AlkorZ3/network_tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
77a94f7ad4
network_tools/var/www/cgi-bin/vpn-admin_board.cgi

1043 lines
27 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
time_in=$(date +%s%N)
. /etc/sysconfig/rx3-net
. /etc/sysconfig/rx3-vpn
CGI_NAME="vpn-admin_board.cgi"
VPN_TYPE[0]="IPSec"
VPN_TYPE[1]="OpenVPN"
VPN_TYPE[2]="L2TP"
VPN_TYPE[3]="PPTP"
VPN_TYPE[4]="NoVPN"
#--------------------------------------------------------------------------------------------------------------------------
# Lookup Source IP ()
#--------------------------------------------------------------------------------------------------------------------------
Lookup_Src_IP ()
{
lo_id=0
for lo_blk in ${IP_SRC_SN}
do
OIFS=${IFS}
IFS=:
set ${lo_blk}
lo_ip=$1
lo_table=$2
lo_owner=$3
lo_type=$4
IFS=${OIFS}
echo "${lo_ip}:${lo_table}:${lo_owner}:${lo_type}:${lo_type}:sn:${lo_id}"
lo_id=$((${lo_id}+1))
done
for lo_blk in ${IP_SRC_PTP}
do
OIFS=${IFS}
IFS=:
set ${lo_blk}
lo_id=$1
lo_table=$2
lo_owner=$3
lo_forward=$4
IFS=${OIFS}
for lo_type in 1 2 3
do
echo "${IP_PREFIX}.${lo_type}.${lo_id}:${lo_table}:${lo_owner}:${lo_type}:${lo_forward}:ptp:${lo_id}"
done
done
}
#--------------------------------------------------------------------------------------------------------------------------
# Lookup Owner ()
#--------------------------------------------------------------------------------------------------------------------------
Lookup_Owner ()
{
for lo_blk in $(Lookup_Src_IP)
do
OIFS=${IFS}
IFS=:
set ${lo_blk}
lo_ip=$1
lo_table=$2
lo_owner=$3
lo_type=$4
IFS=${OIFS}
if [[ "${ip}" == "${lo_ip}" ]]
then
echo ${lo_owner}
fi
done
}
#--------------------------------------------------------------------------------------------------------------------------
# Header Print
#--------------------------------------------------------------------------------------------------------------------------
Header_Print ()
{
case "${format}"
in
"html")
echo "Content-type: text/html"
echo ""
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">"
echo "<HTML>"
echo " <HEAD>"
echo " <META HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=iso-8859-1\">"
echo " <META http-equiv=\"Refresh\" content=\"300\">"
echo " <META http-equiv=\"Pragma\" content=\"no-cache\">"
echo " <LINK REL=\"shortcut icon\" HREF=\"/favicon.ico\" TYPE=\"image/x-icon\">"
echo " <LINK REL=\"stylesheet\" TYPE=\"text/css\" HREF=\"/tdsots/default.css\">"
if [[ "${cmd_status}" == "" ]]
then
echo " <TITLE>Rx3 VPN Admin Board</Title>"
else
echo " <TITLE>Rx3 VPN Admin Board: ${cmd_status}</Title>"
fi
if [[ "${redirect}" != "" ]]
then
echo " <meta http-equiv=\"REFRESH\" content=\"1; URL=${redirect}\">"
fi
echo " </HEAD>"
echo " <BODY>"
;;
"csv")
echo "Content-type: text/csv"
echo ""
echo "SOF"
if [[ "${redirect}" != "" ]]
then
echo "CMD: ${cmd_status}"
fi
;;
"txt")
echo "Content-disposition: attachment; filename=${file_name}"
echo "Content-type: text/plain"
echo ""
;;
esac
}
