Rx3/network_tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

Compare commits

base: Rx3:network_tools-1.0.0
Branches Tags
Rx3:master
Rx3:network_tools-1.1.4 Rx3:network_tools-1.1.3 Rx3:network_tools-1.1.2 Rx3:network_tools-1.1.1 Rx3:network_tools-1.1.0 Rx3:network_tools-1.0.0
...
compare: Rx3:b1c51d6cfdbc1d46b835013e4ba71ace2c5366ca
Branches Tags
Rx3:master
Rx3:network_tools-1.1.4 Rx3:network_tools-1.1.3 Rx3:network_tools-1.1.2 Rx3:network_tools-1.1.1 Rx3:network_tools-1.1.0 Rx3:network_tools-1.0.0

6 Commits
network_to ... b1c51d6cfd

Author SHA1 Message Date
Arnaud G. GIBERT
b1c51d6cfd - Improve device up api events, 
- Improve openvpn stats reporting,
- Add a new conection state for gateways device up with no gateway client conected.
 2025-09-01 01:09:29 +02:00
Arnaud G. GIBERT
235076b6b9 - Complete the first gateway support implementation, 
- More tests needed!
 2025-08-26 19:14:05 +02:00
Arnaud G. GIBERT
7e05bc0ba0 - Fix cgi execution mode. 2025-08-24 12:55:19 +02:00
Arnaud G. GIBERT
5fb45c3944 - Contunue gatway support implementation. 2025-08-24 12:47:58 +02:00
Arnaud G. GIBERT
67f1ec7de8 - Start VPN gateways support implementation. 2025-08-23 11:58:29 +02:00
Arnaud G. GIBERT
7a2bd651d7 - Move dns.bash from global to local, 
- Add installation support of default.bash in local or global.
 2025-08-17 11:55:43 +02:00
10 changed files with 579 additions and 167 deletions
Expand all files Collapse all files

10
ReleaseNotes.txt
View File

@@ -1,5 +1,13 @@
------------------------------------------------------------------------------------------------------------------------------------
Network Rools V 1.0.0 - A. GIBERT - 2025/08/12
Network Tools V 1.1.0 - A. GIBERT - 2025/08/26
------------------------------------------------------------------------------------------------------------------------------------
- Add VPN Gateway support.
------------------------------------------------------------------------------------------------------------------------------------
Network Tools V 1.0.0 - A. GIBERT - 2025/08/12
------------------------------------------------------------------------------------------------------------------------------------
- Initial release,

2
usr/local/lib/default.bash
View File

@@ -341,7 +341,7 @@ log_print()
file_lock "${lock_file}" WRITE 8
fi
printf >> "${log_file}" "%s %9s %3s %8s %s\n" "$(date --rfc-3339=seconds -u)" "($BASHPID)" "${log_type}" "${log_prefix}:" "$*"
printf >> "${log_file}" "%s %9s %3s %16s %s\n" "$(date --rfc-3339=seconds -u)" "($BASHPID)" "${log_type}" "${log_prefix}:" "$*"
if [[ "${lock_file}" != "" ]]
then

11
usr/local/lib/dns.bash
View File

@@ -12,11 +12,12 @@ fi
# Includes
#-----------------------------------------------------------------------------------------------------------------------------------
. /usr/global/lib/default.bash
#[ -e /var/cache/dns.cache ] && . /var/cache/dns.cache
if [[ -e /usr/local/lib/default.bash ]]
then
. /usr/local/lib/default.bash
else
. /usr/global/lib/default.bash
fi

