Rx3/network_tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 7 Wiki Activity

- Complete migration,

Browse Source 
- Move usr/lib, usr/sbin & var/www to lib, sbin & www,
- Add dns_host_update() to dns library,
- Add RPM Spec & bash completion files.
This commit is contained in:
Arnaud G. GIBERT
2026-04-19 12:06:40 +02:00
parent f58ffedef9
commit ad3862a5e0
36 changed files with 3481 additions and 2118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

534
www/cgi-bin/ns-admin_board.cgi Executable file
View File

@@ -0,0 +1,534 @@
#!/bin/bash
#-----------------------------------------------------------------------------------------------------------------------------------
#
# Rx3 NS Admin Board CGI
#
# Copyright (C) 2025-2026 Arnaud G. GIBERT
# mailto:arnaud@rx3.net
#
# This is free software: you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published
# by the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this program; If not, see
# <https://www.gnu.org/licenses/>.
#
#-----------------------------------------------------------------------------------------------------------------------------------
#-----------------------------------------------------------------------------------------------------------------------------------
# Includes
#-----------------------------------------------------------------------------------------------------------------------------------
: "${RX3_LIB_DIR:=/usr/lib/rx3}"
. "${RX3_LIB_DIR}/dns.bash"
. /etc/sysconfig/rx3-ns # To be removed?
#-----------------------------------------------------------------------------------------------------------------------------------
# Global Variables
#-----------------------------------------------------------------------------------------------------------------------------------
declare -g VERSION="1.2.0"
declare -g NAME="ns-admin_board.cgi"
declare -g DEBUG=""
#declare -g DEBUG="echo"
#declare -g DEBUG=":"
# No Log please
export LOG=""
declare -g CMD=""
declare -g FORMAT=""
declare -g IP=""
declare -g HOST=""
declare -g DOMAIN=""
declare -g REDIRECT=""
declare -g CMD_STATUS=""
declare -g REFRESH=""
declare -g TTL=""
declare -g STATUS=""
declare -g FILE_NAME=""
declare -g REMOTE_IP="${REMOTE_ADDR}"
declare -g HOST_INFO=""
#-----------------------------------------------------------------------------------------------------------------------------------
# Lookup Domain Owner
#-----------------------------------------------------------------------------------------------------------------------------------
nab_lookup_domain_owner()
{
local ldo_blk
local ldo_domain
local ldo_host
local ldo_owner
local OIFS
for ldo_blk in ${NS_LIST}
do
OIFS="${IFS}"
IFS=":"
set ${ldo_blk}
ldo_domain="$1"
ldo_host="$2"
ldo_owner="$3"
IFS="${OIFS}"
if [[ "${HOST}.${DOMAIN}" == "${ldo_host}.${ldo_domain}" ]]
then
echo "${ldo_owner}"
fi
done
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Header Print
#-----------------------------------------------------------------------------------------------------------------------------------
nab_header_print()
{
case "${FORMAT}"
in
"html")
echo "Content-type: text/html"
echo ""
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">"
echo "<HTML>"
echo " <HEAD>"
echo " <META HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=iso-8859-1\">"
if [[ "${REFRESH}" == "yes" ]]
then
echo " <META http-equiv=\"Refresh\" content=\"300\">"
fi
echo " <META http-equiv=\"Pragma\" content=\"no-cache\">"
echo " <LINK REL=\"shortcut icon\" HREF=\"/favicon.ico\" TYPE=\"image/x-icon\">"
echo " <LINK REL=\"stylesheet\" TYPE=\"text/css\" HREF=\"/tdsots/default.css\">"
echo " <TITLE>Rx3 NS Admin: ${CMD_STATUS}</Title>"
echo " </HEAD>"
echo " <BODY>"
;;
"txt")
echo "Content-disposition: attachment; filename=${FILE_NAME}"
echo "Content-type: text/plain"
echo ""
;;
esac
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Footer Print
#-----------------------------------------------------------------------------------------------------------------------------------
nab_footer_print()
{
case "${FORMAT}"
in
"html")
echo " </BODY>"
echo ""
echo "</HTML>"
;;
esac
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Usage Print
#-----------------------------------------------------------------------------------------------------------------------------------
nab_usage_print()
{
if [[ "${FORMAT}" == "html" ]]
then
echo " <P>"
echo " <BR>"
echo " </P>"
echo ""
echo " <H2>Rx3 NS Admin Service Usage</H2>"
echo ""
echo " <TABLE BORDER=\"1\" WIDTH=\"95%\" ALIGN=\"CENTER\">"
echo " <TR><TD>"
echo " <TABLE BORDER=\"0\" WIDTH=\"95%\" ALIGN=\"CENTER\">"
echo " <TR><TD>"
echo " <PRE>"
echo " - cmd=address_get: Get the host IP address"
echo " + [format=html|txt]: Output request format (Default to html)"
echo " + host=&lt;Host Name&gt;: Host name to show"
echo " + domain=&lt;Domain Name&gt;: Domain name of the host name"
echo ""
echo " - cmd=address_set: Set the host IP address"
echo " + [format=html|txt]: Output request format (Default to html)"
echo " + host=&lt;Host Name&gt;: Host name to set"
echo " + domain=&lt;Domain Name&gt;: Domain name of the host name"
