diff --git a/build_key-pass.sh b/build_key-pass.sh index 1a888a1..afbe8e7 100755 --- a/build_key-pass.sh +++ b/build_key-pass.sh @@ -171,6 +171,15 @@ fi [[ -n "$OPENVPN_SERVER" ]] || fatal "OpenVPN Server (parameter OPENVPN_SERVER ) not present!" [[ -n "$SERVER_PORT" ]] || fatal "Server Port (parameter SERVER_PORT ) not present!" +if [[ -z "$LZO_COMPRESSION" ]]; then + LZO_COMPRESSION=true +elif [[ "$LZO_COMPRESSION" = "yes" ]] ; then + LZO_COMPRESSION=true +else + LZO_COMPRESSION=false +fi + + EASY_RSA_DIR="${OPENVPN_BASE_DIR}/easy-rsa" OPENVPN_CCD_DIR="${OPENVPN_BASE_DIR}/ccd/server-${OPENVPN_NAME}" @@ -521,7 +530,16 @@ cat <> "$_client_conf_file" 2>> "$log_file" # Enable compression on the VPN link. # Don't enable this unless it is also # enabled in the server config file. +;comp-lzo +EOF + +if $LZO_COMPRESSION ; then + cat <> ${_server_conf_file} 2>> "$log_file" comp-lzo +EOF +fi + +cat <> ${_server_conf_file} 2>> "$log_file" # Verbosity level. # 0 -- quiet except for fatal errors. diff --git a/create_key_config.sh b/create_key_config.sh index fce9680..94e2a93 100755 --- a/create_key_config.sh +++ b/create_key_config.sh @@ -180,6 +180,13 @@ fi [[ "${SERVER_CIPHER,,}" = "none" ]] && SERVER_CIPHER="" +if [[ -z "$LZO_COMPRESSION" ]]; then + LZO_COMPRESSION=true +elif $LZO_COMPRESSION ; then + LZO_COMPRESSION=true +else + LZO_COMPRESSION=false +fi EASY_RSA_DIR="${OPENVPN_BASE_DIR}/easy-rsa" @@ -505,7 +512,16 @@ cat <> "$_client_conf_file" 2>> "$log_file" # Enable compression on the VPN link. # Don't enable this unless it is also # enabled in the server config file. +;comp-lzo +EOF + +if $LZO_COMPRESSION ; then + cat <> ${_server_conf_file} 2>> "$log_file" comp-lzo +EOF +fi + +cat <> ${_server_conf_file} 2>> "$log_file" # Verbosity level. # 0 -- quiet except for fatal errors. diff --git a/install_openvpn.sh b/install_openvpn.sh index e188b05..6ec3fa7 100755 --- a/install_openvpn.sh +++ b/install_openvpn.sh @@ -477,23 +477,6 @@ echo -e "\033[32m--\033[m" echo "Parameters for Server Configurations" echo -e "\033[32m--\033[m" -echo "" -echo "Set OpenVPN Network used for the connection." -echo "" -OPENVPN_NETWORK="" -echononl "OpenVPN Network: " -read OPENVPN_NETWORK -while [ "X$OPENVPN_NETWORK" = "X" ] ; do - echo -e "\n\t\033[33m\033[1mSetting 'OpenVPN Server' is required!\033[m\n" - echononl "OpenVPN Network: " - read OPENVPN_NETWORK -done -OPENVPN_SERVER_IP="${OPENVPN_NETWORK%.*}.1" - -echo "" -echo -e "\033[32m--\033[m" -echo "" - echo "" echo "Set server-side 'cryptographic cipher'." echo "" @@ -518,6 +501,36 @@ if [[ "$(trim ${SERVER_CIPHER,,})" = none ]]; then SERVER_CIPHER="" fi +echo "" +echo "" +echo "Enable LZO compression" +echo "" +echononl "Enable LZO compression (yes/no) [no]: " +read OK +echo "" +if [[ "$(trim ${OK,,})" = "yes" ]] ; then + LZO_COMPRESSION=true +else + LZO_COMPRESSION=false +fi + +echo "" +echo "Set OpenVPN Network used for the connection." +echo "" +OPENVPN_NETWORK="" +echononl "OpenVPN Network: " +read OPENVPN_NETWORK +while [ "X$OPENVPN_NETWORK" = "X" ] ; do + echo -e "\n\t\033[33m\033[1mSetting 'OpenVPN Server' is required!\033[m\n" + echononl "OpenVPN Network: " + read OPENVPN_NETWORK +done +OPENVPN_SERVER_IP="${OPENVPN_NETWORK%.*}.1" + +echo "" +echo -e "\033[32m--\033[m" +echo "" + echo "" echo -e "\033[32m--\033[m" echo "" @@ -701,6 +714,7 @@ if [[ -n "$SERVER_CIPHER" ]] ; then else echo -e "\tServer cipher setting...............: \033[33mNone\033[m" fi +echo -e "\tLZO compression.....................: $LZO_COMPRESSION" echo "" if [[ ${#REMOTE_NETWORK_ARR[@]} -gt 0 ]]; then echo -e "\tRemote networks to push to cliente..: ${REMOTE_NETWORK_ARR[@]}" @@ -822,9 +836,19 @@ cat << EOF >> $_openvpn_name_conf_file 2> $log_file # - Parameters for Server Configurations # --- -OPENVPN_NETWORK="$OPENVPN_NETWORK" +EOF +if $LZO_COMPRESSION ; then + cat << EOF >> $_openvpn_name_conf_file 2> $log_file +LZO_COMPRESSION="yes" EOF +else + cat << EOF >> $_openvpn_name_conf_file 2> $log_file +LZO_COMPRESSION="no" + +EOF +fi + if [[ -n "$SERVER_CIPHER" ]] ; then cat << EOF >> $_openvpn_name_conf_file 2> $log_file SERVER_CIPHER="$SERVER_CIPHER" @@ -837,6 +861,11 @@ SERVER_CIPHER="none" EOF fi +cat << EOF >> $_openvpn_name_conf_file 2> $log_file +OPENVPN_NETWORK="$OPENVPN_NETWORK" + +EOF + if [[ ${#REMOTE_NETWORK_ARR[@]} -gt 0 ]] ; then cat << EOF >> $_openvpn_name_conf_file 2> $log_file REMOTE_NETWORKS="${REMOTE_NETWORK_ARR[@]}" @@ -1752,7 +1781,16 @@ cat <> ${_server_conf_file} 2>> "$log_file" # Enable compression on the VPN link. # If you enable it here, you must also # enable it in the client config file. +;comp-lzo +EOF + +if $LZO_COMPRESSION ; then + cat <> ${_server_conf_file} 2>> "$log_file" comp-lzo +EOF +fi + +cat <> ${_server_conf_file} 2>> "$log_file" # The maximum number of concurrently connected # clients we want to allow.