458
usr/local/lib/network.bash
View File

@@ -12,7 +12,7 @@ fi
# Includes
#-----------------------------------------------------------------------------------------------------------------------------------
. /usr/global/lib/dns.bash
. /usr/local/lib/dns.bash
@@ -168,6 +168,72 @@ network_common_dump()
#--------------------------------------------------------------------------------------------------------------------------
# network_common_openvpn_stats_get
#--------------------------------------------------------------------------------------------------------------------------
network_common_openvpn_stats_get()
{
local device="$1"
local client="$2"
if [[ "${client}" == "" ]]
then
client=".*"
else
if [[ "${device}" == "" ]]
then
tmp="$( echo "${NETWORK_OPENVPN_STATUS}" | grep "CLIENT_LIST,${client},")"
tmp="${tmp/*\//}"
device="${tmp/.status*/}"
fi
fi
if [[ "${device}" != "" ]]
then
if [[ "${NETWORK_OPENVPN_STATUS}" =~ ("${device}.status: TITLE") ]]
then
# OpenVPN Server Mode
OIFS="${IFS}"
IFS=","
set XXX/$( echo "${NETWORK_OPENVPN_STATUS}" | grep "${device}\.status: CLIENT_LIST,${client},") &>/dev/null
IFS="${OIFS}"
tmp="${1/XXX*\//}"
ovpn_stat_device="${tmp/.status*/}"
ovpn_stat_client_name="$2"
ovpn_stat_address_ext="$3"
ovpn_stat_address_int="$4"
ovpn_stat_address_int6="$5"
ovpn_stat_bytes_received="$6"
ovpn_stat_bytes_sent="$7"
ovpn_stat_connected_date="$8"
ovpn_stat_connected_time_t="$9"
ovpn_stat_user_name="$10"
ovpn_stat_client_id="$11"
ovpn_stat_peer_id="$12"
ovpn_stat_cipher="$13"
else
# OpenVPN Client Mode
set XXX/$( echo "${NETWORK_OPENVPN_STATUS}" | grep "${device}\.status:") &>/dev/null
tmp="${1/XXX*\//}"
ovpn_stat_device="${tmp/.status*/}"
ovpn_stat_bytes_received="${18/bytes,}"
ovpn_stat_bytes_sent="${22/bytes,}"
fi
else
ovpn_stat_device=""
fi
}
#--------------------------------------------------------------------------------------------------------------------------
# network_ip_route_tab_load
#--------------------------------------------------------------------------------------------------------------------------
@@ -233,6 +299,7 @@ network_ip_route_tab_dump()
echo "NETWORK_IP_ROUTE_ID_LIST: [${NETWORK_IP_ROUTE_ID_LIST}]"
echo
echo "NETWORK_IP_ROUTE_IP_IDX:"
for key in "${!NETWORK_IP_ROUTE_IP_IDX[@]}"
@@ -242,6 +309,7 @@ network_ip_route_tab_dump()
echo
echo "NETWORK_IP_ROUTE_TAB:"
for key in "${!NETWORK_IP_ROUTE_TAB[@]}"
@@ -263,6 +331,7 @@ network_ip_route_tab_dump()
network_dst_tab_load()
{
ndtl_id=0
vpn_id=0
log_trace "Network" "Loading Dst tab..."
@@ -290,44 +359,65 @@ network_dst_tab_load()
var_assign NETWORK_TABLE_LIST "${ndtl_table}" INC
tab_assign NETWORK_DST_TAB "${ndtl_id},Status" "$( ip link show dev ${ndtl_device} 2>/dev/null | grep -q ",UP," && echo 1 || echo 0)"
ndtl_host_name="vpn${ndtl_id}.${NETWORK_DST_NAME}"
ndtl_status="$( ip link show dev ${ndtl_device} 2>/dev/null | grep -q ",UP," && echo "1" || echo "0")"
if [[ "${ndtl_type}" == "5" ]]
then
ndtl_host_name=""
dns_value=""
else
ndtl_host_name="vpn${vpn_id}.${NETWORK_DST_NAME}"
dns_lookup "A" "${ndtl_host_name}" "NOCACHE"
vpn_id=$((${vpn_id} + 1))
fi
tab_assign NETWORK_DST_TAB "${ndtl_id},Host_Name" "${ndtl_host_name}"
dns_lookup "A" "${ndtl_host_name}" "NOCACHE"
tab_assign NETWORK_DST_TAB "${ndtl_id},IP" "${dns_value}"
case "${ndtl_type}"
in
"0")
set $(ip -s link show ${ndtl_device} 2>/dev/null ) &>/dev/null
ndtl_bytes_received="$( cat /sys/class/net/${ndtl_device}/statistics/rx_bytes 2>/dev/null | numfmt --to=iec-i --suffix=B)"
ndtl_bytes_sent="$( cat /sys/class/net/${ndtl_device}/statistics/tx_bytes 2>/dev/null | numfmt --to=iec-i --suffix=B)"
;;
ndtl_bytes_received="$( echo ${27} | numfmt --to=iec-i --suffix=B)"
ndtl_bytes_sent="$( echo ${40} | numfmt --to=iec-i --suffix=B)"
ndtl_uptime=""
;;
"1"|"2")
network_common_openvpn_stats_get "${ndtl_device}" ""
"1")
set $( echo "${NETWORK_OPENVPN_STATUS}" | grep ${ndtl_device}) &>/dev/null
if [[ ( "${ndtl_type}" == "1") && ( "${ndtl_status}" == "1") && ( "${ovpn_stat_client_name}" == "") ]]
then
ndtl_status="2"
# i=1; while [[ $i -lt 50 ]]; do eval "val=\${$i}"; echo "($i):[${val}]" 1>&2; i=$(( $i + 1)); done
ndtl_bytes_received="$( echo ${18/bytes,} | numfmt --to=iec-i --suffix=B)"
ndtl_bytes_sent="$( echo ${22/bytes,} | numfmt --to=iec-i --suffix=B)"