echo " + [ip=&lt;IP Address&gt;]: IP address to be set (Default to requestor address)"
echo " + [ttl=&lt;TTL&gt;]: TTL to be set (Default to 600)"
echo ""
echo " - Example: https://www.rx3.net/cgi-bin-private/ns-admin_board.cgi?cmd=address_get&amp;host=vpn0&amp;domain=vpn.rx3"
echo " </PRE>"
echo " </TD></TR>"
echo " </TABLE>"
echo " </TD></TR>"
echo " </TABLE>"
else
echo "Rx3 NS Service Usage:"
echo " - cmd=address_get: Get the host IP address"
echo " + [format=html|txt]: Output request format (Default to html)"
echo " + host=<Host Name>: Host name to show"
echo " + domain=<Domain Name>: Domain name of the host name"
echo ""
echo " - cmd=address_set: Set the host IP address"
echo " + [format=html|txt]: Output request format (Default to html)"
echo " + host=<Host Name>: Host name to set"
echo " + domain=<Domain Name>: Domain name of the host name"
echo " + [ip=<IP Address>]: IP address to be set (Default to requestor address)"
echo " + [ttl=<TTL>]: TTL to be set (Default to 600)"
fi
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Result Print
#-----------------------------------------------------------------------------------------------------------------------------------
nab_result_print()
{
local message="$1"
if [[ "${FORMAT}" == "html" ]]
then
echo " <TABLE BORDER=\"1\" WIDTH=\"95%\" ALIGN=\"CENTER\">"
echo " <TR><TD>"
echo " <TABLE BORDER=\"0\" WIDTH=\"95%\" ALIGN=\"CENTER\">"
echo " <TR><TD>"
echo " <PRE>"
echo "${message}"
echo " </PRE>"
echo " </TD></TR>"
echo " </TABLE>"
echo " </TD></TR>"
echo " </TABLE>"
else
echo "${message}"
fi
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Main Board Print
#-----------------------------------------------------------------------------------------------------------------------------------
nab_main_board_print()
{
local blk
local domain
local host
local owner
local address
local ttl
local date
local class
local idx=0
local OIFS
if [[ "${FORMAT}" == "html" ]]
then
echo ""
echo " <H1>Rx3 NS Admin Board</H1>"
echo " <P>"
echo " <BR>"
echo ""
echo " <b>Date: $(/bin/date)</b><br>"
echo " </P>"
echo " <HR>"
echo ""
echo " <P>"
echo " <BR>"
echo " </P>"
echo ""
echo " <H2>Rx3 NS Status Board</H2>"
echo ""
echo " <TABLE BORDER=\"1\" WIDTH=\"100%\">"
echo " <TR class=\"header\"><TD class=\"header\">#</TD><TD>Domain</TD><TD>Host</TD><TD>Address</TD><TD>Owner</TD><TD>TTL</TD><TD>Date</TD></TR>"
else
echo "TABLE: RX3-NS_Status_Board"
echo "#;Domain;Host;Address;Owner;TTL;Date"
fi
for blk in ${NS_LIST}
do
OIFS="${IFS}"
IFS=":"
set ${blk}
domain="$1"
host="$2"
owner="$3"
IFS="${OIFS}"
address="$( dig -t A "${host}.${domain}." | grep "^${host}.${domain}" | awk '{print $5}')"
ttl="$( dig -t A "${host}.${domain}." | grep "^${host}.${domain}" | awk '{print $2}')"
date="$( dig -t TXT "${host}.${domain}." | grep "^${host}.${domain}" | awk '{print $5 " " $6}' | sed -e 's/\"//g')"
if [[ "${REMOTE_USER}" == "${owner}" ]]
then
class="default"
else
class="dark"
fi
if [[ "${FORMAT}" == "html" ]]
then
echo " <TR class=\"${class}\"><TD class=\"header\">${idx}</TD><TD>${domain}</TD><TD>${host}</TD><TD>${address}</TD><TD>${owner}</TD><TD>${ttl}</TD><TD>${date}</TD></TR>"
else
echo "${domain};${host};${address};${owner};${ttl};${date}"
fi
idx=$(( idx + 1 ))
done
if [[ "${FORMAT}" == "html" ]]
then
echo " </TABLE>"
echo " <P>"
echo " <BR>"
echo " </P>"
else
echo ""
fi
nab_usage_print
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Query String Parse
#-----------------------------------------------------------------------------------------------------------------------------------
nab_query_string_parse()
{
local var
local arg
local i
CMD=""
FORMAT=""
IP=""
HOST=""
DOMAIN=""
TTL=""
if [[ "${QUERY_STRING}" != "" ]]
then
local OIFS="${IFS}"
IFS="&"
set ${QUERY_STRING}
IFS="${OIFS}"
i=$#
while [[ "${i}" != "0" ]]
do
var="${1/=*/}"
arg="${1/*=/}"
case "${var}"
in
"cmd")
CMD="${arg}"
;;
"format")
FORMAT="${arg}"
;;
"host")
HOST="${arg}"
;;
"domain")
DOMAIN="${arg}"
;;
"ip")
IP="${arg}"
;;
"ttl")
TTL="${arg}"
;;
esac
shift
i=$(( i - 1 ))
done
fi
if [[ "${FORMAT}" == "" ]]
then
FORMAT="html"
fi
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Command Handler
#-----------------------------------------------------------------------------------------------------------------------------------
nab_command_handler()
{
local owner
local status
case "${CMD}"
in
"")
CMD_STATUS="OK"
REFRESH="yes"
nab_header_print
nab_main_board_print
nab_footer_print
;;
"address_set")
owner="$( nab_lookup_domain_owner)"
if [[ "${owner}" != "" ]]
then
if [[ "${REMOTE_USER}" == "${owner}" ]]
then
if [[ "${IP}" == "" ]]
then
IP="${REMOTE_IP}"
fi
if [[ "${TTL}" == "" ]]
then
TTL="600"
fi
dns_host_update "${HOST}" "${DOMAIN}" "${IP}" "${TTL}"
if [[ "$?" == "0" ]]
then
status="OK"
else
status="KO"
fi
else
status="KO - Not Authorized"
fi
else
status="KO - Domain not found"
fi
CMD_STATUS="${CMD}: ${status}"
REFRESH="no"
nab_header_print
nab_result_print "Set ${HOST}.${DOMAIN}. to ${IP} with TTL ${TTL}: ${status}"
nab_footer_print
;;
"address_get")
owner="$( nab_lookup_domain_owner)"
if [[ "${owner}" != "" ]]
then
HOST_INFO="$( dig -t ANY "${HOST}.${DOMAIN}.")"
