Rx3/network_tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

- Start migration of dns, network & vpn lib,

Browse Source 
- Start migration of rx3_net_adm.
This commit is contained in:
Arnaud G. GIBERT
2026-04-13 16:35:39 +02:00
parent 0c05cfd6c0
commit 6d2fd44dba
15 changed files with 132 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

590
usr/lib/vpn.bash Normal file
View File

@@ -0,0 +1,590 @@
#!/bin/bash
#-----------------------------------------------------------------------------------------------------------------------------------
#
# Rx3 VPN Library
#
# Copyright (C) 2025-2026 Arnaud G. GIBERT
# mailto:arnaud@rx3.net
#
# This is free software: you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published
# by the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this program; If not, see
# <https://www.gnu.org/licenses/>.
#
#-----------------------------------------------------------------------------------------------------------------------------------
if [[ "${RX3_VPN_LIB}" != "" ]]
then
return
else
declare -g RX3_VPN_LIB=1
fi
#-----------------------------------------------------------------------------------------------------------------------------------
# Includes
#-----------------------------------------------------------------------------------------------------------------------------------
: "${RX3_LIB_DIR:=/usr/lib/rx3}"
. "${RX3_LIB_DIR}/network.bash"
#-----------------------------------------------------------------------------------------------------------------------------------
# Global Variable
#-----------------------------------------------------------------------------------------------------------------------------------
declare -Ag VPN_JOB_TAB
declare -Ag VPN_JOB_ID_LIST
declare -Ag VPN_JOB_NAME_IDX
declare -g VPN_PID_FILE
declare -g VPN_STATUS_FILE
declare -g VPN_STATUS_LOCK
#--------------------------------------------------------------------------------------------------------------------------
# vpn_config_make
#--------------------------------------------------------------------------------------------------------------------------
vpn_config_make()
{
local Config_File="$1"
local Device="$2"
local Target_Config="$3"
local mng_port=$(( 2330 + ${Device/tun/}))
log_trace "VPN" "Creating config File: [${Config_File}] Device: [${Device}] Mng_Port: (${mng_port}) Target_Config: [${Target_Config}]"
${DEBUG} cp -f ${VPN_TEMPLATE_FILE} ${Config_File}
${DEBUG} sed -e "s/TARGET-CFG/${Target_Config}-client.conf/" -e "s/VPN-DEVICE/${Device}/" -e "s/MNG-PORT/${mng_port}/" -i ${Config_File}
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_config_make_all
#--------------------------------------------------------------------------------------------------------------------------
vpn_config_make_all()
{
local job_id
local config_file
for job_id in ${VPN_JOB_ID_LIST}
do
vpn_job_tab_get "${job_id}"
network_dst_tab_name_lookup "${job_name}"
network_dst_tab_get "${dst_id}"
config_file="${VPN_CONFIG_FILE/DEVICE/${dst_device}}"
vpn_config_make "${config_file}" "${dst_device}" "${dst_config}"
done
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_job_tab_load
#--------------------------------------------------------------------------------------------------------------------------
vpn_job_tab_load()
{
local job_id=0
local job_pid
local job_date
local job_cmd
log_trace "VPN" "Loading Job tab..."
while IFS= read -r line
do
line=${line%%#*}
if [[ ! -z "$line" ]]
then
set ${line}
job_name="$1"
job_pid="$2"
job_date="$3 $4"
shift; shift; shift; shift
job_cmd="$*"
var_assign VPN_JOB_ID_LIST "${job_id}" INC
tab_assign VPN_JOB_TAB "${job_id},Name" "${job_name}"
tab_assign VPN_JOB_TAB "${job_id},PId" "${job_pid}"
tab_assign VPN_JOB_TAB "${job_id},Date" "${job_date}"
tab_assign VPN_JOB_TAB "${job_id},Cmd" "${job_cmd}"
tab_assign VPN_JOB_NAME_IDX "${job_name}" "${job_id}"
job_id=$(( ${job_id} + 1))
fi
done <<< ${VPN_STATUS}
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_job_tab_get
#--------------------------------------------------------------------------------------------------------------------------
vpn_job_tab_get()
