**Sitemap - [[http://n6xre.duckdns.org:8080/dokuwiki/doku.php?id=start&do=index|8080]] - [[http://n6xre.duckdns.org:73/dokuwiki/doku.php?id=start&do=index|73]]** \\ ----

Sitemap

\\ [[books#pdf_documents|PDF Documents and Plugin]] \\ [[wiki:main_page#embed_videos_playlists_instructions|Embed videos & playlists Instructions]]\\ [[Raspberry Pi]] - [[ZFS]] - [[cw#echolink|CW]] - [[raspberry_pi#manet|Manet]] \\ [[Programming And Computing]] \\ Tweet to @glassparrot \\

My Twitter

Google Search \\ **[[firewalls#quick_and_dirty_vpn_server_with_pptpd|VPN]] - [[firewalls#squid_proxy_documentation|SQUID]] - [[firewalls#tor_on_raspbian|Tor]] - [[firewalls#i2p_on_raspbian|I2P]]** \\ **[[http://192.168.11.115:8080|qBittorrent-nox]] - 115** \\ ===== - Webmin Documentation ===== **[[firewalls#top|Top]]** \\ https://doxfer.webmin.com/Webmin/Main_Page \\ \\ ===== - Firewalls ===== **[[firewalls#top|Top]]** \\ https://wiki.debian.org/Firewalls \\ Firewalls-Debian_Wiki.pdf \\ {{obj:noreference 800,800 > http://n6xre.duckdns.org:8080/dokuwiki/pdf/Firewalls-Debian_Wiki.pdf}} \\ ===== - How to use Raspberry Pi as a wireless router with firewall? ===== **[[firewalls#top|Top]]** \\ [[https://www.amazon.com/gp/product/B07TKFFCF1/|Vilros - Raspberry Pi 4 Basic Kit [2GB]]] - Amazon Price:$69.99 \\ **VPN - SQUID - Tor - I2P - ZFS** \\ See [[asterisk#nerdvittles|Desktop Dream Machine: It’s Incredible PBX for VirtualBox]] \\ https://learn.adafruit.com/setting-up-a-raspberry-pi-as-a-wifi-access-point/overview \\ https://raspberrytips.com/raspberry-pi-firewall/ \\ \\ **[[firewalls#top|Top]]** \\ Raspbian for PC \\ https://www.osboxes.org/raspbian/ \\ \\ ===== - USB 3.0 Hub Ethernet with USB C Adapter, 3 Port USB 3.0 ===== **Splitter Gigabit Ethernet Hub + USB C HUB Network RJ45 1000Mbps USB Extender - Price:$16.99** \\ **[[firewalls#top|Top]]** \\ https://www.amazon.com/gp/product/B07G8VZ51Z/ \\ USB 3.0_Hub_Ethernet_with_USB-Amazon.pdf \\ {{obj:noreference 800,800 > http://n6xre.duckdns.org:8080/dokuwiki/pdf/USB 3.0_Hub_Ethernet_with_USB-Amazon.pdf}} \\ [[https://www.amazon.com/gp/product/B00KFD0SYK/|NETGEAR 8-Port Gigabit Ethernet Unmanaged Switch, Desktop, Internet Splitter, Fanless, Plug-and-Play (GS208)]] - Amazon Price:$16.99 \\ ===== - Linux Advanced Routing & Traffic Control HOWTO ===== **[[firewalls#top|Top]]** \\ http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.cookbook.ultimate-tc.html \\ \\ ===== - Iptables-tutorial ===== **[[firewalls#top|Top]]** \\ https://www.frozentux.net/documents/iptables-tutorial/ \\ \\ ===== - Firewalls with iptables and ipchains-tutorial ===== **[[firewalls#top|Top]]** \\ http://etutorials.org/Linux+systems/linux+security/Chapter+2.+Firewalls+with+iptables+and+ipchains/ \\ \\ ===== - How To Set Up a Firewall with GUFW on Linux ===== **[[firewalls#top|Top]]** \\ https://www.linuxadminqa.com/how-to-set-up-a-firewall-with-gufw-on-linux/ \\ \\ ===== - Fast and Easy Free VPN from Google - The Open Source OUTLINE - Hak5 2403 ===== **[[firewalls#top|Top]]** \\ **Also see other Youtubes HERE - [[linux#fast_free_and_easy_vpn_build_in_minutes_-_hak5_2022|Fast, Free, and Easy VPN Build in Minutes - Hak5 2022]]** \\ [[https://github.com/Nyr/openvpn-install|Setting up an OpenVPN Server on Debian, Ubuntu and CentOS]] \\ [[https://github.com/StarshipEngineer/OpenVPN-Setup|Setting up an OpenVPN Server on Raspberry P]] \\ https://youtu.be/04EmeXSZo_0 \\ \\