ndtl_start_date="$( grep "ext-client-${ndtl_device}.conf" /var/log/rx3-vpn.status 2>/dev/null | sed -e "s/.*Date: \[//" -e "s/\].*//")"
if [[ "${ndtl_start_date}" == "" ]]
then
ndtl_uptime=""
else
ndtl_uptime=$( echo "$(($(date +%s) - $(date -d "${ndtl_start_date}" +%s)))" | awk '{days = int($1/86400); print days " day" (( days > 1 ) ? "s" : "") strftime(" %H:%M:%S", $1,1)}')
fi
;;
ndtl_bytes_received=""
ndtl_bytes_sent=""
else
ndtl_bytes_received="$( echo ${ovpn_stat_bytes_received} | numfmt --to=iec-i --suffix=B)"
ndtl_bytes_sent="$( echo ${ovpn_stat_bytes_sent} | numfmt --to=iec-i --suffix=B)"
fi
;;
esac
tab_assign NETWORK_DST_TAB "${ndtl_id},Status" "${ndtl_status}"
if [[ "${ndtl_status}" == "1" ]]
then
ndtl_start_date="$( stat -c %Z /sys/class/net/${ndtl_device})"
ndtl_uptime="$( echo $(( $(date +%s) - ${ndtl_start_date})) | awk '{days = int($1/86400); print days " day" (( days > 1 ) ? "s" : "") strftime(" %H:%M:%S", $1,1)}')"
else
ndtl_start_date=""
ndtl_uptime=""
fi
tab_assign NETWORK_DST_TAB "${ndtl_id},Bytes_Received" "${ndtl_bytes_received}"
tab_assign NETWORK_DST_TAB "${ndtl_id},Bytes_Sent" "${ndtl_bytes_sent}"
tab_assign NETWORK_DST_TAB "${ndtl_id},Start_Date" "${ndtl_start_date}"
tab_assign NETWORK_DST_TAB "${ndtl_id},Uptime" "${ndtl_uptime}"
tab_assign NETWORK_DST_NAME_IDX "${ndtl_name}" "${ndtl_id}"
@@ -375,9 +465,20 @@ network_dst_tab_get()
network_dst_tab_dump()
{
echo "NETWORK_DST_TYPE:"
for key in "${!NETWORK_DST_TYPE[@]}"
do
echo "[${key}]: [${NETWORK_DST_TYPE[${key}]}]"
done | sort -n
echo
echo "NETWORK_DST_ID_LIST: [${NETWORK_DST_ID_LIST}]"
echo
echo "NETWORK_DST_NAME_IDX:"
for key in "${!NETWORK_DST_NAME_IDX[@]}"
@@ -387,6 +488,7 @@ network_dst_tab_dump()
echo
echo "NETWORK_DST_DEV_IDX:"
for key in "${!NETWORK_DST_DEV_IDX[@]}"
@@ -396,6 +498,7 @@ network_dst_tab_dump()
echo
echo "NETWORK_DST_TAB:"
for key in "${!NETWORK_DST_TAB[@]}"
@@ -440,6 +543,55 @@ network_dst_tab_dev_lookup()
#--------------------------------------------------------------------------------------------------------------------------
# network_dst_ip_update
#--------------------------------------------------------------------------------------------------------------------------
network_dst_ip_update()
{
local dst_ip_new="$1"
if [[ "${dst_ip}" != "${dst_ip_new}" ]]
then
log_info "Network" "Update ${dst_host_name}: Old: [${dst_ip}] New: [${dst_ip_new}]"
${DEBUG} /usr/local/sbin/ip_host_update "${dst_host_name/.*}" "${dst_host_name#*.}" "${dst_ip_new}" 60
tab_assign NETWORK_DST_TAB "${dst_id},IP" "${dst_ip_new}"
else
log_trace "Network" "Skiping ${dst_host_name}: IP: [${dst_ip}]"
fi
}
#--------------------------------------------------------------------------------------------------------------------------
# network_dst_name_ip_update
#--------------------------------------------------------------------------------------------------------------------------
network_dst_name_ip_update()
{
local dst_name="$1"
local dst_ip_new="$2"
network_dst_tab_name_lookup "${job_name}"
if [[ "${dst_id}" != "" ]]
then
network_dst_tab_get "${dst_id}"
network_dst_ip_update "${dst_ip_new}"
else
log_error "Network: dst name not found: [${dst_name}]"
fi
}
#--------------------------------------------------------------------------------------------------------------------------
# network_src_tab_load
#--------------------------------------------------------------------------------------------------------------------------
@@ -486,48 +638,54 @@ network_src_tab_load()
# [[ $nstl_host_name =~ ([0-9]+) ]]
# nstl_device="${NETWORK_SRC_LOCAL_DEVICE}-${BASH_REMATCH[1]}"
ip_num=$(ip_to_num ${nstl_ip})
device_num="$(( ( ${ip_num} - ${ip_base}) / 4))"
ip_num=$(ip_to_num ${nstl_ip})
device_num="$(( ( ${ip_num} - ${ip_base}) / 4))"
nstl_device="${NETWORK_SRC_LOCAL_DEVICE}-${device_num}"
;;&
nstl_status="$( ip link show dev ${nstl_device} 2>/dev/null | grep -q ",UP," && echo "1" || echo "0")"
if [[ "${nstl_status}" == 1 ]]
then
nstl_bytes_received="$( cat /sys/class/net/${nstl_device}/statistics/rx_bytes 2>/dev/null | numfmt --to=iec-i --suffix=B)"
nstl_bytes_sent="$( cat /sys/class/net/${nstl_device}/statistics/tx_bytes 2>/dev/null | numfmt --to=iec-i --suffix=B)"