if [[ "$?" == "0" ]]
then
status="OK"
else
status="KO"
fi
else
status="KO - Domain not found"
fi
CMD_STATUS="${CMD}: ${status}"
REFRESH="no"
nab_header_print
if [[ "${FORMAT}" == "html" ]]
then
nab_result_print "${HOST}.${DOMAIN}.: ${status}<br>
${HOST_INFO}"
else
echo "${HOST}.${DOMAIN}.:"
echo ""
echo "${HOST_INFO}"
fi
nab_footer_print
;;
*)
CMD_STATUS="${CMD}: UNKNOWN_CMD"
nab_header_print
nab_footer_print
;;
esac
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Main
#-----------------------------------------------------------------------------------------------------------------------------------
nab_query_string_parse
dns_init
nab_command_handler
dns_deinit

961
www/cgi-bin/vpn-admin_board.cgi Executable file
View File

@@ -0,0 +1,961 @@
#!/bin/bash
#-----------------------------------------------------------------------------------------------------------------------------------
#
# Rx3 VPN Admin Board CGI
#
# Copyright (C) 2025-2026 Arnaud G. GIBERT
# mailto:arnaud@rx3.net
#
# This is free software: you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published
# by the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this program; If not, see
# <https://www.gnu.org/licenses/>.
#
#-----------------------------------------------------------------------------------------------------------------------------------
#-----------------------------------------------------------------------------------------------------------------------------------
# Includes
#-----------------------------------------------------------------------------------------------------------------------------------
: "${RX3_LIB_DIR:=/usr/lib/rx3}"
. "${RX3_LIB_DIR}/network.bash"
#-----------------------------------------------------------------------------------------------------------------------------------
# Global Variables
#-----------------------------------------------------------------------------------------------------------------------------------
declare -g VERSION="1.0.0"
declare -g NAME="vpn-admin_board.cgi"
declare -g DEBUG=""
#declare -g DEBUG="echo"
#declare -g DEBUG=":"
# No Log please
export LOG=""
declare -g TIME_IN=$(date +%s%N)
declare -g CMD=""
declare -g FORMAT=""
declare -g USER=""
declare -g STATUS=""
declare -g IP=""
declare -g VPN=""
declare -g TYPE=""
declare -g REDIRECT=""
declare -g CMD_STATUS=""
declare -g ADMIN=""
declare -g FILTER=""
declare -g DEFROUTE=""
declare -g FILENAME=""
declare -g FILE_NAME=""
declare -g HOST_NAME=""
declare -g ADMIN_MODE=""
declare -g USER_MODE=""
declare -g STATUS_MODE=""
#-----------------------------------------------------------------------------------------------------------------------------------
# Header Print
#-----------------------------------------------------------------------------------------------------------------------------------
vab_header_print()
{
case "${FORMAT}"
in
"html")
echo "Content-type: text/html"
echo ""
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">"
echo "<HTML>"
echo " <HEAD>"
echo " <META HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=iso-8859-1\">"
echo " <META http-equiv=\"Refresh\" content=\"300\">"
echo " <META http-equiv=\"Pragma\" content=\"no-cache\">"
echo " <LINK REL=\"shortcut icon\" HREF=\"/favicon.ico\" TYPE=\"image/x-icon\">"
echo " <LINK REL=\"stylesheet\" TYPE=\"text/css\" HREF=\"/tdsots/default.css\">"
if [[ "${CMD_STATUS}" == "" ]]
then
echo " <TITLE>Rx3 VPN Admin Board</Title>"
else
echo " <TITLE>Rx3 VPN Admin Board: ${CMD_STATUS}</Title>"
fi
if [[ "${REDIRECT}" != "" ]]
then
echo " <meta http-equiv=\"REFRESH\" content=\"1; URL=${REDIRECT}\">"
fi
echo " </HEAD>"
echo " <BODY>"
;;
"csv")
echo "Content-type: text/csv"
echo ""
echo "SOF"
if [[ "${REDIRECT}" != "" ]]
then
echo "CMD: ${CMD_STATUS}"
fi
;;
"txt")
echo "Content-disposition: attachment; filename=${FILE_NAME}"
echo "Content-type: text/plain"
echo ""
;;
esac
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Footer Print
