用pkitool实际上比build要省事~~ ,没那么多交互。只是现在一搜索满屏幕都是build方式安装。。
 
wget http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm               
rpm -ivh rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
yum -y install open***-2.2.0 lzo-2.04 bridge-utils
 
cat > /etc/sysconfig/network-scripts/ifcfg-eth1 < DEVICE=eth1
ONBOOT=yes
BRIDGE=br0
SKS

cat > /etc/sysconfig/network-scripts/ifcfg-br0 < DEVICE=br0
TYPE=Bridge
IPADDR=192.168.9.99
NETMASK=255.255.255.0
ONBOOT=yes
SKS

/etc/init.d/network restart
open*** --mktun --dev tap0
ifconfig tap0 up
brctl addif br0 tap0
brctl show
 
 
cp -r /usr/share/doc/open***-2.2.0/easy-rsa/ /etc/open***/
cp /usr/share/doc/open***-2.2.0/sample-config-files/server.conf /etc/open***/
cd /etc/open***/easy-rsa/2.0/
chmod a+x ./*
 
 
source vars
./clean-all
./build-dh 
./pkitool --initca
./pkitool --server gamewaveBJ
./pkitool client1
 
cat > /etc/open***/server.conf << SKS
port 1194
proto tcp
dev tap0
ca   ./easy-rsa/2.0/keys/ca.crt
cert ./easy-rsa/2.0/keys/gamewaveBJ.crt
key  ./easy-rsa/2.0/keys/gamewaveBJ.key
dh   ./easy-rsa/2.0/keys/dh1024.pem
server-bridge 192.168.9.0 255.255.255.0 192.168.9.200 192.168.9.250
push "route 192.168.9.0 255.255.255.0"
client-to-client
duplicate-cn
keepalive 10 120
#tls-auth ta.key 0
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status open***-status.log
log /var/log/open***.log
verb 3
SKS
 
/etc/init.d/open*** start
 
cd  keys
sz ca.crt client1.crt client1.key