#!/bin/bash

# Install-PPTP © Copyright 2012, Ward Mundy & Associates LLC. All Right Reserved
#
#                    Install-PPTP 1.0 is licensed under the GPL2 license
#
#  For a copy of license, visit http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
#
#   For additional information, contact us: http://pbxinaflash.com/about/comment.php

clear
if [ -e "/usr/bin/gvoice" ] ; then
 echo "Install-PPTP (c) Copyright 2012, Ward Mundy & Associates, LLC"
 echo "The Install-PPTP installer is for PBX in a Flash 2 systems ONLY!"
 echo "install-pptp is free software provided AS IS subject to GPL2 license."
 echo "NEVER RUN THIS INSTALLER ON THE SAME SYSTEM MORE THAN ONCE!"
 else
 echo "WARNING: The install-pptp installer only works with PBX in a Flash 2."
 echo "You appear to be running an incompatible version. DO NOT PROCEED."
 exit
fi

echo " "
echo "BY USING THE INSTALL-PPTP SCRIPT, YOU AGREE TO ASSUME ALL RISKS."
echo "NO WARRANTY, EXPRESS OR IMPLIED, OF ANY KIND IS PROVIDED INCLUDING" 
echo "ANY IMPLIED WARRANTIES OF FITNESS FOR USE OR MERCHANTABILITY. SOFTWARE"
echo "IS DISTRIBUTED AS IS. YOU ALONE MUST DECIDE ITS SUITABILITY FOR USE." 
echo " "

read -p "To proceed at your own risk, press Enter. Otherwise, Ctrl-C to abort."

clear


cd /root

echo "Before we begin, here's what we show"
echo "for your PUBLIC and PRIVATE IP addresses:"
externip=`curl -s -S --user-agent "Mozilla/4.0" http://myip.pbxinaflash.com | \
awk 'NR==2'`

echo "PUBLIC:  $externip"

internip=`ifconfig | grep -m 2 ^ | cut -f 2 -d ":" | cut -f 1 -d " " | tail -1`

echo "PRIVATE: $internip"

if [ "$externip" == "$internip"  ]; then
 echo "Your PUBLIC and PRIVATE addresses match."
 echo "This installer is only suitable  for use"
 echo "behind a hardware-based firewall where your"
 echo "PUBLIC and PRIVATE addresses do NOT match."
 exit 1
else
 echo "Good news. Your network setup is suitable"
 echo "for use with this PPTP installation software."
 echo " "
 echo "First, pause here for a moment and configure"
 echo "your hardware-based firewall. You need to map"
 echo "TCP port 1723 to your server's LAN IP: $internip"
 echo "Complete tutorial here: http://nerdvittles.com/?p=817"
 read -p "Once you've done that, press Enter. Or, press Ctrl-C to abort."
 echo " "
 echo "Second, we need a dedicated PRIVATE IP address"
 echo "for the PPTP server on your ${internip%.*}.0 network."
 echo "The correct format should look like: ${internip%.*}.40"
 echo "Please enter the PRIVATE IP address you wish to use:"
 read serverip
 echo " "
 echo "You entered the following SERVER IP: $serverip"
 echo "NO ERROR CHECKING OF YOUR ENTRY WILL TAKE PLACE!"
 echo "So check your entry above carefully to avoid a mess."
 read -p "If this is correct, press Enter. Otherwise, Ctrl-C to abort."
 echo " "
 echo "Third, we need 2 or more dedicated PRIVATE IP addresses for"
 echo "PPTP clients to use to access your ${internip%.*}.0 network."
 echo "The correct syntax should look like: ${internip%.*}.41-49"
 echo "Enter the PRIVATE address range to use on your ${internip%.*}.0 network:"
 read clientip
 echo " "
 echo "You entered the following CLIENT IP address range: $clientip"
 echo "NO ERROR CHECKING OF YOUR ADDRESS RANGE WILL TAKE PLACE!"
 echo "So check your entry VERY carefully to avoid a mess."
 read -p "If the address range is O.K., press Enter OR Ctrl-C to abort."
 echo " "
 echo "Fourth, we need an obscure username to be used to log into PPTP VPN."
 echo "You'll only have to enter this once on each client so make it ObScure."
 echo "Here are some examples: rOBodad66, mAchoMAn143, DisCoBaLL9822."
 echo "What username would you like to use?"
 read username
 echo " "
 echo "You have chosen to use the following username: $username"
 echo " "
 echo "Finally, we need a VERY SECURE password to use with this username."
 echo "Here are some examples: 78Fy346Q, 993DcHH4, Li88GGhr."
 echo "We strongly recommend using 8 or more alphanumeric characters!"
 echo "If this code is broken, the hacker gains access to your entire LAN!"
 echo "What user password would you like to use:"
 read userpass
 echo " "
fi
 echo "OK. We are ready to begin. Here is where I think we are."
 echo "1 - You mapped TCP 1723 on your firewall to $internip." 
 echo "2 - You assigned $serverip as the dedicated PPTP server IP."
 echo "3 - You assigned $clientip as the client IP address range."
 echo "4 - You assigned $username as username for access to your server."
 echo "5 - You assigned $userpass as password for access to your server."
 echo "Make sure that none of the IP addresses in #2 and #3 will EVER"
 echo "be used by any other device on your ${internip%.*}.0 network!"
 echo "Make certain your SERVER IP is NOT in the CLIENT IP address range!"
 read -p "If everything above is correct, press Enter. Or Ctrl-C to abort."
 echo " "
 echo "PPTP installation is beginning..."
 