#-----------------------------------------------------------------------------------------------------------------------------------
vab_footer_print()
{
case "${FORMAT}"
in
"html")
echo " </BODY>"
echo ""
echo "</HTML>"
;;
"csv")
echo ""
echo "EOF"
;;
esac
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Destination Status Board
#-----------------------------------------------------------------------------------------------------------------------------------
vab_destination_status_board()
{
local dst_id
if [[ "${FORMAT}" == "html" ]]
then
echo " <P>"
echo " <BR>"
echo " </P>"
echo ""
echo " <H2>Destination Status Board</H2>"
echo ""
echo " <TABLE BORDER=\"1\" WIDTH=\"100%\">"
echo " <TR class=\"header\"><TD class=\"header\">#</TD><TD>Name</TD><TD>Type</TD><TD>Device</TD><TD>Status</TD><TD>IP</TD><TD>Host Name</TD><TD>Config</TD><TD>Table</TD><TD>Bytes In</TD><TD>Bytes Out</TD><TD>UpTime</TD></TR>"
else
echo "TABLE: Destination_Status_Board"
echo "#;Name;Type;Device;Status;IP;Host Name;Config;Table;Bytes In;Bytes Out;UpTime"
fi
for dst_id in ${NETWORK_DST_ID_LIST}
do
network_dst_tab_get "${dst_id}"
if [[ "${dst_status}" == "0" ]]
then
dst_ip="-"
fi
if [[ ( "${STATUS}" == "" ) || ( "${STATUS}" == "${dst_status}") ]]
then
if [[ "${FORMAT}" == "html" ]]
then
echo -n " <TR><TD class=\"header\">${dst_id}</TD><TD>${dst_name}</TD><TD>${NETWORK_DST_TYPE[${dst_type}]}</TD><TD>${dst_device}</TD>"
case "${dst_status}"
in
"0")
echo -n "<TD><A HREF=\"?admin=${ADMIN}&amp;user=${USER}&amp;status=${dst_status}\"><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></A></TD>"
;;
"1")
echo -n "<TD><A HREF=\"?admin=${ADMIN}&amp;user=${USER}&amp;status=${dst_status}\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></A></TD>"
;;
"2")
echo -n "<TD><A HREF=\"?admin=${ADMIN}&amp;user=${USER}&amp;status=${dst_status}\"><IMG SRC=\"/icons/user-unready.png\" TITLE=\"Unready\" ALT=\"Unready\"></A></TD>"
;;
*)
echo -n "<TD><IMG SRC=\"\" TITLE=\"Unknown\" ALT=\"Unknown\"></TD>"
;;
esac
echo "<TD>${dst_ip:--}</TD><TD>${dst_host_name:--}</TD><TD>${dst_config:--}</TD><TD>${dst_table}</TD><TD>${dst_bytes_received:--}</TD><TD>${dst_bytes_sent:--}</TD><TD>${dst_uptime:--}</TD></TR>"
else
echo "${dst_id};${dst_name};${NETWORK_DST_TYPE[${dst_type}]};${dst_device};${dst_status};${dst_ip};${dst_host_name};${dst_config};${dst_table};${dst_bytes_received};${dst_bytes_sent};${dst_uptime}"
fi
fi
done
if [[ "${FORMAT}" == "html" ]]
then
echo " </TABLE>"
echo " <P>"
echo " <BR>"
echo " </P>"
echo ""
else
echo ""
fi
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Source Routing Board Line
#-----------------------------------------------------------------------------------------------------------------------------------
vab_source_routing_board_line()
{
local src_id="$1"
local class
local dst_id
network_src_tab_get "${src_id}"
if [[ ( "${USER}" == "" ) || ( "${USER}" == "owner") || ( "${USER}" == "${src_owner}") ]]
then
if [[ ( "${ADMIN}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
then
class="default"
else
if [[ "${USER}" == "owner" ]]
then
class="skip"
else
class="dark"
fi
fi
else
class="skip"
fi
if [[ ( "${STATUS}" != "" ) && ( "${STATUS}" != "${src_status}") ]]
then
class="skip"
fi
if [[ "${class}" != "skip" ]]
then
if [[ "${FORMAT}" == "html" ]]
then
echo -n " <TR class=\"${class}\"><TD class=\"header\">${src_id}</TD>"
echo -n "<TD>${NETWORK_SRC_TYPE[${src_type}]}</TD><TD>${src_ip}</TD><TD>${src_host_name:--}</TD>"
echo -n "<TD>${src_device:--}</TD>"
case "${src_status}"
in
"0")
echo -n "<TD><A HREF=\"?admin=${ADMIN}&amp;user=${USER}&amp;status=${src_status}\"><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></A></TD>"
;;
"1")
echo -n "<TD><A HREF=\"?admin=${ADMIN}&amp;user=${USER}&amp;status=${src_status}\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></A></TD>"
;;
"2")
echo -n "<TD><A HREF=\"?admin=${ADMIN}&amp;user=${USER}&amp;status=${src_status}\">-</A></TD>"
;;
esac
else
echo -n "${src_id};${NETWORK_SRC_TYPE[${src_type}]};${src_ip};${src_host_name};${src_device};${src_status};"
