Compile and install ocserv on Debian 10
preparation
apt-get install libgnutls28-dev libwrap0-dev \
libpam0g-dev liblz4-dev libseccomp-dev \
libreadline-dev libnl-route-3-dev \
libkrb5-dev build-essential pkg-config \
gnutls-bin libev-dev libev-dev ocserv \
protobuf-compiler libprotobuf-dev -y
download ocserv stable version
wget ftp://ftp.infradead.org/pub/ocserv/ocserv-0.12.6.tar.xz
tar xvf ocserv-0.12.6.tar.xz
./configure
make && make install
ln -sf /usr/local/sbin/ocserv /usr/sbin/ocserv
revise ocserv.conf
-
默认配置位置在
/etc/ocserv/ocserv.conf
-
新增用户、配置SSL证书
turn on ip_forward
下面端口号443为配置文件中的服务端口
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -j MASQUERADE
iptables -A INPUT -p tcp -m state --state NEW --dport 443 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW --dport 443 -j ACCEPT
manual start parameter
ocserv -f -d 4
use systemd to start
systemctl start ocserv
Back to Table of Contents
Disclaimer
- License under
CC BY-NC 4.0
- Copyright issue feedback
me#imzye.com
, replace # with @ - Not all the commands and scripts are tested in production environment, use at your own risk
- No personal information is collected.
Feedback