我创建了一个服务来让我的 VPN 始终处于活动状态。每当 OpenVPN 因任何原因断开连接时,服务都会重新启动脚本。首先,脚本将我的 VPN 提供商提供的地址解析为一组 IP 地址,然后相应地更新防火墙。之后,它会启动 VPN 连接。
当我像这样启动我的服务时它运行良好:
sudo systemctl start alwayson
但是它应该在系统启动时自动启动,但启动后我得到:
● alwayson.service - Always on VPN service
Loaded: loaded (/etc/systemd/system/alwayson.service; disabled; vendor preset
Active: inactive (dead)
运行命令后:
systemctl status alwayson
脚本如下:
alwaysson.服务:
[Unit]
Description=Always on VPN service
After=ufw.service
[Service]
Type=idle
Restart=always
RestartSec=3
ExecStart=/bin/bash /home/user/VPN/alwayson-service/run.sh
[Install]
WantedBy=multi-user.target
运行.sh:
echo "Updating FireWall.."
# Remove all rules
list="$(ufw status numbered | awk -F"[][]" '{print $2}' | tac)"
for item in $list
do
echo $item
ufw --force delete $item
done
# let all incoming traffic pass
ufw default deny incoming
# and block outgoing by default
ufw default deny outgoing
ufw allow out to 8.8.8.8
ufw allow in from 8.8.8.8
ufw allow out on tun0
ufw allow out 53
# Allow local IPv4 connections
ufw allow out to 10.0.0.0/8
ufw allow out to 172.16.0.0/12
ufw allow out to 192.168.0.0/24
ufw allow in from 192.168.0.0/24
# Allow IPv4 local multicasts
ufw allow out to 224.0.0.0/24
ufw allow out to 239.0.0.0/8
# Allow local IPv6 connections
ufw allow out to fe80::/64
# Allow IPv6 link-local multicasts
ufw allow out to ff01::/16
# Allow IPv6 site-local multicasts
ufw allow out to ff02::/16
ufw allow out to ff05::/16
# Update Rules for VPN
list="$(dig +short remote 4-1-gb.cg-dialup.net)"
for item in $list
do
echo $item
ufw allow out to $item
ufw allow in from $item
done
# Enable the firewall
ufw enable
openvpn --config /home/doctor/VPN/UK/openvpn.ovpn --script-security 2 --up /home/doctor/VPN/alwayson-service/up.sh --down /home/doctor/VPN/alwayson-service/down.sh --up-restart
有人能给我一些关于如何在启动时运行它的建议吗?
答案1
您需要启用该服务才能使其在启动时运行。请运行:
sudo systemctl enable alwayson.service
然后它应该在重启后自动工作。