9r
|
||||
UjnOCMh2VsB50gT+MV+XthX8H6rxF4vxg8KHn1Qw0hvt3Mu2u3Z9hkqJbUuxcuH0
|
||||
H/VrVtlRWhFz9fTlyFRfhJPx5kECGZLtI/z/zYStTQIDAQABo4IBHzCCARswCQYD
|
||||
VR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJhdGVkIENlcnRp
|
||||
ZmljYXRlMB0GA1UdDgQWBBRnZEyQMPqKQqZWWGRrhm/glxHS3jCBnQYDVR0jBIGV
|
||||
MIGSgBR1ihSSDfNutzZPi08VbD8YFZBk3qF3pHUwczELMAkGA1UEBhMCTkExDTAL
|
||||
BgNVBAgTBE5vbmUxDTALBgNVBAcTBE5vbmUxEDAOBgNVBAoTB011bGx2YWQxEzAR
|
||||
BgNVBAMTCk11bGx2YWQgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9AbXVsbHZhZC5u
|
||||
ZXSCAQMwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMA0GCSqGSIb3
|
||||
DQEBBQUAA4IBAQCZiSCiNjzGjg1AELqVzL+/TV2ujETdsl56NzEiEi1UUnNITrLV
|
||||
80VHqb9KLIQHP4WItl3O77mV+ks98IOW6HjOoiqbuoL4uJRYiIk+x9cP1QMkwlXr
|
||||
i1cUhNrpqyqSTU+GOccmOHsfqQFK3BIdGCGwFAi9havgB/NcOFalgCCKboluYRNG
|
||||
jCg6f3S4W10epBS1ojz86Qd+1hMoa1SB/9hhhxgvvf3qoWMmScEshYuPSdJrGrL4
|
||||
cdQBT6Ba3YuEU82iPB/mVsdPoAFTEBYx1FgounoZUQQeGQAiYcZ1KdmkBSRUcGRr
|
||||
kALI988pcfCSojLLD4ojYSlCO0dvv36rrSyC
|
||||
-----END CERTIFICATE-----
|
28
etc/openvpn/mullvad.key
Normal file
28
etc/openvpn/mullvad.key
Normal file
@ -0,0 +1,28 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC1aySvp4c4JWyP
|
||||
7+nE30lQYh+NodE1Rvue4oR90q0qwfAJgiN3UxRzotdGoCJGmvQVWArY2N8erIbA
|
||||
wzIRitGtHt/g8fNEhSzEOrPFkZkHWxrEvF41glD9h5NqAH86Bdbi06mzLipl2IfY
|
||||
0O0nLaDkCurRipRjjCCVC6HoQ0nJ9BbergYwUkct1ds1qhjm+q2XEAmIviugTLoo
|
||||
aqDJmaISknaQZm1oRYs/qdKgb4Tmv2tSOc4IyHZWwHnSBP4xX5e2FfwfqvEXi/GD
|
||||
woefVDDSG+3cy7a7dn2GSoltS7Fy4fQf9WtW2VFaEXP19OXIVF+Ek/HmQQIZku0j
|
||||
/P/NhK1NAgMBAAECggEBAJocQjXVIlDXubksHHFZHHZkZFl0NLwFaIo38kTQSrof
|
||||
tUDehDJBKQZyNl2Qeo1v5BididlboW31MSNerZGpUyS1LYlw/y4d00F+fGhAnrZY
|
||||
9gxZ182svhAgs2FAutMXUsus8mN7vBh4MC5GjK7TW/FcNM1740INL0BteURMpMog
|
||||
V4q4HZJISafdzH8L04XYFDeyfMVVYhrCCNpkYbeYVr1SqypcHBSN8yD2LWPcr/yF
|
||||
DQ4ltyPzXd6Y0JMWMFbDb2mPHugqBeu6Q8TZAi3w/Wa5uRwxg2DVCkAQixg6VGsW
|
||||
JIT85A+UfXgu2N0iRi2yKh2HYs8gigYWuUbDmxajIQECgYEA7zPHffzTMF5Fqxow
|
||||
GKiiXVBpQtpuLRLZKTyT8CA/fNdy1mXnXcJTxIF4GgeRXOddZ9KQQ6vsATzFrd48
|
||||
m2QoIKUAUZQngQNgkXad0hzZQg5VQx/DIFG2CT2Tntp2FzKS6egq+XC4Vb+Xrtpt
|
||||
7c+NX2p4oRyQnVFFJdoll4zv9pkCgYEAwiiQ7XbmXlxP+YezvpuoIbRt9OLVkfT8
|
||||
zShnD0vBvrd07qVnmSeSdoQHM/iT5xAr2ypgpC3yQ4DzxjIRk3wVjlRyvCHk27pC
|
||||
688P2vas6SM997TH/eJDgwMZ0l0/asVtwj+VSHTSmoBWTXVPQg+L/r4Fru6uZuK2
|
||||
n8ELmW0QgNUCgYBRu1aJxO6AU2Xord0LP+uiiMw+rJYCzrLm9SzzWoF27cLuYQlq
|
||||
LvEibr6T3kwb+24eAIOMq9zLG3HME+iPi+xuIxL1zPKmkXnYmjgYyASwHmehtOOe
|
||||
Um0pwSGEoM7C5GPwioTMkGhb3Eg+1aHEJSwAE0g+fJ0pM9C1u1Em9GA12QKBgQCw
|
||||
l+T5lyOAv8Wd1+eMflc2EL3R9l76GjG1CAJ0zxqxNHuOc7L+ghec5AkJJBaiGvtI
|
||||
pAqySXgIHcmbgv6pfjq88eJJayqVD5y+jd6F8cbjZcJ/AlbEfH+bMb7Sry13F4r1
|
||||
Go/VDyxeikv0t7YXB7z1PjA9I6pMufgQ5ax/J8vS4QKBgQDE8Zrdz56xw8UW0Vdc
|
||||
UtVbK3BW8HXuaxI+HCy4P+MmWFMqPPeFNSibdKiWcp2Fyiu9+Mw4QawnI96ZqlFe
|
||||
3dw5mNlNcZ4kE+uREJJR3U+KZ25ABdF+ABg7jLCdWkN0frMBPZ955hi64ZM6RaX3
|