#--------------------------------------------------------------------------------------------------------------------------
# Tailer
#--------------------------------------------------------------------------------------------------------------------------
Footer_Print ()
{
case "${format}"
in
"html")
echo " </BODY>"
echo ""
echo "</HTML>"
;;
"csv")
echo ""
echo "EOF"
;;
esac
}
#--------------------------------------------------------------------------------------------------------------------------
# External VPN Status Board
#--------------------------------------------------------------------------------------------------------------------------
External_VPN_Status_Board ()
{
if [[ "${format}" == "html" ]]
then
echo " <P>"
echo " <BR>"
echo " </P>"
echo ""
echo " <H2>External VPN Status Board</H2>"
echo ""
echo " <TABLE BORDER=\"1\" WIDTH=\"100%\">"
echo " <TR class=\"header\"><TD class=\"header\">#</TD><TD>Name</TD><TD>Type</TD><TD>Device</TD><TD>Address</TD><TD>Config</TD><TD>Table</TD><TD>Status</TD><TD>Bytes In</TD><TD>Bytes Out</TD><TD>UpTime</TD></TR>"
else
echo "TABLE: External_VPN_Status_Board"
echo "#;Name;Type;Device;Address;Config;Table;Status;Bytes In;Bytes Out;UpTime"
fi
idx=0
for blk in ${VPN_EXT_LIST}
do
OIFS=${IFS}
IFS=:
set $blk
dev=$1
conf=$2
table=$3
name=$4
IFS=${OIFS}
case "${dev}"
in
"eth"*)
type="Local"
;;
"tun"*)
type="OpenVPN"
;;
"ppp"*)
type="PPTP"
;;
esac
/sbin/ifconfig ${dev} 2>/dev/null | grep UP >/dev/null
if [[ "$?" == 0 ]]
then
status=1
else
status=0
fi
if [[ ${status} == 0 ]]
then
address="-"
else
case "${type}" in
"Local"|"PPTP")
address="$(ip addr show dev ${dev} | grep "inet " | grep -v "${dev}:" | awk '{print $2;}' | sed -e 's/\/.*//')"
;;
"OpenVPN")
# address="$(sudo /usr/local/sbin/ns-launch 3 ${table} /usr/local/bin/my_address_get)"
address="$(host vpn${idx}.vpn.rx3 | sed -e 's/.*address //')"
;;
esac
fi
if [[ "${conf}" == "" ]]
then
conf="-"
bytes_received="-"
bytes_sent="-"
uptime="-"
else
if [[ "${status}" == "1" ]]
then
if [[ "$type" == "OpenVPN" ]]
then
bytes_received=$(sudo /usr/local/sbin/openvpn-status ${dev} | grep -e "TCP/UDP read bytes" | sed -e "s/.*,//" | numfmt --to=iec-i --suffix=B)
bytes_sent=$(sudo /usr/local/sbin/openvpn-status ${dev} | grep -e "TCP/UDP write bytes" | sed -e "s/.*,//" | numfmt --to=iec-i --suffix=B)
start_date=$(grep "ext-client-${dev}.conf" /var/log/rx3-vpn.status 2>/dev/null | sed -e "s/.*Date: \[//" -e "s/\].*//")
uptime=$(echo "$(($(date +%s) - $(date -d "${start_date}" +%s)))" | awk '{days = int($1/86400); print days " day" (( days > 1 ) ? "s" : "") strftime(" %H:%M:%S", $1,1)}')
else
bytes_received="-"
bytes_sent="-"
start_date="-"
uptime="-"
fi
else
bytes_received="-"
bytes_sent="-"
uptime="-"
fi
fi
if [[ "${format}" == "html" ]]
then
echo -n "<TR><TD class="header">${idx}</TD><TD>${name}</TD><TD>${type}</TD><TD>${dev}</TD><TD>${address}</TD><TD>${conf}</TD><TD>${table}</TD><TD>"
if [[ "${status}" == 1 ]]
then