test=`rpm -q ppp | grep "not installed"`
if [ -z "$test" ]
then
 echo "PPP already installed."
else
 echo "Installing PPP..."
 yum -y install ppp
fi

echo "Installing appropriate PPTP daemon..."
test=`uname -a | grep x86_64`
if [ -z "$test" ]
then
 echo "This is 32-bit CentOS system."
 wget http://incrediblepbx.com/pptpd-1.3.4-2.el6.i686.rpm
 rpm -Uvh pptpd*
else
 echo "This is 64-bit CentOS system."
 wget http://incrediblepbx.com/pptpd-1.3.4-2.el6.x86_64.rpm
 rpm -Uvh pptpd*
fi

test=`rpm -q pptpd | grep "not installed"`
if [ -z "$test" ]
then
 echo "pptpd successfully installed."
else
 echo "PPTP daemon failed to install. Exiting..."
 exit 1
fi

echo "localip $serverip" >> /etc/pptpd.conf
echo "remoteip $clientip" >> /etc/pptpd.conf

echo "ms-dns 8.8.8.8" >>  /etc/ppp/options.pptpd

echo "$username pptpd $userpass *" >> /etc/ppp/chap-secrets

sed -i 's|net.ipv4.ip_forward = 0|net.ipv4.ip_forward = 1|' /etc/sysctl.conf
sysctl -p

sed -i '
/\-A INPUT \-p udp \-m udp \-\-dport 123 \-j ACCEPT/ {
a\
# PPTP requires TCP 1723 port opening\
-A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
}' /etc/sysconfig/iptables
service iptables restart

sed -i '
/\-A INPUT \-p udp \-m udp \-\-dport 123 \-j ACCEPT/ {
a\
# PPTP requires TCP 1723 port opening\
-A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
}' /etc/sysconfig/iptables.orig

sed -i '
/\-A INPUT \-p udp \-m udp \-\-dport 123 \-j ACCEPT/ {
a\
# PPTP requires TCP 1723 port opening\
-A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
}' /root/iptables.orig

service pptpd start
chkconfig pptpd on

clear
echo " "
echo "PPTP installation completed."
echo "Using a PPTP client on Windows, Mac, or Smartphone,"
echo "you now can log in to your server with the following:"
echo "Server: $externip"
echo "User:   $username"
echo "Passwd: $userpass"
echo " "
echo "Once the connection is established, you will be"
echo "assigned the next available PRIVATE IP address on"
echo "your LAN in the range: $clientip"
echo " "
echo "You then can access any device on your PRIVATE LAN"
echo "using whatever is appropriate, e.g. SSH, HTTP, SIP..."
echo " "