fi
for dst_id in ${NETWORK_DST_ID_LIST}
do
network_dst_tab_get "${dst_id}"
if [[ ( "${ADMIN}" == "true") || ( "${dst_type}" != "1") ]]
then
if [[ "${FORMAT}" == "html" ]]
then
echo -n "<TD><TABLE class=\"${class}\" BORDER=\"0\" WIDTH=\"100%\"><TR><TD class=\"half\">"
if [[ "${dst_table}" == "${src_table}" ]]
then
echo -n "<IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD><TD>&nbsp;"
else
echo -n "<IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD><TD>"
if [[ ( "${ADMIN}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
then
echo -n "<A HREF=\"?cmd=route_set&amp;admin=${ADMIN}&amp;user=${USER}&amp;status=${STATUS}&amp;ip=${src_ip}&amp;vpn=${dst_id}\"><IMG SRC=\"/icons/user-invisible.png\" TITLE=\"Activate\" ALT=\"Activate\"></A>"
else
echo -n "&nbsp;"
fi
fi
echo -n "</TD></TR></TABLE></TD>"
else
if [[ "${dst_table}" == "${src_table}" ]]
then
echo -n "1;"
else
echo -n "0;"
fi
fi
fi
done
if [[ "${FORMAT}" == "html" ]]
then
if [[ "${src_port_range}" != "0" ]]
then
echo -n "<TD>${src_port_range}</TD><TD>${src_port_start:--}</TD><TD>${src_port_end:--}</TD>"
else
echo -n "<TD>${src_port_range}</TD><TD>-</TD><TD>-</TD>"
fi
echo "<TD><A HREF=\"?admin=${ADMIN}&amp;user=${src_owner}&amp;status=${STATUS}\">${src_owner}</A></TD><TD>${src_bytes_received:--}</TD><TD>${src_bytes_sent:--}</TD><TD>${src_uptime:--}</TD><TD>${src_last_seen:--}</TD></TR>"
else
echo "${src_port_range};${src_port_start};${src_port_end};${src_owner};${src_bytes_received};${src_bytes_sent};${src_uptime};${src_last_seen}"
fi
fi
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Source Routing Board
#-----------------------------------------------------------------------------------------------------------------------------------
vab_source_routing_board()
{
local src_id
local dst_id
if [[ "${FORMAT}" == "html" ]]
then
echo " <P>"
echo " <BR>"
echo " </P>"
echo ""
echo " <H2>Source Routing Board</H2>"
echo ""
echo " <TABLE BORDER=\"1\" WIDTH=\"100%\">"
echo -n " <TR class=\"header\"><TD class=\"header\">#</TD><TD>Type</TD><TD>IP</TD><TD>Host Name</TD><TD>Device</TD><TD>Status</TD>"
else
echo "TABLE: Source_Routing_Board"
echo -n "#;Type;IP;Host Name;Status;Device;"
fi
for dst_id in ${NETWORK_DST_ID_LIST}
do
network_dst_tab_get "${dst_id}"
if [[ ( "${ADMIN}" == "true") || ( "${dst_type}" != "1") ]]
then
if [[ "${FORMAT}" == "html" ]]
then
echo -n "<TD>${dst_name}</TD>"
else
echo -n "${dst_name};"
fi
fi
done
if [[ "${FORMAT}" == "html" ]]
then
echo "<TD>Port Range</TD><TD>From Port</TD><TD>To Port</TD><TD>Owner</TD><TD>Bytes In</TD><TD>Bytes Out</TD><TD>UpTime</TD><TD>Last Seen</TD></TR>"
else
echo "Port Range;From Port;To Port;Owner;Bytes In;Bytes Out;UpTime;Last Seen"
fi
for src_id in ${NETWORK_SRC_ID_LIST}
do
vab_source_routing_board_line "${src_id}"
done
if [[ "${FORMAT}" == "html" ]]
then
echo " </TABLE>"
echo " <P>"
echo " <BR>"
echo " </P>"
else
echo ""
fi
}
#-----------------------------------------------------------------------------------------------------------------------------------
# VPN OpenVPN Board
#-----------------------------------------------------------------------------------------------------------------------------------
vab_vpn_openvpn_board()
{
local src_id
local class
local idx=0
if [[ "${FORMAT}" == "html" ]]
then
echo " <P>"
echo " <BR>"
echo " </P>"
echo ""
echo " <H2>OpenVPN Board</H2>"
echo ""
echo " <TABLE BORDER=\"1\" WIDTH=\"100%\">"
echo " <TR class=\"header\"><TD class=\"header\" ROWSPAN=3>#</TD><TD ROWSPAN=3>IP</TD><TD ROWSPAN=3>Host Name</TD><TD COLSPAN=4>Configuration</TD><TD COLSPAN=5>Certificates</TD></TR><TR class=\"header\"><TD COLSPAN=2>Default Route VPN</TD><TD COLSPAN=2>No Default Route VPN</TD><TD ROWSPAN=2>CA Certificate (.crt)</TD><TD ROWSPAN=2>TC Certificate (.key)</TD><TD ROWSPAN=2>Private Key (.key)</TD><TD ROWSPAN=2>Cerificate Signing Request (.csr)</TD><TD ROWSPAN=2>Public Certificate (.crt)</TD></TR><TR class=\"header\"><TD>External Crt</TD><TD>Inline Crt</TD><TD>External Crt</TD><TD>Inline Crt</TD></TR>"