echo -n "<IMG SRC=\"../icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD>"
else
echo -n "<IMG SRC=\"../icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD>"
fi
echo "<TD>${bytes_received}</TD><TD>${bytes_sent}</TD><TD>${uptime}</TD>"
else
echo "${idx};${name};${type};${dev};${conf};${table};${status};${bytes_received};${bytes_sent};${uptime}"
fi
idx=$((idx+1))
done
if [[ "${format}" == "html" ]]
then
echo " </TABLE>"
echo " <P>"
echo " <BR>"
echo " </P>"
echo ""
else
echo ""
fi
}
#--------------------------------------------------------------------------------------------------------------------------
# VPN Routing Board Line
#--------------------------------------------------------------------------------------------------------------------------
VPN_Routing_Board_Line()
{
if [[ ( "${filter}" == "") || ( "${filter}" == "owner") || ( "${filter}" == "${owner}") ]]
then
if [[ "${REMOTE_USER}" == "${owner}" ]]
then
class="default"
else
if [[ "${filter}" == "owner" ]]
then
class="skip"
else
class="dark"
fi
fi
else
class="skip"
fi
if [[ "${class}" != "skip" ]]
then
host_name=$(host ${ip} | sed -e 's/.*domain name pointer //' -e 's/.$//')
case "${vpn_type}"
in
"0")
/sbin/ifconfig ipsec0 2>/dev/null | grep UP >/dev/null
if [[ "$?" == 0 ]]
then
dev=ipsec0
status=1
else
dev="-"
status=0
fi
;;
"1")
dev="tun0"
status_line="$(sudo /usr/local/sbin/openvpn-status ${dev} | grep "CLIENT_LIST.*${ip},")"
if [[ "${status_line}" == "" ]]
then
bytes_received="-"
bytes_sent="-"
uptime="-"
status=0
last_seen="$(stat -c "%x" /etc/openvpn/status/${host_name}.status | sed -e 's/\..*//')"
else
status=1
OIFS=${IFS}
IFS=,
set ${status_line}
header=$1
h_name=$2
h_ip=$3
v_ip=$4
v_ip6=$5
v_bytes_received=$6
v_bytes_sent=$7
v_date=$8
v_uptime=$9
IFS=${OIFS}
bytes_received="$(echo ${v_bytes_received} | numfmt --to=iec-i --suffix=B)"
bytes_sent="$(echo ${v_bytes_sent} | numfmt --to=iec-i --suffix=B)"
uptime=$(echo "$(($(date +%s) - $(date -d "${v_date}" +%s)))" | awk '{days = int($1/86400); print days " day" (( days > 1 ) ? "s" : "") strftime(" %H:%M:%S", $1,1)}')
last_seen="$(date +"%Y/%m/%d %H:%M:%S")"
fi
;;
"2" | "3")
/sbin/ifconfig 2>/dev/null | grep "P-t-P:${ip} " >/dev/null
if [[ "$?" == 0 ]]
then
dev=$(/sbin/route -n 2>/dev/null | grep "^${ip}" | awk '{print $8}')
bytes_received="-"
bytes_sent="-"
uptime="-"
lastseen="-"
status=1
else
dev="-"
bytes_received="-"
bytes_sent="-"
uptime="-"
last_seen="-"
status=0
fi
;;
*)
dev="-"
bytes_received="-"
bytes_sent="-"
uptime="-"
last_seen="-"
status=2
;;
esac
if [[ "${forward}" == "${vpn_type}" ]]
then
if [[ "${net_type}" == "sn" ]]
then
port_start=$((3000+${vpn_id}*100))
else
port_start=$((33000+${vpn_id}*100))
fi
port_end=$((${port_start}+99))
else
port_start=""
port_end=""
fi
if [[ "${format}" == "html" ]]
then
echo -n "<TR class="${class}"><TD class="header">${idx}</TD>"
echo "<TD>${VPN_TYPE[${vpn_type}]}</TD><TD>${ip}</TD><TD>${host_name}</TD>"
case "${status}"
in
"0")
echo -n "<TD><IMG SRC=\"../icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD>"