nstl_start_date="$( stat -c %Z /sys/class/net/${nstl_device})"
nstl_uptime="$( echo $(( $(date +%s) - ${nstl_start_date})) | awk '{days = int($1/86400); print days " day" (( days > 1 ) ? "s" : "") strftime(" %H:%M:%S", $1,1)}')"
else
nstl_bytes_received=""
nstl_bytes_sent=""
nstl_uptime=""
nstl_last_seen=""
fi
;;
"1") # Routed
nstl_device=""
;;&
"0"|"1") # Local + Routed
nstl_device=""
nstl_status="2"
nstl_bytes_received=""
nstl_bytes_sent=""
nstl_uptime=""
nstl_last_seen=""
;;
;;
"2") # OpenVPN
nstl_device="tun0"
nstl_status_line="$( echo "${NETWORK_OPENVPN_STATUS}" | grep "${nstl_device}.log: CLIENT_LIST.*${nstl_ip},")"
network_common_openvpn_stats_get "" "${nstl_host_name}"
if [[ "${nstl_status_line}" == "" ]]
if [[ "${ovpn_stat_device}" == "" ]]
then
nstl_device=""
nstl_status="0"
nstl_bytes_received=""
nstl_bytes_sent=""
nstl_start_date=""
nstl_uptime=""
nstl_last_seen="$( stat -c "%x" /etc/openvpn/status/${nstl_host_name}.status 2>/dev/null | sed -e 's/\..*//')"
else
nstl_status="1"
IFS=,
set ${nstl_status_line} &>/dev/null
unset IFS
nstl_bytes_received=$( echo ${6} | numfmt --to=iec-i --suffix=B)
nstl_bytes_sent=$( echo ${7} | numfmt --to=iec-i --suffix=B)
nstl_start_date=${8}
nstl_device="${ovpn_stat_device}"
nstl_status="1"
nstl_bytes_received=$( echo ${ovpn_stat_bytes_sent} | numfmt --to=iec-i --suffix=B)
nstl_bytes_sent=$( echo ${ovpn_stat_bytes_sent} | numfmt --to=iec-i --suffix=B)
nstl_start_date=${ovpn_stat_connected_date}
nstl_uptime=$( echo "$(($(date +%s) - $(date -d "${nstl_start_date}" +%s)))" | awk '{days = int($1/86400); print days " day" (( days > 1 ) ? "s" : "") strftime(" %H:%M:%S", $1,1)}')
nstl_last_seen="$(stat -c "%x" /etc/openvpn/status/${nstl_host_name}.status 2>/dev/null | sed -e 's/\..*//')"
fi
@@ -614,6 +772,16 @@ network_src_tab_get()
network_src_tab_dump()
{
echo "NETWORK_SRC_TYPE:"
for key in "${!NETWORK_SRC_TYPE[@]}"
do
echo "[${key}]: [${NETWORK_SRC_TYPE[${key}]}]"
done | sort -n
echo
echo "NETWORK_SRC_ID_LIST: [${NETWORK_SRC_ID_LIST}]"
echo
@@ -706,7 +874,7 @@ network_route_dst_init()
local dst_id="$1"
network_dst_tab_get ${dst_id}
network_dst_tab_get "${dst_id}"
if [[ ${dst_type} == "0" ]]
then
@@ -726,7 +894,21 @@ network_route_dst_init()
fi
target_device=${dst_device}
# network_route_rx3_init ${dst_device}
}
#--------------------------------------------------------------------------------------------------------------------------
# network_route_rx3_init
#--------------------------------------------------------------------------------------------------------------------------
network_route_rx3_init()
{
local target_device="$1"
log_trace "Network" "Add [${target_device}] Rx3 routes in VPN tables"
@@ -740,7 +922,7 @@ network_route_dst_init()
if [[ "${ip_route_device}" == "${target_device}" ]]
then
${DEBUG} ip route add ${ip_route_ip}/${ip_route_mask} table ${dst_table} dev ${ip_route_device}
${DEBUG} ip route add ${ip_route_ip}/${ip_route_mask} dev ${ip_route_device} table ${dst_table}
fi
done
done
@@ -779,6 +961,111 @@ network_route_other_init()
#--------------------------------------------------------------------------------------------------------------------------
# network_device_init
#--------------------------------------------------------------------------------------------------------------------------
network_device_init()
{
local dst_id="$1"
local device_name="$2"
log_trace "Network" "Init dst_id: [${dst_id}] device_name: [${device_name}]"
if [[ "${dst_id}" == "" ]]
then
network_dst_tab_dev_lookup "${device_name}"
fi
if [[ "${dst_id}" != "" ]]
then
network_route_dst_init "${dst_id}"
device_name="${dst_device}"
fi
network_route_rx3_init "${device_name}"
}
#--------------------------------------------------------------------------------------------------------------------------
# network_device_deinit
#--------------------------------------------------------------------------------------------------------------------------
network_device_deinit()
{
local dst_id="$1"
local device_name="$2"
log_trace "Network" "DeInit dst_id: [${dst_id}] device_name: [${device_name}]"
if [[ "${dst_id}" == "" ]]
then
network_dst_tab_dev_lookup "${device_name}"
fi
if [[ "${dst_id}" != "" ]]
then
network_dst_tab_get "${dst_id}"
network_dst_ip_update "0.0.0.0"
fi
}
