Возможно ли использовать ВПН в скрипте?

Encoder95

Добрый вечер. Есть ли возможность вписать в скрипт использование ВПН (для смены айпи после каждого цикла)? Допустим если это расширение в браузере или отдельное приложение?

DrPrime

@Encoder95 используйте openvpn и конфиги вашего впн сервиса(нужно уточнять у сервиса есть ли конфиги под openvpn)
Потом просто через запустить процесс можно переподключать новый vpn

HorseHorse

@DrPrime а подробней?

bronshik

У меня та же проблема. Спрашивал у техподдержки впн, они ответили все можно -типа работайте с приложением из командной строки и все)) без подробностей. Подскажите как переключать айпи!!

bronshik

Запустил впн-приложение в смd, получил вот такой лист... может посоветуйте что делать для смены ip??

                          has been verified.

--management-client-pf : management interface clients must specify a packet
filter file for each connecting client.
--plugin m [str]: Load plug-in module m passing str as an argument
to its initialization function.

Multi-Client Server options (when --mode server is used):
--server network netmask : Helper option to easily configure server mode.
--server-ipv6 network/bits : Configure IPv6 server mode.
--server-bridge [IP netmask pool-start-IP pool-end-IP] : Helper option to
easily configure ethernet bridging server mode.
--push "option" : Push a config file option back to the peer for remote
execution. Peer must specify --pull in its config file.
--push-reset : Don't inherit global push list for specific
client instance.
--ifconfig-pool start-IP end-IP [netmask] : Set aside a pool of subnets
to be dynamically allocated to connecting clients.
--ifconfig-pool-linear : Use individual addresses rather than /30 subnets
in tun mode. Not compatible with Windows clients.
--ifconfig-pool-persist file [seconds] : Persist/unpersist ifconfig-pool
data to file, at seconds intervals (default=600).
If seconds=0, file will be treated as read-only.
--ifconfig-ipv6-pool base-IP/bits : set aside an IPv6 network block
to be dynamically allocated to connecting clients.
--ifconfig-push local remote-netmask : Push an ifconfig option to remote,
overrides --ifconfig-pool dynamic allocation.
Only valid in a client-specific config file.
--ifconfig-ipv6-push local/bits remote : Push an ifconfig-ipv6 option to
remote, overrides --ifconfig-ipv6-pool allocation.
Only valid in a client-specific config file.
--iroute network [netmask] : Route subnet to client.
--iroute-ipv6 network/bits : Route IPv6 subnet to client.
Sets up internal routes only.
Only valid in a client-specific config file.
--disable : Client is disabled.
Only valid in a client-specific config file.
--client-cert-not-required : Don't require client certificate, client
will authenticate using username/password.
--username-as-common-name : For auth-user-pass authentication, use
the authenticated username as the common name,
rather than the common name from the client cert.
--auth-user-pass-verify cmd method: Query client for username/password and
run command cmd to verify. If method='via-env', pass
user/pass via environment, if method='via-file', pass
user/pass via temporary file.
--opt-verify : Clients that connect with options that are incompatible
with those of the server will be disconnected.
--auth-user-pass-optional : Allow connections by clients that don't
specify a username/password.
--no-name-remapping : Allow Common Name and X509 Subject to include
any printable character.
--client-to-client : Internally route client-to-client traffic.
--duplicate-cn : Allow multiple clients with the same common name to
concurrently connect.
--client-connect cmd : Run command cmd on client connection.
--client-disconnect cmd : Run command cmd on client disconnection.
--client-config-dir dir : Directory for custom client config files.
--ccd-exclusive : Refuse connection unless custom client config is found.
--tmp-dir dir : Temporary directory, used for --client-connect return file and
plugin communication.
--hash-size r v : Set the size of the real address hash table to r and the
virtual address table to v.
--bcast-buffers n : Allocate n broadcast buffers.
--tcp-queue-limit n : Maximum number of queued TCP output packets.
--tcp-nodelay : Macro that sets TCP_NODELAY socket flag on the server
as well as pushes it to connecting clients.
--learn-address cmd : Run command cmd to validate client virtual addresses.
--connect-freq n s : Allow a maximum of n new connections per s seconds.
--max-clients n : Allow a maximum of n simultaneously connected clients.
--max-routes-per-client n : Allow a maximum of n internal routes per client.
--stale-routes-check n [t] : Remove routes with a last activity timestamp
older than n seconds. Run this check every t
seconds (defaults to n).

Client options (when connecting to a multi-client server):
--client : Helper option to easily configure client mode.
--auth-user-pass [up] : Authenticate with server using username/password.
up is a file containing the username on the first line,
and a password on the second. If either the password or both
the username and the password are omitted OpenVPN will prompt
for them from console.
--pull : Accept certain config file options from the peer as if they
were part of the local config file. Must be specified
when connecting to a '--mode server' remote host.
--auth-retry t : How to handle auth failures. Set t to
none (default), interact, or nointeract.
--static-challenge t e : Enable static challenge/response protocol using
challenge text t, with e indicating echo flag (0|1)
--server-poll-timeout n : when polling possible remote servers to connect to
in a round-robin fashion, spend no more than n seconds
waiting for a response before trying the next server.
--explicit-exit-notify [n] : On exit/restart, send exit signal to
server/remote. n = # of retries, default=1.