Install and setup OpenVPN

apt-get update; apt-get install openvpn easy-rsa

gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz  /etc/openvpn/server.conf

nano /etc/openvpn/server.conf 

replace dh1024.pem with dh2048.pem
#uncomment push "redirect-gateway def1 bypass-dhcp"
#uncomment push "dhcp-option DNS" and replace IP addresses with your fav DNS
#uncomment user nobody
#uncomment group nogroup
#save and exit

Setup Firewall

#Enable IP forwarding
echo 1  /proc/sys/net/ipv4/ip_forward

nano /etc/sysctl.conf
#uncomment net.ipv4.ip_forward=1
#save and exit

#Configure firewall.

ufw status
ufw allow ssh
ufw allow 1194/udp

#Let packets forward through the VPS by changing for forward policy to accept

nano /etc/default/ufw
#replace DROP with ACCEPT in DEFAULT_FORWARD_POLICY="DROP"
#save and exit

#Enable NAT and IP masquerading for clients
nano /etc/ufw/before.rules
#Add the following near the top
*nat
:POSTROUTING ACCEPT [0:0] 
-A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE
COMMIT

ufw status

Setup Keys and Start the Server

cp -r /usr/share/easy-rsa/ /etc/openvpn
mkdir /etc/openvpn/easy-rsa/keys

nano /etc/openvpn/easy-rsa/vars
#change export KEY_* values
#set KEY_NAME to "server"
#save and exit

#Generate the 2048 bit Diffie-Hellman pem file we pointed to in the openvpn config
openssl dhparam -out /etc/openvpn/dh2048.pem 2048

#move to the easy-rsa directory

cd /etc/openvpn/easy-rsa

#Set the variables we configured
. ./vars
./clean-all
./build-ca #Accept all defaults 
./build-key-server server #Accept all defaults 

#Move the newly generated certificates to /etc/openvpn
cp /etc/openvpn/easy-rsa/keys/server.crt,server.key,ca.crt /etc/openvpn

#In /etc/openvpn we should have a server.conf, server.crt, server.key, ca.crt and dh2048.pem

#start the OpenVPN service
service openvpn start
service openvpn status

Setup keys for the first client

./build-key client
ls keys

#Make a new directory to merge the client configuration and keys
mkdir ~/client

#Copy the example client configuration renaming the file extension from conf to ovpn
cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf ~/client/pineapple.ovpn

cd /etc/openvpn/easy-rsa/keys
cp client.crt client.key client.ovpn ~/client
cp /etc/openvpn/ca.crt ~/client

Securely copy client.crt, client.key, ca.crt and client.ovpn to your client device

cd ~/client

#determine public IP address
ifconfig

nano pineapple.ovpn
# find remote and replace my-server-1 with IP address of VPN server
# uncomment group nogroup
# uncomment user nobody
# comment out the ca, cert and key directives
# save and exit

echo "ca" to pineapple.ovpn
cat ca.crt to pineapple.ovpn
echo "/ca" to pineapple.ovpn

echo "cert" to pineapple.ovpn
cat client.crt to pineapple.ovpn
echo "/cert" to pineapple.ovpn

echo "key" to pineapple.ovpn
cat client.key to pineapple.ovpn
echo "/key" to pineapple.ovpn