#--------------------------------------------------------------------------------------------------------------------------
# network_dst_init
#--------------------------------------------------------------------------------------------------------------------------
#
#network_device_name_init()
#{
# local dst_id="$1"
#
#
# if [[ "${dst_id}" != "" ]]
# then
# network_dst_tab_get "${dst_id}"
#
# network_route_dst_init "${dst_id}"
#
# network_route_rx3_init "${dst_device}"
#
# fi
#
# network_route_rx3_init "${target_device}"
#}
#--------------------------------------------------------------------------------------------------------------------------
# network_device_name_init
#--------------------------------------------------------------------------------------------------------------------------
#
#network_device_name_init()
#{
# local target_device="$1"
#
#
# network_dst_tab_dev_lookup ${target_device}
#
# if [[ "${dst_id}" != "" ]]
# then
# network_route_dst_init "${dst_id}"
# fi
#
# network_route_rx3_init "${target_device}"
#}
#--------------------------------------------------------------------------------------------------------------------------
# network_route_init
#--------------------------------------------------------------------------------------------------------------------------
@@ -787,9 +1074,15 @@ network_route_init()
{
for dst_id in ${NETWORK_DST_ID_LIST}
do
network_route_dst_init ${dst_id}
network_route_other_init ${dst_id}
network_device_init "${dst_id}" ""
network_route_other_init "${dst_id}"
done
# for dst_id in ${NETWORK_DST_ID_LIST}
# do
# network_route_dst_init ${dst_id}
# network_route_other_init ${dst_id}
# done
}
@@ -866,36 +1159,60 @@ network_table_set()
#--------------------------------------------------------------------------------------------------------------------------
# network_dst_address_init_all
#--------------------------------------------------------------------------------------------------------------------------
network_dst_address_init_all()
{
for dst_id in ${NETWORK_DST_ID_LIST}
do
network_dst_tab_get "${dst_id}"
network_dst_ip_update "0.0.0.0"
done
}
#--------------------------------------------------------------------------------------------------------------------------
# network_dst_address_refresh
#--------------------------------------------------------------------------------------------------------------------------
network_dst_address_refresh()
{
local dst_id="$1"
local dst_host_name="$2"
local dst_ip_old="$3"
local dst_id="$1"
local dst_ip_new
local proxy_host="proxy${dst_id}.${NETWORK_DST_PROXY_NAME}"
local proxy_port=8080
local dst_ip_new
local proxy_host
local proxy_port=8080
dst_ip_new=$( nc -w ${NETWORK_NC_TIMEOUT} ${proxy_host} ${proxy_port})
network_dst_tab_get "${dst_id}"
if is_valid_ip ${dst_ip_new}
if [[ ( "${dst_host_name}" != "" )]]
then
if [[ "${dst_ip_old}" != "${dst_ip_new}" ]]
then
log_info "Network" "Update ${dst_host_name}: Old: [${dst_ip_old}] New: [${dst_ip_new}]"
${DEBUG} /usr/local/sbin/ip_host_update "${dst_host_name/.*}" "${dst_host_name#*.}" "${dst_ip_new}" 60
if [[ ${dst_host_name} =~ ([0-9]+) ]]
then
proxy_host="proxy${BASH_REMATCH[1]}.${NETWORK_DST_PROXY_NAME}"
tab_assign NETWORK_DST_TAB "${dst_id},IP" "${dst_ip_new}"
else
log_trace "Network" "Skiping ${dst_host_name}: IP: [${dst_ip_old}]"
fi
else
log_info "Network" "Skiping ${dst_host_name}: Invalid IP: [${dst_ip_new}] Old IP: [${dst_ip_old}]"
if [[ ( "${dst_ip}" != "0.0.0.0") && ( "${dst_status}" != 1)]]
then
dst_ip_new="0.0.0.0"
else
dst_ip_new="$( nc -w ${NETWORK_NC_TIMEOUT} ${proxy_host} ${proxy_port} 2>/dev/null)"
fi
if is_valid_ip "${dst_ip_new}"
then
network_dst_ip_update "${dst_ip_new}"
else
log_info "Network" "Skiping: [${dst_host_name}]: Invalid IP: [${dst_ip_new}]"
fi
else
log_info "Network" "Skiping: dst_id: [${dst_id}]: Invalid host_name: [${dst_host_name}]"
fi
fi
}
@@ -911,8 +1228,7 @@ network_dst_address_refresh_all()
{
for dst_id in ${NETWORK_DST_ID_LIST}
do
network_dst_tab_get ${dst_id}
network_dst_address_refresh ${dst_id} ${dst_host_name} ${dst_ip}
network_dst_address_refresh "${dst_id}"
done
}
@@ -1254,6 +1570,8 @@ network_start()
network_forward_start
network_dst_address_init_all
log_info "Network" "Network started!"
}