Data Channel Encryption Options (must be compatible between peers):
(These options are meaningful for both Static Key & TLS-mode)
--secret f [d] : Enable Static Key encryption mode (non-TLS).
Use shared secret file f, generate with --genkey.
The optional d parameter controls key directionality.
If d is specified, use separate keys for each
direction, set d=0 on one side of the connection,
and d=1 on the other side.
--auth alg : Authenticate packets with HMAC using message
digest algorithm alg (default=SHA1).
(usually adds 16 or 20 bytes per packet)
Set alg=none to disable authentication.
--cipher alg : Encrypt packets with cipher algorithm alg
(default=BF-CBC).
Set alg=none to disable encryption.
--prng alg [nsl] : For PRNG, use digest algorithm alg, and
nonce_secret_len=nsl. Set alg=none to disable PRNG.
--keysize n : Size of cipher key in bits (optional).
If unspecified, defaults to cipher-specific default.
--engine [name] : Enable OpenSSL hardware crypto engine functionality.
--no-replay : Disable replay protection.
--mute-replay-warnings : Silence the output of replay warnings to log file.
--replay-window n [t] : Use a replay protection sliding window of size n
and a time window of t seconds.
Default n=64 t=15
--no-iv : Disable cipher IV -- only allowed with CBC mode ciphers.
--replay-persist file : Persist replay-protection state across sessions
using file.
--test-crypto : Run a self-test of crypto features enabled.
For debugging only.

TLS Key Negotiation Options:
(These options are meaningful only for TLS-mode)
--tls-server : Enable TLS and assume server role during TLS handshake.
--tls-client : Enable TLS and assume client role during TLS handshake.
--key-method m : Data channel key exchange method. m should be a method
number, such as 1 (default), 2, etc.
--ca file : Certificate authority file in .pem format containing
root certificate.
--capath dir : A directory of trusted certificates (CAs and CRLs).
--dh file : File containing Diffie Hellman parameters
in .pem format (for --tls-server only).
Use "openssl dhparam -out dh1024.pem 1024" to generate.
--cert file : Local certificate in .pem format -- must be signed
by a Certificate Authority in --ca file.
--extra-certs file : one or more PEM certs that complete the cert chain.
--key file : Local private key in .pem format.
--tls-version-min <version> ['or-highest'] : sets the minimum TLS version we
will accept from the peer. If version is unrecognized and 'or-highest'
is specified, require max TLS version supported by SSL implementation.
--tls-version-max <version> : sets the maximum TLS version we will use.
--pkcs12 file : PKCS#12 file containing local private key, local certificate
and optionally the root CA certificate.
--verify-hash : Specify SHA1 fingerprint for level-1 cert.
--cryptoapicert select-string : Load the certificate and private key from the
Windows Certificate System Store.
--tls-cipher l : A list l of allowable TLS ciphers separated by : (optional).
: Use --show-tls to see a list of supported TLS ciphers.
--tls-timeout n : Packet retransmit timeout on TLS control channel
if no ACK from remote within n seconds (default=2).
--reneg-bytes n : Renegotiate data chan. key after n bytes sent and recvd.
--reneg-pkts n : Renegotiate data chan. key after n packets sent and recvd.
--reneg-sec n : Renegotiate data chan. key after n seconds (default=3600).
--hand-window n : Data channel key exchange must finalize within n seconds
of handshake initiation by any peer (default=60).
--tran-window n : Transition window -- old key can live this many seconds
after new key renegotiation begins (default=3600).
--single-session: Allow only one session (reset state on restart).
--tls-exit : Exit on TLS negotiation failure.
--tls-auth f [d]: Add an additional layer of authentication on top of the TLS
control channel to protect against DoS attacks.
f (required) is a shared-secret passphrase file.
The optional d parameter controls key directionality,
see --secret option for more info.
--askpass [file]: Get PEM password from controlling tty before we daemonize.
--auth-nocache : Don't cache --askpass or --auth-user-pass passwords.
--crl-verify crl ['dir']: Check peer certificate against a CRL.
--tls-verify cmd: Run command cmd to verify the X509 name of a
pending TLS connection that has otherwise passed all other
tests of certification. cmd should return 0 to allow
TLS handshake to proceed, or 1 to fail. (cmd is
executed as 'cmd certificate_depth subject')
--tls-export-cert [directory] : Get peer cert in PEM format and store it
in an openvpn temporary file in [directory]. Peer cert is
stored before tls-verify script execution and deleted after.
--verify-x509-name name: Accept connections only from a host with X509 subject
DN name. The remote host must also pass all other tests
of verification.
--ns-cert-type t: Require that peer certificate was signed with an explicit
nsCertType designation t = 'client' | 'server'.
--x509-track x : Save peer X509 attribute x in environment for use by
plugins and management interface.
--remote-cert-ku v ... : Require that the peer certificate was signed with
explicit key usage, you can specify more than one value.
value should be given in hex format.
--remote-cert-eku oid : Require that the peer certificate was signed with
explicit extended key usage. Extended key usage can be encoded

              as an object identifier or OpenSSL string representation.