;;
"1")
echo -n "<TD><IMG SRC=\"../icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD>"
;;
"2")
echo -n "<TD>-</TD>"
;;
esac
echo -n "<TD>${dev}</TD>"
else
echo -n "${idx};${VPN_TYPE[${vpn_type}]};${ip};${host_name};${status};${dev};"
fi
i=0
for blk in ${VPN_EXT_LIST}
do
if [[ "${format}" == "html" ]]
then
echo -n "<TD><TABLE class=\"${class}\" BORDER=\"0\" WIDTH=\"100%\"><TR><TD class=\"half\">"
if [[ $i == $id ]]
then
echo -n "<IMG SRC=\"../icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD><TD>&nbsp;"
else
echo -n "<IMG SRC=\"../icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD><TD>"
if [[ "${REMOTE_USER}" == "${owner}" ]]
then
echo -n "<A HREF=\"${CGI_NAME}?cmd=route_set&amp;filter=${filter}&amp;ip=${ip}&amp;vpn=${i}\"><IMG SRC=\"../icons/user-invisible.png\" TITLE=\"Activate\" ALT=\"Activate\"></A>"
else
echo -n "&nbsp;"
fi
fi
echo -n "</TD></TR></TABLE>"
else
if [[ $i == $id ]]
then
echo -n "1;"
else
echo -n "0;"
fi
fi
i=$((i + 1))
done
if [[ "${format}" == "html" ]]
then
if [[ "${forward}" == "${vpn_type}" ]]
then
echo -n "<TD><IMG SRC=\"../icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD>"
echo -n "<TD>${port_start}</TD><TD>${port_end}</TD>"
else
if [[ "${REMOTE_USER}" == "${owner}" ]]
then
echo -n "<TD><A HREF=\"${CGI_NAME}?cmd=forward_set&amp;filter=${filter}&amp;ip=${ip}\"><IMG SRC=\"../icons/user-invisible.png\" TITLE=\"Activate\" ALT=\"Activate\"></A></TD>"
else
echo -n "<TD>&nbsp;</TD>"
fi
echo -n "<TD>&nbsp;</TD><TD>&nbsp;</TD>"
fi
echo "<TD><A HREF="?filter=${owner}">${owner}</A></TD><TD>${bytes_received}</TD><TD>${bytes_sent}</TD><TD>${uptime}</TD><TD>${last_seen}</TD></TR>"
else
if [[ "${forward}" == "${vpn_type}" ]]
then
echo -n "1;"
else
echo -n "0;"
fi
echo "${port_start};${port_end};${owner};${bytes_received};${bytes_sent};${uptime};${last_seen}"
fi
fi
}
#--------------------------------------------------------------------------------------------------------------------------
# VPN Routing Board
#--------------------------------------------------------------------------------------------------------------------------
VPN_Routing_Board()
{
if [[ "${format}" == "html" ]]
then
echo " <P>"
echo " <BR>"
echo " </P>"
echo ""
echo " <H2>VPN Routing Board</H2>"
echo ""
echo " <TABLE BORDER=\"1\" WIDTH=\"100%\">"
echo -n " <TR class="header"><TD class="header">#</TD><TD>Type</TD><TD>IP</TD><TD>Host Name</TD><TD>Status</TD><TD>Device</TD>"
else
echo "TABLE: VPN_Routing_Board"
echo -n "#;Type;IP;Host Name;Status;Device;"
fi
for blk in ${VPN_EXT_LIST}
do
OIFS=${IFS}
IFS=:
set $blk
dev=$1
conf=$2
table=$3
name=$4
IFS=${OIFS}
if [[ "${format}" == "html" ]]
then
echo -n "<TD>${name}</TD>"
else
echo -n "${name};"
fi
done
if [[ "${format}" == "html" ]]
then
echo "<TD>Forward</TD><TD>From Port</TD><TD>To Port</TD><TD>Owner</TD><TD>Bytes In</TD><TD>Bytes Out</TD><TD>UpTime</TD><TD>Last Seen</TD></TR>"
else
echo "Forward;From Port;To Port;Owner;Bytes In;Bytes Out;UpTime;Last Seen"