else
echo "TABLE: OpenVPN_Board"
echo "#;IP;Host Name;Certificate"
fi
for src_id in ${NETWORK_SRC_ID_LIST}
do
network_src_tab_get "${src_id}"
if [[ "${src_type}" == "2" ]]
then
if [[ ( "${USER}" == "" ) || ( "${USER}" == "owner") || ( "${USER}" == "${src_owner}") ]]
then
if [[ ( "${ADMIN}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
then
class="default"
else
if [[ "${USER}" == "owner" ]]
then
class="skip"
else
class="dark"
fi
fi
else
class="skip"
fi
if [[ ( "${STATUS}" != "" ) && ( "${STATUS}" != "${src_status}") ]]
then
class="skip"
fi
if [[ "${class}" != "skip" ]]
then
if [[ "${FORMAT}" == "html" ]]
then
echo -n " <TR class=\"${class}\"><TD class=\"header\">${idx}</TD><TD>${src_ip}</TD><TD>${src_host_name}</TD>"
echo -n "<TD><A HREF=\"?cmd=config_download&amp;admin=${ADMIN}&amp;user=${USER}&amp;status=${STATUS}&amp;ip=${src_ip}&amp;defroute=true&amp;type=ext\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Default Route External Certificates\" ALT=\"Configuration External Certificates\"></A></TD>"
if [[ ( "${ADMIN}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
then
echo -n "<TD><A HREF=\"?cmd=config_download&amp;admin=${ADMIN}&amp;user=${USER}&amp;status=${STATUS}&amp;ip=${src_ip}&amp;defroute=true&amp;type=inline\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Default Route Inline Certificates\" ALT=\"Configuration Inline Certificates\"></A></TD>"
else
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Inline Certificates\" ALT=\"Configuration Inline Certificates\"></TD>"
fi
echo -n "<TD><A HREF=\"?cmd=config_download&amp;admin=${ADMIN}&amp;user=${USER}&amp;status=${STATUS}&amp;ip=${src_ip}&amp;defroute=false&amp;type=ext\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration NoDefault Route External Certificates\" ALT=\"Configuration External Certificates\"></A></TD>"
if [[ ( "${ADMIN}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
then
echo -n "<TD><A HREF=\"?cmd=config_download&amp;admin=${ADMIN}&amp;user=${USER}&amp;status=${STATUS}&amp;ip=${src_ip}&amp;defroute=false&amp;type=inline\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration NoDefault Route Inline Certificates\" ALT=\"Configuration Inline Certificates\"></A></TD>"
else
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Inline Certificates\" ALT=\"Configuration Inline Certificates\"></TD>"
fi
echo -n "<TD><A HREF=\"?cmd=cert_download&amp;admin=${ADMIN}&amp;user=${USER}&amp;status=${STATUS}&amp;ip=${src_ip}&amp;type=ca\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"CA Certificate\" ALT=\"CA Certificate\"></A></TD>"
if [[ ( "${ADMIN}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
then
echo -n "<TD><A HREF=\"?cmd=cert_download&amp;admin=${ADMIN}&amp;user=${USER}&amp;status=${STATUS}&amp;ip=${src_ip}&amp;type=tc\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"TC Certificate\" ALT=\"TC Certificate\"></A></TD>"
if [[ -f "/etc/openvpn/tls/certs/${src_host_name}.crt" ]]
then
echo -n "<TD><A HREF=\"?cmd=cert_download&amp;admin=${ADMIN}&amp;user=${USER}&amp;status=${STATUS}&amp;ip=${src_ip}&amp;type=key\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></A></TD>"
echo -n "<TD><A HREF=\"?cmd=cert_download&amp;admin=${ADMIN}&amp;user=${USER}&amp;status=${STATUS}&amp;ip=${src_ip}&amp;type=csr\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Certificate Signing Request\" ALT=\"Certificate Signing Request\"></A></TD>"
echo "<TD><A HREF=\"?cmd=cert_download&amp;admin=${ADMIN}&amp;user=${USER}&amp;status=${STATUS}&amp;ip=${src_ip}&amp;type=crt\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></A></TD></TR>"
else
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></TD>"
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Certificate Signing Request\" ALT=\"Certificate Signing Request\"></TD>"
echo "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></TD></TR>"
fi
else