**[[firewalls#top|Top]]** \\ http://n6xre.duckdns.org:8000/wikipedia_en_all_novid_2017-08/A/OpenVPN.html \\ \\ **[[firewalls#top|Top]]** \\ http://www.pivpn.io/ \\ \\ **[[firewalls#top|Top]]** \\ https://www.bing.com/search?q=OpenVPN+Documentation \\ \\ ===== - Quick and Dirty VPN Server with pptpd ===== **[[firewalls#top|Top]]** \\ **Also see Youtubes - [[firewalls#fast_and_easy_free_vpn_from_google_-_the_open_source_outline_-_hak5_2403|Fast, Free, and Easy VPN Build in Minutes - Hak5 2022]]** \\ https://redfern.me/quick-and-dirty-vpn-server-with-pptpd/ \\ Quick_and_Dirty_VPN_Server_with_pptpd.pdf \\ {{obj:noreference 800,800 > http://n6xre.duckdns.org:8080/dokuwiki/pdf/Quick_and_Dirty_VPN_Server_with_pptpd.pdf}} \\ **[[firewalls#top|Top]]** \\ http://n6xre.duckdns.org:8000/wikipedia_en_all_novid_2017-08/A/Point-to-Point_Tunneling_Protocol.html \\ \\ **[[firewalls#top|Top]]** \\ https://www.bing.com/search?q=Point-to-Point_Tunneling_Protocol+Documentation \\ \\ ===== - Squid Proxy Documentation ===== **[[firewalls#top|Top]]** \\ https://doxfer.webmin.com/Webmin/Squid_Proxy_Server \\ \\ **[[firewalls#top|Top]]** \\ https://www.bing.com/search?q=Squid+Proxy+Documentation \\ \\ **[[firewalls#top|Top]]** \\ http://n6xre.duckdns.org:8000/wikipedia_en_all_novid_2017-08/A/Squid_(software).html \\ \\ ===== - Privoxy Documentation ===== **[[firewalls#top|Top]]** \\ https://www.bing.com/search?q=Privoxy+Documentation \\ \\ **[[firewalls#top|Top]]** \\ http://n6xre.duckdns.org:8000/wikipedia_en_all_novid_2017-08/A/Privoxy.html \\ \\ **[[firewalls#top|Top]]** \\ http://www.privoxy.org/ \\ \\ ===== - Tor on Raspbian ===== **[[firewalls#top|Top]]** \\ **[[http://192.168.11.115:8080|qBittorrent-nox]] - 115** \\ https://www.bing.com/search?q=Tor+on+Raspbian \\ \\ **[[firewalls#top|Top]]** \\ http://n6xre.duckdns.org:8000/wikipedia_en_all_novid_2017-08/A/Tor_(anonymity_network).html \\ \\ **[[firewalls#top|Top]]** \\ https://tektab.com/2015/11/19/setting-up-tor-socks-proxy-on-raspberry-pi/ \\ \\ ===== - I2P on Raspbian ===== **[[firewalls#top|Top]]** \\ https://www.bing.com/search?q=I2P+on+Raspbian \\ \\ **[[firewalls#top|Top]]** \\ http://n6xre.duckdns.org:8000/wikipedia_en_all_novid_2017-08/A/I2P.html \\ \\ **[[firewalls#top|Top]]** \\ https://linuxconfig.org/i2p-anonymity-for-the-masses?amp;catid=83&jsn_setmobile=yes \\ \\ ===== - Proxy Checker Genius ===== **[[firewalls#top|Top]]** \\ https://www.ipchicken.com/ \\ http://www.proxychecker.ge/ \\ \\