fi
idx=0
for blk in $(Lookup_Src_IP)
do
OIFS=${IFS}
IFS=:
set $blk
ip=$1
table=$2
owner=$3
vpn_type=$4
forward=$5
net_type=$6
vpn_id=$7
IFS=${OIFS}
id=$((table - 3))
idx=$((idx+1))
VPN_Routing_Board_Line
done
if [[ "${format}" == "html" ]]
then
echo " </TABLE>"
echo " <P>"
echo " <BR>"
echo " </P>"
else
echo ""
fi
}
#--------------------------------------------------------------------------------------------------------------------------
# OpenVPN Board
#--------------------------------------------------------------------------------------------------------------------------
VPN_OpenVPN_Board()
{
if [[ "${format}" == "html" ]]
then
echo " <P>"
echo " <BR>"
echo " </P>"
echo ""
echo " <H2>OpenVPN Board</H2>"
echo ""
echo " <TABLE BORDER=\"1\" WIDTH=\"100%\">"
echo -n " <TR class="header"><TD class="header" ROWSPAN=3>#</TD><TD ROWSPAN=3>IP</TD><TD ROWSPAN=3>Host Name</TD><TD COLSPAN=4>Configuration</TD><TD COLSPAN=5>Certificates</TD></TR><TR class=\"header\"><TD COLSPAN=2>Default Route VPN</TD><TD COLSPAN=2>No Default Route VPN</TD><TD ROWSPAN=2>CA Certificate (.crt)</TD><TD ROWSPAN=2>TC Certificate (.key)</TD><TD ROWSPAN=2>Private Key (.key)</TD><TD ROWSPAN=2>Cerificate Signing Request (.csr)</TD><TD ROWSPAN=2>Public Certificate (.crt)</TD></TR><TR class=\"header\"><TD>External Crt</TD><TD>Inline Crt</TD><TD>External Crt</TD><TD>Inline Crt</TD></TR>"
else
echo "TABLE: OpenVPN_Board"
echo "#;IP;Host Name;Certificate"
fi
idx=0
for blk in $(Lookup_Src_IP)
do
OIFS=${IFS}
IFS=:
set $blk
ip=$1
table=$2
owner=$3
type=$4
IFS=${OIFS}
if [[ "${type}" == 1 ]]
then
idx=$((idx+1))
if [[ ( "${filter}" == "") || ( "${filter}" == "owner") || ( "${filter}" == "${owner}") ]]
then
if [[ "${REMOTE_USER}" == "${owner}" ]]
then
class="default"
else
if [[ "${filter}" == "owner" ]]
then
class="skip"
else
class="dark"
fi
fi
else
class="skip"
fi
if [[ "${class}" != "skip" ]]
then
host_name=$(host ${ip} | sed -e 's/.*domain name pointer //' -e 's/.$//')
if [[ "${format}" == "html" ]]
then
echo -n "<TR class=\"${class}\"><TD class=\"header\">${idx}</TD><TD>${ip}</TD><TD>${host_name}</TD>"
echo -n "<TD><A HREF=\"${CGI_NAME}?cmd=config_download&amp;ip=${ip}&amp;defroute=true&amp;type=ext\" ><IMG SRC=\"../icons/user-online.png\" TITLE=\"Configuration Default Route External Certificates\" ALT=\"Configuration External Certificates\"></A></TD>"
if [[ "${REMOTE_USER}" == "${owner}" ]]
then
echo -n "<TD><A HREF=\"${CGI_NAME}?cmd=config_download&amp;ip=${ip}&amp;defroute=true&amp;type=inline\" ><IMG SRC=\"../icons/user-online.png\" TITLE=\"Configuration Default Route Inline Certificates\" ALT=\"Configuration Inline Certificates\"></A></TD>"
else
echo -n "<TD><IMG SRC=\"../icons/user-online.png\" TITLE=\"Configuration Inline Certificates\" ALT=\"Configuration Inline Certificates\"></TD>"
fi
echo -n "<TD><A HREF=\"${CGI_NAME}?cmd=config_download&amp;ip=${ip}&amp;defroute=false&amp;type=ext\" ><IMG SRC=\"../icons/user-online.png\" TITLE=\"Configuration NoDefault Route External Certificates\" ALT=\"Configuration External Certificates\"></A></TD>"