||||
OsCwDFZtOvissSy7HMEFCZiZRA==
|
||||
-----END PRIVATE KEY-----
|
97
etc/openvpn/mullvad_linux.conf
Normal file
97
etc/openvpn/mullvad_linux.conf
Normal file
@ -0,0 +1,97 @@
|
||||
# Notice to Mullvad customers:
|
||||
#
|
||||
# Apart from openvpn, you also need to install the
|
||||
# package "resolvconf", available via apt, e.g.
|
||||
#
|
||||
# For those of you behind very restrictive firewalls,
|
||||
# you can use our tunnels on tcp port 443, as well as
|
||||
# on udp port 53.
|
||||
client
|
||||
|
||||
#Original
|
||||
#dev tun
|
||||
dev mullvad
|
||||
dev-type tun
|
||||
|
||||
proto udp
|
||||
#proto udp
|
||||
#proto tcp
|
||||
|
||||
remote nl.mullvad.net 1300
|
||||
cipher AES-256-CBC
|
||||
|
||||
#remote openvpn.mullvad.net 443
|
||||
#cipher BF-CBC
|
||||
|
||||
#remote openvpn.mullvad.net 53
|
||||
#cipher BF-CBC
|
||||
|
||||
#remote se.mullvad.net 1300 # Servers in Sweden
|
||||
#cipher AES-256-CBC
|
||||
|
||||
#remote nl.mullvad.net 1300 # Servers in the Netherlands
|
||||
#cipher AES-256-CBC
|
||||
|
||||
#remote de.mullvad.net 1300 # Servers in Germany
|
||||
#cipher AES-256-CBC
|
||||
|
||||
#remote us.mullvad.net 1300 # Servers in the USA
|
||||
#cipher AES-256-CBC
|
||||
|
||||
#remote openvpn.mullvad.net 1194
|
||||
#remote openvpn.mullvad.net 443
|
||||
#remote openvpn.mullvad.net 53
|
||||
#remote se.mullvad.net # Servers in Sweden
|
||||
#remote nl.mullvad.net # Servers in the Netherlands
|
||||
#remote de.mullvad.net # Servers in Germany
|
||||
#remote us.mullvad.net # Servers in the USA
|
||||
|
||||
# Tunnel IPv6 traffic as well as IPv4
|
||||
tun-ipv6
|
||||
|
||||
# Keep trying indefinitely to resolve the
|
||||
# host name of the OpenVPN server. Very useful
|
||||
# on machines which are not permanently connected
|
||||
# to the internet such as laptops.
|
||||
resolv-retry infinite
|
||||
|
||||
# Most clients don't need to bind to
|
||||
# a specific local port number.
|
||||
nobind
|
||||
|
||||
# Try to preserve some state across restarts.
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
# Enable compression on the VPN link.
|
||||
comp-lzo
|
||||
|
||||
# Set log file verbosity.
|
||||
verb 3
|
||||
|
||||
remote-cert-tls server
|
||||
|
||||
ping-restart 60
|
||||
|
||||
# Allow calling of built-in executables and user-defined scripts.
|
||||
script-security 2
|
||||
|
||||
# Parses DHCP options from openvpn to update resolv.conf
|
||||
up /etc/openvpn/update-resolv-conf
|
||||
down /etc/openvpn/update-resolv-conf
|
||||
|
||||
ping 10
|
||||
|
||||
ca ca.crt
|
||||
cert mullvad.crt
|
||||
key mullvad.key
|
||||
|
||||
crl-verify crl.pem
|
||||
|
||||
# Enable Freifunk specific Routing
|
||||
route-noexec
|
||||
route-delay 3
|
||||
route-up /etc/openvpn/mullvad-up
|
||||
|
||||
# Limit range of possible TLS cipher-suites
|
||||
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-SEED-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