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"TC Certificate\" ALT=\"TC Certificate\"></TD>"
if [[ -f "/etc/openvpn/tls/certs/${src_host_name}.crt" ]]
then
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></TD>"
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Certificate Signing Request\" ALT=\"Certificate Signing Request\"></TD>"
echo "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></TD></TR>"
else
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></TD>"
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Certificate Signing Request\" ALT=\"Certificate Signing Request\"></TD>"
echo "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></TD></TR>"
fi
fi
else
echo -n "${idx};${src_ip};${src_host_name}"
if [[ -f "/etc/openvpn/tls/certs/${src_host_name}.crt" ]]
then
echo ";1"
else
echo ";0"
fi
fi
idx=$(( idx + 1 ))
fi
fi
done
if [[ "${FORMAT}" == "html" ]]
then
echo " </TABLE>"
echo " <P>"
echo " <BR>"
echo " </P>"
fi
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Main Board Print
#-----------------------------------------------------------------------------------------------------------------------------------
vab_main_board_print()
{
if [[ "${FORMAT}" == "html" ]]
then
echo ""
if [[ "${ADMIN}" == "true" ]]
then
ADMIN_MODE=" - Admin Mode"
else
ADMIN_MODE=""
fi
case "${USER}"
in
"")
USER_MODE="All"
;;
"owner")
USER_MODE="My"
;;
*)
USER_MODE="${USER}"
;;
esac
case "${STATUS}"
in
"")
STATUS_MODE="All"
;;
"0")
STATUS_MODE="Down"
;;
"1")
STATUS_MODE="Up"
;;
"2")
STATUS_MODE="Not Connected"
;;
*)
STATUS_MODE="Unknown"
;;
esac
echo " <H1>VPN Admin Board: ${USER_MODE} VPN - ${STATUS_MODE} Status${ADMIN_MODE}</H1>"
echo " <P>"
echo " <BR>"
echo ""
echo " <b>Date: $(/bin/date)</b><br>"
echo " </P>"
echo " <HR>"
echo ""
fi
vab_destination_status_board
vab_source_routing_board
vab_vpn_openvpn_board
if [[ "${FORMAT}" == "html" ]]
then
local time_out
local elaps
local elaps_sec
local elaps_mili
echo " <P>"
echo " <BR>"
echo " <BR>"
echo -n " "
if [[ " ${ADMIN_USER_LIST} " == *" ${REMOTE_USER} "* ]]
then
if [[ "${ADMIN}" == "true" ]]
then
echo -n "<A HREF=\"?user=${USER}&amp;status=${STATUS}\">Non Admin Mode</A>"
else
echo -n "<A HREF=\"?admin=true&amp;user=${USER}&amp;status=${STATUS}\">Admin Mode</A>"
fi
echo -n "&nbsp;&nbsp;&nbsp;"
fi
if [[ "${USER}" != "" ]]
then
echo -n "<A HREF=\"?admin=${ADMIN}&amp;status=${STATUS}\">All VPN</A>"
echo -n "&nbsp;&nbsp;&nbsp;"
fi
if [[ "${STATUS}" != "" ]]
then
echo -n "<A HREF=\"?admin=${ADMIN}&amp;user=${USER}\">All Status</A>"
fi
echo ""
echo " </P>"
time_out=$(date +%s%N)
elaps=$(( TIME_IN - time_out ))
elaps_sec=$(( elaps / 1000000000 ))
elaps_mili=$(( ( elaps / 1000000) - ( elaps_sec * 1000) ))
echo " <P>"
echo " <BR>"
echo " <BR>"
printf " Page generated in %d.%03d seconds\n" "${elaps_sec}" "${elaps_mili}"
echo " </P>"
echo ""
echo " <HR>"
echo ""
echo " <P>"
echo " <A HREF=\"/tdsots/admin/\">Rx3 Admin</A>"
echo " </P>"
echo ""
echo " <HR>"
echo ""
echo " <P>"
echo " <A HREF=\"http://www.hertgen.com/anybrowser/\"> <IMG SRC=\"/images/anyb09.png\" ALT=\"Best Viewed With Any Browser\"></A>"
echo " <A HREF=\"http://validator.w3.org/check?uri=referer\"><IMG SRC=\"/images/valid-html401.png\" ALT=\"Valid HTML 4.01!\"></A>"
echo " <A HREF=\"http://jigsaw.w3.org/css-validator/\"> <IMG SRC=\"/images/valid-css.png\" ALT=\"Valid CSS!\"></A>"
echo " </P>"
fi
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Query String Parse
#-----------------------------------------------------------------------------------------------------------------------------------
vab_query_string_parse()
{
local var
local arg
local i
CMD=""
FORMAT=""
USER=""
STATUS=""
IP=""
VPN=""
TYPE=""
REDIRECT=""
CMD_STATUS=""
ADMIN=""
FILTER=""
DEFROUTE=""
FILENAME=""
if [[ "${QUERY_STRING}" != "" ]]
then
local OIFS="${IFS}"
IFS="&"
set ${QUERY_STRING}
IFS="${OIFS}"
i=$#
while [[ "${i}" != "0" ]]
do
var="${1/=*/}"
arg="${1/*=/}"
case "${var}"
in
"cmd")
CMD="${arg}"
;;
"format")
FORMAT="${arg}"
;;
"admin")
ADMIN="${arg}"
;;
"filter")