if [[ "${REMOTE_USER}" == "${owner}" ]]
then
echo -n "<TD><A HREF=\"${CGI_NAME}?cmd=config_download&amp;ip=${ip}&amp;defroute=false&amp;type=inline\" ><IMG SRC=\"../icons/user-online.png\" TITLE=\"Configuration NoDefault Route Inline Certificates\" ALT=\"Configuration Inline Certificates\"></A></TD>"
else
echo -n "<TD><IMG SRC=\"../icons/user-online.png\" TITLE=\"Configuration Inline Certificates\" ALT=\"Configuration Inline Certificates\"></TD>"
fi
else
echo -n "${idx};${ip};${host_name}"
fi
if [[ "${format}" == "html" ]]
then
echo -n "<TD><A HREF=\"${CGI_NAME}?cmd=cert_download&amp;filter=${filter}&amp;ip=${ip}&amp;type=ca\" ><IMG SRC=\"../icons/user-online.png\" TITLE=\"CA Certificate\" ALT=\"CA Certificate\"></A></TD>"
if [[ "${REMOTE_USER}" == "${owner}" ]]
then
echo -n "<TD><A HREF=\"${CGI_NAME}?cmd=cert_download&amp;filter=${filter}&amp;ip=${ip}&amp;type=tc\" ><IMG SRC=\"../icons/user-online.png\" TITLE=\"TC Certificate\" ALT=\"TC Certificate\"></A></TD>"
if [[ -f /etc/openvpn/tls/certs/${host_name}.crt ]]
then
echo -n "<TD><A HREF=\"${CGI_NAME}?cmd=cert_download&amp;filter=${filter}&amp;ip=${ip}&amp;type=key\"><IMG SRC=\"../icons/user-online.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></A></TD>"
echo -n "<TD><A HREF=\"${CGI_NAME}?cmd=cert_download&amp;filter=${filter}&amp;ip=${ip}&amp;type=csr\"><IMG SRC=\"../icons/user-online.png\" TITLE=\"Certificate Signing Request\" ALT=\"Certificat Signing Request\"></A></TD>"
echo -n "<TD><A HREF=\"${CGI_NAME}?cmd=cert_download&amp;filter=${filter}&amp;ip=${ip}&amp;type=crt\"><IMG SRC=\"../icons/user-online.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></A></TD></TR>"
else
echo -n "<TD><IMG SRC=\"../icons/user-busy.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></TD>"
echo -n "<TD><IMG SRC=\"../icons/user-busy.png\" TITLE=\"Certificat Signing Request\" ALT=\"Certificat Signing Request\"></TD>"
echo -n "<TD><IMG SRC=\"../icons/user-busy.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></TD></TR>"
fi
else
echo -n "<TD><IMG SRC=\"../icons/user-online.png\" TITLE=\"TC Certificate\" ALT=\"TC Certificate\"></TD>"
if [[ -f /etc/openvpn/tls/certs/${host_name}.crt ]]
then
echo -n "<TD><IMG SRC=\"../icons/user-online.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></TD>"
echo -n "<TD><IMG SRC=\"../icons/user-online.png\" TITLE=\"Certificat Signing Request\" ALT=\"Certificat Signing Request\"></TD>"
echo -n "<TD><IMG SRC=\"../icons/user-online.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></TD></TR>"
else
echo -n "<TD><IMG SRC=\"../icons/user-busy.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></TD>"
echo -n "<TD><IMG SRC=\"../icons/user-busy.png\" TITLE=\"Certificat Signing Request\" ALT=\"Certificat Signing Request\"></TD>"
echo -n "<TD><IMG SRC=\"../icons/user-busy.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></TD></TR>"
fi