7
usr/local/lib/vpn.bash
View File

@@ -200,7 +200,7 @@ vpn_job_tab_init()
do
network_dst_tab_get ${dst_id}
if [[ "${dst_type}" == "1" ]] && [[ "${dst_config}" != "" ]]
if [[ "${dst_type}" == "2" ]] && [[ "${dst_config}" != "" ]]
then
config_file="${VPN_CONFIG_FILE/DEVICE/${dst_device}}"
@@ -208,7 +208,7 @@ vpn_job_tab_init()
tab_assign VPN_JOB_TAB "${job_id},Name" "${dst_name}"
tab_assign VPN_JOB_TAB "${job_id},PId" "0"
tab_assign VPN_JOB_TAB "${job_id},Cmd" "/usr/sbin/openvpn --config ${config_file} --dev ${dst_device} --daemon"
tab_assign VPN_JOB_TAB "${job_id},Cmd" "/usr/sbin/openvpn --config ${config_file} --daemon"
tab_assign VPN_JOB_TAB "${job_id},Date" ""
tab_assign VPN_JOB_NAME_IDX "${dst_name}" "${job_id}"
@@ -315,6 +315,7 @@ vpn_supervisor()
do
vpn_job_tab_get "${job_id}"
${DEBUG} kill -0 "${job_pid}" 2>/dev/null
rc=$?
@@ -335,6 +336,8 @@ vpn_supervisor()
tab_assign VPN_JOB_TAB "${job_id},Date" "$(date --rfc-3339=seconds -u)"
log_info "VPN" "PId: [${VPN_JOB_TAB["${job_id},PId"]}]!"
network_dst_name_ip_update "${job_name}" "0.0.0.0"
fi
done

42
usr/local/sbin/openvpn-client-down Executable file
View File

@@ -0,0 +1,42 @@
#!/bin/bash
#DEBUG=""
#DEBUG="echo"
#DEBUG=":"
#LOG=":"
#LOG="echo"
#LOG=""
# Includes
#-----------------------------------------------------------------------------------------------------------------------------------
. /usr/local/lib/network.bash
# Global Variables
#-----------------------------------------------------------------------------------------------------------------------------------
#LOG_FILE=/var/log/openvpn/up-down.log
# Main
#-----------------------------------------------------------------------------------------------------------------------------------
network_init
line="[${dev}]: Local_Int_Address: [${ifconfig_local}] Remote_Int_Address: [${ifconfig_pool_remote_ip}] Remote_Ext_Addres: [${untrusted_ip}] Common_Name: [${common_name}] Duration: [${time_duration}]"
log_info "VPN-Client-Down" "$line" " Status: [OK]"
touch /etc/openvpn/status/${common_name}.status
log_trace "VPN-Client-Down" "[${dev}]: Done!"

45
usr/local/sbin/openvpn-client-up Executable file
View File

@@ -0,0 +1,45 @@
#!/bin/bash
#DEBUG=""
#DEBUG="echo"
#DEBUG=":"
#LOG=":"
#LOG="echo"
#LOG=""
# Includes
#-----------------------------------------------------------------------------------------------------------------------------------
. /usr/local/lib/network.bash
# Global Variables
#-----------------------------------------------------------------------------------------------------------------------------------
#LOG_FILE=/var/log/openvpn/up-down.log
# Main
#-----------------------------------------------------------------------------------------------------------------------------------
Output_Param_File="$1"
network_init
line="[${dev}]: Local_Int_Address: [${ifconfig_local}] Remote_Int_Address: [${ifconfig_pool_remote_ip}] Remote_Ext_Addres: [${untrusted_ip}] Common_Name: [${common_name}] Output_Param_File: [${Output_Param_File}]"
log_info "VPN-Client-Up" "$line" " Status: [OK]"
touch /etc/openvpn/status/${common_name}.status
log_trace "VPN-Client-Up" "[${dev}]: Done!"