--remote-cert-tls t: Require that peer certificate was signed with explicit
key usage and extended key usage based on RFC3280 TLS rules.
t = 'client' | 'server'.

PKCS#11 Options:
--pkcs11-providers provider ... : PKCS#11 provider to load.
--pkcs11-protected-authentication [0|1] ... : Use PKCS#11 protected authenticati
on
path. Set for each provider.
--pkcs11-private-mode hex ... : PKCS#11 private key mode mask.
0 : Try to determind automatically (default
).
1 : Use Sign.
2 : Use SignRecover.
4 : Use Decrypt.
8 : Use Unwrap.
--pkcs11-cert-private [0|1] ... : Set if login should be performed before
certificate can be accessed. Set for each prov
ider.
--pkcs11-pin-cache seconds : Number of seconds to cache PIN. The default is
-1
cache until token is removed.
--pkcs11-id-management : Acquire identity from management interface.
--pkcs11-id serialized-id 'id' : Identity to use, get using standalone --show-p
kcs11-ids

SSL Library information:
--show-ciphers : Show cipher algorithms to use with --cipher option.
--show-digests : Show message digest algorithms to use with --auth option.
--show-engines : Show hardware crypto accelerator engines (if available).
--show-tls : Show all TLS ciphers (TLS used only as a control channel).

Windows Specific:
--win-sys path : Pathname of Windows system directory. Default is the pathnam
e
from SystemRoot environment variable.
--ip-win32 method : When using --ifconfig on Windows, set TAP-Windows adapter
IP address using method = manual, netsh, ipapi,
dynamic, or adaptive (default = adaptive).
Dynamic method allows two optional parameters:
offset: DHCP server address offset (> -256 and < 256).
If 0, use network address, if >0, take nth
address forward from network address, if <0,
take nth address backward from broadcast
address.
Default is 0.
lease-time: Lease time in seconds.
Default is one year.
--route-method : Which method to use for adding routes on Windows?
adaptive (default) -- Try ipapi then fall back to exe.
ipapi -- Use IP helper API.
exe -- Call the route.exe shell command.
--dhcp-option type [parm] : Set extended TAP-Windows properties, must
be used with --ip-win32 dynamic. For options
which allow multiple addresses,
--dhcp-option must be repeated.
DOMAIN name : Set DNS suffix
DNS addr : Set domain name server address(es)
NTP : Set NTP server address(es)
NBDD : Set NBDD server address(es)
WINS addr : Set WINS server address(es)
NBT type : Set NetBIOS over TCP/IP Node type
1: B, 2: P, 4: M, 8: H
NBS id : Set NetBIOS scope ID
DISABLE-NBT : Disable Netbios-over-TCP/IP.
--dhcp-renew : Ask Windows to renew the TAP adapter lease on startup.
--dhcp-pre-release : Ask Windows to release the previous TAP adapter lease on
startup.
--dhcp-release : Ask Windows to release the TAP adapter lease on shutdown.
--register-dns : Run net stop dnscache, net start dnscache, ipconfig /flushdns
and ipconfig /registerdns on connection initiation.
--tap-sleep n : Sleep for n seconds after TAP adapter open before
attempting to set adapter properties.
--pause-exit : When run from a console window, pause before exiting.
--service ex [0|1] : For use when OpenVPN is being instantiated by a
service, and should not be used directly by end-users.
ex is the name of an event object which, when
signaled, will cause OpenVPN to exit. A second
optional parameter controls the initial state of ex.
--show-net-up : Show OpenVPN's view of routing table and net adapter list
after TAP adapter is up and routes have been added.
--block-outside-dns : Block DNS on other network adapters to prevent DNS leaks

Windows Standalone Options:

--show-adapters : Show all TAP-Windows adapters.
--show-net : Show OpenVPN's view of routing table and net adapter list.
--show-valid-subnets : Show valid subnets for --dev tun emulation.
--allow-nonadmin [TAP-adapter] : Allow OpenVPN running without admin privileges
to access TAP adapter.

Generate a random key (only for non-TLS static key encryption mode):
--genkey : Generate a random key to be used as a shared secret,
for use with the --secret option.
--secret file : Write key to file.

PKCS#11 standalone options:
--show-pkcs11-ids [provider] [cert_private] : Show PKCS#11 available ids.
--verb option can be added BEFORE
this.

General Standalone Options:
--show-gateway : Show info about default gateway.

C:\Program Files (x86)\VPN Monster\OpenVPN>pause
Press any key to continue . . .

DrPrime

@bronshik
https://www.google.com.ua/search?q=site%3Abablosoft.com+open+vpn