fi
else
if [[ -f /etc/openvpn/tls/certs/${host_name}.crt ]]
then
echo ";1"
else
echo ";0"
fi
fi
fi
fi
done
if [[ "${format}" == "html" ]]
then
echo " </TABLE>"
echo " <P>"
echo " <BR>"
echo " </P>"
fi
}
#--------------------------------------------------------------------------------------------------------------------------
# Main Board Print
#--------------------------------------------------------------------------------------------------------------------------
Main_Board_Print ()
{
if [[ "${format}" == "html" ]]
then
echo ""
if [[ "${filter}" == "owner" ]]
then
echo " <H1>VPN Admin Board - My VPN</H1>"
else
echo " <H1>VPN Admin Board - All VPN</H1>"
fi
echo " <P>"
echo " <BR>"
echo ""
echo " <b>Date: $(/bin/date)</b><br>"
echo " </P>"
echo " <HR>"
echo ""
fi
External_VPN_Status_Board
VPN_Routing_Board
VPN_OpenVPN_Board
if [[ "${format}" == "html" ]]
then
time_out=$(date +%s%N)
elaps=$((${time_out} - ${time_in}))
elaps_sec=$((${elaps} / 1000000000))
elaps_mili=$(( ( ${elaps} / 1000000) - ( ${elaps_sec} * 1000)))
echo " <P>"
echo " <BR>"
echo " <BR>"
printf "Page generated in %d.%03d seconds" ${elaps_sec} ${elaps_mili}
echo " </P>"
echo ""
echo " <HR>"
echo ""
echo " <P>"
echo " <A HREF=\"/tdsots/admin/\">Rx3 Admin</A>"
echo " </P>"
echo ""
echo " <HR>"
echo ""
echo " <P>"
echo " <A HREF=\"http://www.hertgen.com/anybrowser/\"> <IMG SRC=\"/images/anyb09.png\" ALT=\"Best Viewed With Any Browser\"></A>"
echo " <A HREF=\"http://validator.w3.org/check?uri=referer\"><IMG SRC=\"/images/valid-html401.png\" ALT=\"Valid HTML 4.01!\"></A>"
echo " <A HREF=\"http://jigsaw.w3.org/css-validator/\"> <IMG SRC=\"/images/valid-css.png\" ALT=\"Valid CSS!\"></A>"
echo " </P>"
fi
}
#--------------------------------------------------------------------------------------------------------------------------
# Main
#--------------------------------------------------------------------------------------------------------------------------
#--------------------------------------------------------------------------------------------------------------------------
# Args
#--------------------------------------------------------------------------------------------------------------------------
cmd=""
format=""
filter=""
ip=""
vpn=""
type=""
redirect=""
cmd_status=""
if [[ "${QUERY_STRING}" != "" ]]
then
OIFS=${IFS}
IFS="\&"
set ${QUERY_STRING}
IFS=${OIFS}
i=$#
while [[ "${i}" != 0 ]]
do
var=${1/=*/}
arg=${1/*=/}
case "${var}"
in
"cmd")
cmd=${arg}
;;
"format")
format=${arg}
;;
"filter")
filter=${arg}
;;
"ip")
ip=${arg}
;;
"vpn")
vpn=${arg}
;;
"type")
type=${arg}
;;
"filename")
filename=${arg}
;;
"defroute")
defroute=${arg}
;;
esac
shift
i=$((i - 1))
done
fi
if [[ "${format}" == "" ]]
then
format="html"
fi
#--------------------------------------------------------------------------------------------------------------------------
# Command Handler
#--------------------------------------------------------------------------------------------------------------------------