29
usr/local/sbin/openvpn-down
View File

@@ -28,34 +28,19 @@
# Main
#-----------------------------------------------------------------------------------------------------------------------------------
Dev="$1"
Local_MTU="$2"
Remote_MTU="$3"
Dev="$1"
Local_MTU="$2"
Remote_MTU="$3"
Local_Address="$4"
Local_Netmask="$5"
Phase="$6"
Phase="$6"
network_init
network_dst_tab_dev_lookup "${Dev}"
network_dst_tab_get "${dst_id}"
log_info "VPN-Down" "[${Dev}]: Local_MTU: [${Local_MTU}] Remote_MTU: [${Remote_MTU}] Local_Address: [${Local_Address}] Local_Netmask: [${Local_Netmask}] Dst_Table: [${dst_table}] Phase: [${Phase}] Status: [OK]"
network_device_deinit "" "${Dev}"
line="[${Dev}]: Local_MTU: [${Local_MTU}] Remote_MTU: [${Remote_MTU}] Local_Address: [${Local_Address}] Local_Netmask: [${Local_Netmask}] Dst_Table: ${dst_table} Phase: ${Phase}"
if [[ "${dst_table}" != "" ]]
then
log_info "VPN-Down" "$line" " Status: [OK]"
remote_address=0.0.0.0
log_trace "VPN-Down" "[${Dev}]: set ${remote_address} to vpn${id}.vpn.rx3"
${DEBUG} ip_host_update vpn${id} vpn.rx3 ${remote_address} 60
else
log_error "VPN-Down" "$line" " Status: [ERROR]!"
fi
log_trace "VPN-Down" "[${Dev}]: Done!"
log_trace "VPN-Down" "[${Dev}]: Done!"

25
usr/local/sbin/openvpn-up
View File

@@ -29,31 +29,20 @@
# Main
#-----------------------------------------------------------------------------------------------------------------------------------
Dev="$1"
Local_MTU="$2"
Remote_MTU="$3"
Dev="$1"
Local_MTU="$2"
Remote_MTU="$3"
Local_Address="$4"
Local_Netmask="$5"
Phase="$6"
Phase="$6"
network_init
network_dst_tab_dev_lookup "${Dev}"
network_dst_tab_get "${dst_id}"
log_info "VPN-Up" "[${Dev}]: Local_MTU: [${Local_MTU}] Remote_MTU: [${Remote_MTU}] Local_Address: [${Local_Address}] Local_Netmask: [${Local_Netmask}] Phase: [${Phase}] Status: [OK]"
line="[${Dev}]: Local_MTU: [${Local_MTU}] Remote_MTU: [${Remote_MTU}] Local_Address: [${Local_Address}] Local_Netmask: [${Local_Netmask}] Dst_Table: [${dst_table}] Dst_Id: [${dst_id}] Phase: [${Phase}]"
network_device_init "" "${Dev}"
if [[ "${dst_table}" != "" ]]
then
log_info "VPN-Up" "$line" " Status: [OK]"
log_trace "VPN-Up" "[${Dev}]: ip route add table: [${dst_table}] default dev: [${Dev}]"
network_route_dst_init ${dst_id}
else
log_error "VPN-Up" "$line" " Status: [ERROR]!"
fi
log_trace "VPN-Up" "[${Dev}]: Done!"
log_trace "VPN-Up" "[${Dev}]: Done!"