{
job_id="$1"
job_name="${VPN_JOB_TAB["${job_id},Name"]}"
job_pid="${VPN_JOB_TAB["${job_id},PId"]}"
job_date="${VPN_JOB_TAB["${job_id},Date"]}"
job_cmd="${VPN_JOB_TAB["${job_id},Cmd"]}"
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_job_tab_save
#--------------------------------------------------------------------------------------------------------------------------
vpn_job_tab_save()
{
local job_id=0
local dst_id
local config_file
file_lock ${VPN_STATUS_LOCK} WRITE 9
>${VPN_STATUS_FILE}
echo >>${VPN_STATUS_FILE} '#-------------------------------------------------------------------------------
# VPN Status
#-------------------------------------------------------------------------------
VPN_STATUS="
#-------------------------------------------------------------------------------
# Name PId Date Cmd
#-------------------------------------------------------------------------------'
for job_id in ${VPN_JOB_ID_LIST}
do
vpn_job_tab_get "${job_id}"
echo -e >>${VPN_STATUS_FILE} "${job_name}\t${job_pid}\t${job_date}\t${job_cmd}"
done
echo >>${VPN_STATUS_FILE} '"'
file_unlock 9
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_job_tab_init
#--------------------------------------------------------------------------------------------------------------------------
vpn_job_tab_init()
{
local job_id=0
local dst_id
local config_file
for dst_id in ${NETWORK_DST_ID_LIST}
do
network_dst_tab_get ${dst_id}
if [[ "${dst_type}" == "2" ]] && [[ "${dst_config}" != "" ]]
then
config_file="${VPN_CONFIG_FILE/DEVICE/${dst_device}}"
var_assign VPN_JOB_ID_LIST "${job_id}" INC
tab_assign VPN_JOB_TAB "${job_id},Name" "${dst_name}"
tab_assign VPN_JOB_TAB "${job_id},PId" "0"
tab_assign VPN_JOB_TAB "${job_id},Cmd" "/usr/sbin/openvpn --config ${config_file} --daemon"
tab_assign VPN_JOB_TAB "${job_id},Date" ""
tab_assign VPN_JOB_NAME_IDX "${dst_name}" "${job_id}"
# vpn_config_make "${config_file}" "${dst_device}" "${dst_config}"
log_trace "VPN" "Loading config: Id: [${job_id}] Name: [${dst_name}] Cmd: [${VPN_JOB_TAB["${job_id},Cmd"]}]"
job_id=$(( ${job_id} + 1))
fi
done
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_job_tab_deinit
#--------------------------------------------------------------------------------------------------------------------------
vpn_job_tab_deinit()
{
local job_id
for job_id in ${VPN_JOB_ID_LIST}
do
vpn_job_tab_get "${job_id}"
if [[ "${job_PId}" -gt 0 ]]
then
log_info "VPN" "Killing : Id: [${job_id}] Name: [${job_name}] PId: [${job_pid}]..."
kill -15 ${job_pid}
fi
done
log_info "VPN" "Flushing status file..."
file_lock ${VPN_STATUS_LOCK} WRITE 9
>${VPN_STATUS_FILE}
file_unlock 9
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_job_tab_dump
#--------------------------------------------------------------------------------------------------------------------------
vpn_job_tab_dump()
{
echo "VPN_JOB_ID_LIST: [${VPN_JOB_ID_LIST}]"
echo
echo "VPN_JOB_NAME_IDX:"
for key in "${!VPN_JOB_NAME_IDX[@]}"
do
echo "[${key}]: [${VPN_JOB_NAME_IDX[${key}]}]"
done | sort -n
echo
echo "VPN_JOB_TAB:"
for key in "${!VPN_JOB_TAB[@]}"
do
echo "[${key}]: [${VPN_JOB_TAB[${key}]}]"
done | sort -n
echo
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_supervisor
#--------------------------------------------------------------------------------------------------------------------------
vpn_supervisor()
{
local job_id
local job_pid
log_info "VPN" "Starting Supervisor..."
# Main Loop
while true
do
log_info "VPN" "New supervisor loop!"
for job_id in ${VPN_JOB_ID_LIST}
do
vpn_job_tab_get "${job_id}"
${DEBUG} kill -0 "${job_pid}" 2>/dev/null
rc=$?
if [[ ${job_pid} == 0 ]] || [[ $rc != 0 ]]
then
log_info "VPN" "Restarting Cmd: [${job_cmd}]..."
eval ${DEBUG} ${job_cmd}
job_pid="$( ps aux | grep "${job_cmd}" | grep -v grep | head -1 | awk '{print $2}')"
if [[ "${job_pid}" == "" ]]
then
job_pid=0
fi
tab_assign VPN_JOB_TAB "${job_id},PId" "${job_pid}"
tab_assign VPN_JOB_TAB "${job_id},Date" "$(date --rfc-3339=seconds -u)"
log_info "VPN" "PId: [${VPN_JOB_TAB["${job_id},PId"]}]!"
network_dst_name_ip_update "${job_name}" "0.0.0.0"
fi
done
log_trace "VPN" "Saving VPN tab..."