case "${cmd}"
in
"")
Header_Print
Main_Board_Print
Footer_Print
;;
"route_set")
owner=$(Lookup_Owner)
if [[ "${REMOTE_USER}" == "${owner}" ]]
then
sudo /etc/init.d/rx3-net table_set $ip $((${vpn} + 3)) 2>&1 >/dev/null
if [[ "$?" == 0 ]]
then
cmd_status="route_set: OK"
else
cmd_status="route_set: KO"
fi
else
cmd_status="route_set: NOT_AUTHORIZED"
fi
redirect="${CGI_NAME}?filter=${filter}"
Header_Print
Footer_Print
;;
"forward_set")
owner=$(Lookup_Owner)
if [[ "${REMOTE_USER}" == "${owner}" ]]
then
sudo /etc/init.d/rx3-net forward_set $ip 2>&1 >/dev/null
if [[ "$?" == 0 ]]
then
cmd_status="forward_set: OK "
else
cmd_status="forward_set: KO"
fi
else
cmd_status="forward_set: NOT_AUTHORIZED"
fi
redirect="${CGI_NAME}?filter=${filter}"
Header_Print
Footer_Print
;;
"cert_download")
owner=$(Lookup_Owner)
if [[ "${type}" == "ca" ]] || [[ "${type}" == "crt" ]] || [[ "${REMOTE_USER}" == "${owner}" ]]
then
cmd_status="cert_download: OK"
format="txt"
case "${type}"
in
"ca")
file_name="ca.crt"
host_name=""
;;
"tc")
file_name="tc.key"
host_name=""
;;
*)
host_name=$(host ${ip} | sed -e 's/.*domain name pointer //' -e 's/.$//')
file_name="${host_name}.${type}"
;;
esac
Header_Print
sudo /usr/local/sbin/cert_dump ${type} ${host_name}
else
cmd_status="cert_download: NOT_AUTHORIZED"
redirect="${CGI_NAME}?filter=${filter}"
format="html"
Header_Print
Footer_Print
fi
;;
"config_download")
owner=$(Lookup_Owner)
if [[ ( "${type}" == "ext") || ( ( "${type}" == "inline") && ( "${REMOTE_USER}" == "${owner}")) ]]
then
cmd_status="config_download: OK"
host_name=$(host ${ip} | sed -e 's/.*domain name pointer //' -e 's/.$//')
template_name="rx3-client.ovpn"
if [[ "${defroute}" == "false" ]]
then
defroute_pipe="sed s/#pull-filter/pull-filter/"
route_type="nodefroute"
else
defroute_pipe="cat"
route_type="defroute"
fi
format="txt"
if [[ "${type}" == "ext" ]]
then
file_name="${host_name}-${route_type}-external.ovpn"
Header_Print
sed </etc/openvpn/template/${template_name} -e "s/CLIENT_FQDN/${host_name}/g" | ${defroute_pipe}
else
file_name="${host_name}-${route_type}-inline.ovpn"
Header_Print
eval "echo \"$( sed </etc/openvpn/template/${template_name} -e "s/ca tls\/certs\/ca.crt/\$(echo \"<ca>\"; sudo \/usr\/local\/sbin\/cert_dump ca; echo \"<\/ca>\")/" -e "s/cert tls\/certs\/CLIENT_FQDN.crt/\$(echo \"<cert>\"; sudo \/usr\/local\/sbin\/cert_dump crt CLIENT_FQDN; echo \"<\/cert>\")/" -e "s/key tls\/private\/CLIENT_FQDN.key/\$(echo \"<key>\"; sudo \/usr\/local\/sbin\/cert_dump key CLIENT_FQDN; echo \"<\/key>\")/" -e "s/tls-crypt tls\/private\/tc.key/\$(echo \"<tls-crypt>\"; sudo \/usr\/local\/sbin\/cert_dump tc; echo \"<\/tls-crypt>\")/" -e "s/CLIENT_FQDN/${host_name}/g")\"" | ${defroute_pipe}
fi
else
cmd_status="config_download: NOT_AUTHORIZED"
redirect="${CGI_NAME}?filter=${filter}"
format="html"
Header_Print
Footer_Print
fi
;;
*)
cmd_status="${cmd}: UNKNOWN_CMD"
Header_Print
Footer_Print
;;
esac
Reference in New Issue View Git Blame Copy Permalink