93
var/www/cgi-bin/vpn-admin_board.cgi
View File

@@ -109,10 +109,10 @@ Destination_Status_Board()
echo " <H2>Destination Status Board</H2>"
echo ""
echo " <TABLE BORDER=\"1\" WIDTH=\"100%\">"
echo " <TR class=\"header\"><TD class=\"header\">#</TD><TD>Name</TD><TD>Type</TD><TD>Device</TD><TD>IP</TD><TD>Host Name</TD><TD>Config</TD><TD>Table</TD><TD>Status</TD><TD>Bytes In</TD><TD>Bytes Out</TD><TD>UpTime</TD></TR>"
echo " <TR class=\"header\"><TD class=\"header\">#</TD><TD>Name</TD><TD>Type</TD><TD>Device</TD><TD>Status</TD><TD>IP</TD><TD>Host Name</TD><TD>Config</TD><TD>Table</TD><TD>Bytes In</TD><TD>Bytes Out</TD><TD>UpTime</TD></TR>"
else
echo "TABLE: Destination_Status_Board"
echo "#;Name;Type;Device;IP;Host Name;Config;Table;Status;Bytes In;Bytes Out;UpTime"
echo "#;Name;Type;Device;Status;IP;Host Name;Config;Table;Bytes In;Bytes Out;UpTime"
fi
@@ -127,18 +127,31 @@ Destination_Status_Board()
if [[ "${format}" == "html" ]]
then
echo -n "<TR><TD class="header">${dst_id}</TD><TD>${dst_name}</TD><TD>${NETWORK_DST_TYPE[${dst_type}]}</TD><TD>${dst_device}</TD><TD>${dst_ip}</TD><TD>${dst_host_name}</TD><TD>${dst_config:--}</TD><TD>${dst_table}</TD><TD>"
echo -n "<TR><TD class="header">${dst_id}</TD><TD>${dst_name}</TD><TD>${NETWORK_DST_TYPE[${dst_type}]}</TD><TD>${dst_device}</TD>"
if [[ "${dst_status}" == 1 ]]
then
echo -n "<IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD>"
else
echo -n "<IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD>"
fi
case "${dst_status}"
in
"0")
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD>"
;;
echo "<TD>${dst_bytes_received:--}</TD><TD>${dst_bytes_sent:--}</TD><TD>${dst_uptime:--}</TD>"
"1")
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD>"
;;
"2")
echo -n "<TD><IMG SRC=\"/icons/user-unready.png\" TITLE=\"Unready\" ALT=\"Unready\"></TD>"
;;
*)
echo -n "<TD><IMG SRC=\"\" TITLE=\"Unknown\" ALT=\"Unknown\"></TD>"
;;
esac
echo "<TD>${dst_ip:--}</TD><TD>${dst_host_name:--}</TD><TD>${dst_config:--}</TD><TD>${dst_table}</TD><TD>${dst_bytes_received:--}</TD><TD>${dst_bytes_sent:--}</TD><TD>${dst_uptime:--}</TD>"
else
echo "${dst_id};${dst_name};${NETWORK_DST_TYPE[${dst_type}]};${dst_device};${dst_ip};${dst_host_name};${dst_config};${dst_table};${dst_status};${dst_bytes_received};${dst_bytes_sent};${dst_uptime}"
echo "${dst_id};${dst_name};${NETWORK_DST_TYPE[${dst_type}]};${dst_device};${dst_status};${dst_ip};${dst_host_name};${dst_config};${dst_table};${dst_bytes_received};${dst_bytes_sent};${dst_uptime}"
fi
done
@@ -219,32 +232,35 @@ Source_Routing_Board_Line()
do
network_dst_tab_get ${dst_id}
if [[ "${format}" == "html" ]]
if [[ ( "${admin}" == "true") || ( "${dst_type}" != 1) ]]
then
echo -n "<TD><TABLE class=\"${class}\" BORDER=\"0\" WIDTH=\"100%\"><TR><TD class=\"half\">"
if [[ "${dst_table}" == "${src_table}" ]]
if [[ "${format}" == "html" ]]
then
echo -n "<IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD><TD>&nbsp;"
else
echo -n "<IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD><TD>"
echo -n "<TD><TABLE class=\"${class}\" BORDER=\"0\" WIDTH=\"100%\"><TR><TD class=\"half\">"
if [[ ( ${admin} == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
if [[ "${dst_table}" == "${src_table}" ]]
then
echo -n "<A HREF=\"?cmd=route_set&amp;admin=${admin}&amp;filter=${filter}&amp;ip=${src_ip}&amp;vpn=${dst_id}\"><IMG SRC=\"/icons/user-invisible.png\" TITLE=\"Activate\" ALT=\"Activate\"></A>"
echo -n "<IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD><TD>&nbsp;"
else
echo -n "&nbsp;"
echo -n "<IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD><TD>"
if [[ ( ${admin} == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
then
echo -n "<A HREF=\"?cmd=route_set&amp;admin=${admin}&amp;filter=${filter}&amp;ip=${src_ip}&amp;vpn=${dst_id}\"><IMG SRC=\"/icons/user-invisible.png\" TITLE=\"Activate\" ALT=\"Activate\"></A>"
else
echo -n "&nbsp;"
fi
fi
fi
echo -n "</TD></TR></TABLE></TD>"
else
if [[ "${dst_table}" == "${src_table}" ]]
then
echo -n "1;"
echo -n "</TD></TR></TABLE></TD>"
else
echo -n "0;"
if [[ "${dst_table}" == "${src_table}" ]]
then
echo -n "1;"
else
echo -n "0;"
fi
fi
fi
done
@@ -294,11 +310,14 @@ Source_Routing_Board()
do
network_dst_tab_get ${dst_id}
if [[ "${format}" == "html" ]]
if [[ ( "${admin}" == "true") || ( "${dst_type}" != 1) ]]
then
echo -n "<TD>${dst_name}</TD>"
else
echo -n "${dst_name};"
if [[ "${format}" == "html" ]]
then
echo -n "<TD>${dst_name}</TD>"
else
echo -n "${dst_name};"
fi
fi
done
@@ -684,9 +703,11 @@ else
network_src_tab_ip_lookup "${ip}"
network_src_tab_get "${src_id}"
if [[ ( ${admin} == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
network_dst_tab_get "${vpn}"
if [[ ( ${admin} == "true") || ( ( "${REMOTE_USER}" == "${src_owner}") && ( "${dst_type}" != 1)) ]]
then
sudo /usr/local/sbin/rx3_net_adm table_set ${ip} $((${vpn} + 3)) 1>&2
sudo /usr/local/sbin/rx3_net_adm table_set ${ip} ${dst_table} 1>&2
if [[ "$?" == 0 ]]
then
@@ -695,7 +716,7 @@ else
cmd_status="route_set: KO"
fi
else
cmd_status="route_set: NOT_AUTHORIZED [${REMOTE_USER}]/[${src_owner}]"
cmd_status="route_set: NOT_AUTHORIZED [${REMOTE_USER}]/[${src_owner}]/[${dst_type}]"
fi
redirect="?admin=${admin}&amp;filter=${filter}"