FILTER="${arg}"
;;
"user")
USER="${arg}"
;;
"status")
STATUS="${arg}"
;;
"ip")
IP="${arg}"
;;
"vpn")
VPN="${arg}"
;;
"type")
TYPE="${arg}"
;;
"filename")
FILENAME="${arg}"
;;
"defroute")
DEFROUTE="${arg}"
;;
esac
shift
i=$(( i - 1 ))
done
fi
if [[ "${FORMAT}" == "" ]]
then
FORMAT="html"
fi
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Command Handler
#-----------------------------------------------------------------------------------------------------------------------------------
vab_command_handler()
{
if [[ ( "${ADMIN}" == "true") && ( " ${ADMIN_USER_LIST} " != *" ${REMOTE_USER} "*) ]]
then
CMD_STATUS="${CMD}: Admin NOT_AUTHORIZED"
REDIRECT="?user=${USER}&amp;up=${up}"
vab_header_print
vab_footer_print
else
case "${CMD}"
in
"")
vab_header_print
vab_main_board_print
vab_footer_print
;;
"route_set")
network_src_tab_ip_lookup "${IP}"
network_src_tab_get "${src_id}"
network_dst_tab_get "${VPN}"
if [[ ( "${ADMIN}" == "true") || ( ( "${REMOTE_USER}" == "${src_owner}") && ( "${dst_type}" != "1")) ]]
then
sudo rx3_net_adm table_set "${IP}" "${dst_table}" 1>&2
if [[ "$?" == "0" ]]
then
CMD_STATUS="route_set: OK"
else
CMD_STATUS="route_set: KO"
fi
else
CMD_STATUS="route_set: NOT_AUTHORIZED [${REMOTE_USER}]/[${src_owner}]/[${dst_type}]"
fi
REDIRECT="?admin=${ADMIN}&amp;filter=${FILTER}"
vab_header_print
vab_footer_print
;;
"cert_download")
network_src_tab_ip_lookup "${IP}"
network_src_tab_get "${src_id}"
if [[ ( "${ADMIN}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") || ( "${TYPE}" == "ca") || ( "${TYPE}" == "crt") ]]
then
CMD_STATUS="cert_download: OK"
FORMAT="txt"
case "${TYPE}"
in
"ca")
FILE_NAME="ca.crt"
HOST_NAME=""
;;
"tc")
FILE_NAME="tc.key"
HOST_NAME=""
;;
*)
HOST_NAME="$( host "${IP}" | sed -e 's/.*domain name pointer //' -e 's/.$//')"
FILE_NAME="${HOST_NAME}.${TYPE}"
;;
esac
vab_header_print
sudo cert_dump "${TYPE}" "${HOST_NAME}"
else
CMD_STATUS="cert_download: NOT_AUTHORIZED"
REDIRECT="?admin=${ADMIN}&amp;filter=${FILTER}"
FORMAT="html"
vab_header_print
vab_footer_print
fi
;;
"config_download")
network_src_tab_ip_lookup "${IP}"
network_src_tab_get "${src_id}"
if [[ ( "${ADMIN}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") || ( "${TYPE}" == "ext") ]]
then
local defroute_pipe
local template_name
local route_type
CMD_STATUS="config_download: OK"
HOST_NAME="$( host "${IP}" | sed -e 's/.*domain name pointer //' -e 's/.$//')"
template_name="rx3-client.ovpn"
if [[ "${DEFROUTE}" == "false" ]]
then
defroute_pipe="sed s/#pull-filter/pull-filter/"
route_type="nodefroute"
else
defroute_pipe="cat"
route_type="defroute"
fi
FORMAT="txt"
if [[ "${TYPE}" == "ext" ]]
then
FILE_NAME="${HOST_NAME}-${route_type}-external.ovpn"
vab_header_print
sed </etc/openvpn/template/${template_name} -e "s/CLIENT_FQDN/${HOST_NAME}/g" | ${defroute_pipe}
else
FILE_NAME="${HOST_NAME}-${route_type}-inline.ovpn"
vab_header_print
eval "echo \"$( sed </etc/openvpn/template/${template_name} \
-e "s/ca tls\/certs\/ca.crt/\$(echo \"<ca>\"; sudo cert_dump ca; echo \"<\/ca>\")/" \
-e "s/cert tls\/certs\/CLIENT_FQDN.crt/\$(echo \"<cert>\"; sudo cert_dump crt CLIENT_FQDN; echo \"<\/cert>\")/" \
-e "s/key tls\/private\/CLIENT_FQDN.key/\$(echo \"<key>\"; sudo cert_dump key CLIENT_FQDN; echo \"<\/key>\")/" \
-e "s/tls-crypt tls\/private\/tc.key/\$(echo \"<tls-crypt>\"; sudo cert_dump tc; echo \"<\/tls-crypt>\")/" \
-e "s/CLIENT_FQDN/${HOST_NAME}/g")\"" | ${defroute_pipe}
fi
else
CMD_STATUS="config_download: NOT_AUTHORIZED"
REDIRECT="?admin=${ADMIN}&amp;filter=${FILTER}"
FORMAT="html"
vab_header_print
vab_footer_print
fi
;;
*)
CMD_STATUS="${CMD}: UNKNOWN_CMD"
vab_header_print
vab_footer_print
;;
esac
fi
}
#-----------------------------------------------------------------------------------------------------------------------------------
# Main
#-----------------------------------------------------------------------------------------------------------------------------------
vab_query_string_parse
network_init
vab_command_handler
network_deinit