vpn_job_tab_save
sleep ${VPN_LOOP_DELAY}
log_trace "VPN" "Refreshing DNS entries..."
network_dst_address_refresh_all
network_reinit
done
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_kill_jobs
#--------------------------------------------------------------------------------------------------------------------------
vpn_jobs_kill()
{
local job_id
for job_id in ${VPN_JOB_ID_LIST}
do
vpn_job_tab_get "${job_id}"
${DEBUG} kill -0 "${job_pid}" 2>/dev/null
rc=$?
if [[ ${job_pid} != 0 ]] && [[ $rc == 0 ]]
then
log_info "VPN" "Killing Job Id: [${job_id}] Job_PId: [${job_pid}] Cmd: [${job_cmd}]..."
kill -15 "${job_pid}"
fi
done
log_trace "VPN" "Saving VPN tab..."
vpn_job_tab_save
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_init
#--------------------------------------------------------------------------------------------------------------------------
vpn_init()
{
network_init
file_dir_init ${VPN_STATUS_LOCK} root apache
file_lock ${VPN_STATUS_LOCK} READ 9
file_dir_init ${VPN_STATUS_FILE} root apache
file_unlock 9
if [[ -s "${VPN_STATUS_FILE}" ]]
then
file_lock ${VPN_STATUS_LOCK} READ 9
. "${VPN_STATUS_FILE}"
file_unlock 9
vpn_job_tab_load
else
vpn_job_tab_init
fi
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_deinit
#--------------------------------------------------------------------------------------------------------------------------
vpn_deinit()
{
network_deinit
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_start
#--------------------------------------------------------------------------------------------------------------------------
vpn_start()
{
local daemon_pid
log_info "VPN" "Starting VPN..."
if [[ -s ${VPN_PID_FILE} ]]
then
daemon_pid=$( cat ${VPN_PID_FILE})
else
daemon_pid=0
fi
${DEBUG} kill -0 "${daemon_pid}" 2>/dev/null
rc=$?
if [[ "${daemon_pid}" == "0" ]] || [[ $rc != 0 ]]
then
vpn_config_make_all
vpn_supervisor &
daemon_pid=$!
log_info "VPN" "Daemon started, PId: [${daemon_pid}]"
echo >${VPN_PID_FILE} "${daemon_pid}"
else
log_info "VPN" "Daemon already running PId: [${daemon_pid}]"
fi
log_info "VPN" "VPN started!"
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_stop
#--------------------------------------------------------------------------------------------------------------------------
vpn_stop()
{
local daemon_pid
log_info "VPN" "Stoping VPN..."
if [[ -s ${VPN_PID_FILE} ]]
then
daemon_pid=$( cat ${VPN_PID_FILE})
else
daemon_pid=0
fi
${DEBUG} kill -0 "${daemon_pid}" 2>/dev/null
rc=$?
if [[ "${daemon_pid}" == "0" ]] || [[ $rc != 0 ]]
then
log_info "VPN" "Daemon already stoped!"
else
log_info "VPN" "Stoping daemon, PId: [${daemon_pid}]..."
kill -15 ${daemon_pid}
fi
>${VPN_PID_FILE}
vpn_jobs_kill
vpn_job_tab_deinit
log_info "VPN" "VPN stoped!"
}
#--------------------------------------------------------------------------------------------------------------------------
# vpn_status
#--------------------------------------------------------------------------------------------------------------------------
vpn_status()
{
local daemon_pid
local job_id
if [[ -s ${VPN_PID_FILE} ]]
then
daemon_pid=$( cat ${VPN_PID_FILE})
echo "Daemon PId: (${daemon_pid})"
else
daemon_pid=""
echo "Daemon not running"
fi
echo "Number of VPN Jobs: (${#VPN_JOB_NAME_IDX[@]})"
echo -e "Id | Name | Status | PId | Date | IP | Command"
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------"
for job_id in ${VPN_JOB_ID_LIST}
do
vpn_job_tab_get "${job_id}"
${DEBUG} kill -0 "${job_pid}" 2>/dev/null
rc=$?
if [[ "${job_pid}" == "0" ]] || [[ $rc != 0 ]]
then
job_status="Down"
else
job_status="Up"
fi
network_dst_tab_name_lookup "${job_name}"
network_dst_tab_get "${dst_id}"
printf "%-*s | %-*s | %-*s | %-*s | %-*s | %-*s | %-*s\n" 8 "${job_id}" 24 "${job_name}" 8 "${job_status}" 8 "${job_pid}" 32 "${job_date}" 15 "${dst_ip}" 8 "${job_cmd}"
done
}