|
76
etc/openvpn/mullvad_windows.conf.ovpn
Normal file
76
etc/openvpn/mullvad_windows.conf.ovpn
Normal file
@ -0,0 +1,76 @@
|
||||
# Notice to Mullvad customers:
|
||||
#
|
||||
# For those of you behind very restrictive firewalls,
|
||||
# you can use our tunnels on tcp port 443, as well as
|
||||
# on udp port 53.
|
||||
client
|
||||
|
||||
dev tun
|
||||
|
||||
proto udp
|
||||
#proto udp
|
||||
#proto tcp
|
||||
|
||||
remote nl.mullvad.net 1300
|
||||
cipher AES-256-CBC
|
||||
|
||||
#remote openvpn.mullvad.net 443
|
||||
#cipher BF-CBC
|
||||
|
||||
#remote openvpn.mullvad.net 53
|
||||
#cipher BF-CBC
|
||||
|
||||
#remote se.mullvad.net 1300 # Servers in Sweden
|
||||
#cipher AES-256-CBC
|
||||
|
||||
#remote nl.mullvad.net 1300 # Servers in the Netherlands
|
||||
#cipher AES-256-CBC
|
||||
|
||||
#remote de.mullvad.net 1300 # Servers in Germany
|
||||
#cipher AES-256-CBC
|
||||
|
||||
#remote us.mullvad.net 1300 # Servers in the USA
|
||||
#cipher AES-256-CBC
|
||||
|
||||
# Tunnel IPv6 traffic as well as IPv4
|
||||
#tun-ipv6
|
||||
|
||||
# Keep trying indefinitely to resolve the
|
||||
# host name of the OpenVPN server. Very useful
|
||||
# on machines which are not permanently connected
|
||||
# to the internet such as laptops.
|
||||
resolv-retry infinite
|
||||
|
||||
# Most clients don't need to bind to
|
||||
# a specific local port number.
|
||||
nobind
|
||||
|
||||
# Try to preserve some state across restarts.
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
# Enable compression on the VPN link.
|
||||
# Don't enable this unless it is also
|
||||
# enabled in the server config file.
|
||||
comp-lzo
|
||||
|
||||
# Set log file verbosity.
|
||||
verb 3
|
||||
|
||||
remote-cert-tls server
|
||||
|
||||
ping-restart 60
|
||||
|
||||
# Daemonize
|
||||
service mullvadopenvpn
|
||||
|
||||
ping 10
|
||||
|
||||
ca ca.crt
|
||||
cert mullvad.crt
|
||||
key mullvad.key
|
||||
|
||||
crl-verify crl.pem
|
||||
|
||||
# Limit range of possible TLS cipher-suites
|
||||
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-SEED-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
|
58
etc/openvpn/update-resolv-conf
Executable file
58
etc/openvpn/update-resolv-conf
Executable file
@ -0,0 +1,58 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# Parses DHCP options from openvpn to update resolv.conf
|
||||
# To use set as 'up' and 'down' script in your openvpn *.conf:
|
||||
# up /etc/openvpn/update-resolv-conf
|
||||
# down /etc/openvpn/update-resolv-conf
|
||||
#
|
||||
# Used snippets of resolvconf script by Thomas Hood and Chris Hanson.
|
||||
# Licensed under the GNU GPL. See /usr/share/common-licenses/GPL.
|
||||
#
|
||||
# Example envs set from openvpn:
|
||||
#
|
||||
# foreign_option_1='dhcp-option DNS 193.43.27.132'
|
||||
# foreign_option_2='dhcp-option DNS 193.43.27.133'
|
||||
# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
|
||||
#
|
||||
|
||||
[ -x /sbin/resolvconf ] || exit 0
|
||||
[ "$script_type" ] || exit 0
|
||||
[ "$dev" ] || exit 0
|
||||
|
||||
split_into_parts()
|
||||
{
|
||||
part1="$1"
|
||||
part2="$2"
|
||||
part3="$3"
|
||||
}
|
||||
|
||||
case "$script_type" in
|
||||
up)
|
||||
NMSRVRS=""
|
||||
SRCHS=""
|
||||
for optionvarname in ${!foreign_option_*} ; do
|
||||
option="${!optionvarname}"
|
||||
echo "$option"
|
||||
split_into_parts $option
|
||||
if [ "$part1" = "dhcp-option" ] ; then
|
||||
if [ "$part2" = "DNS" ] ; then
|
||||
NMSRVRS="${NMSRVRS:+$NMSRVRS }$part3"
|
||||
elif [ "$part2" = "DOMAIN" ] ; then
|
||||
SRCHS="${SRCHS:+$SRCHS }$part3"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
R=""
|
||||
[ "$SRCHS" ] && R="search $SRCHS
|
||||
"
|
||||
for NS in $NMSRVRS ; do
|
||||
R="${R}nameserver $NS
|
||||
"
|
||||
done
|
||||
echo -n "$R" | /sbin/resolvconf -a "${dev}.openvpn"
|
||||
;;
|
||||
down)
|
||||
/sbin/resolvconf -d "${dev}.openvpn"
|
||||
;;
|
||||
esac
|
||||
|
Loading…
Reference in New Issue
Block a user