Compare commits
16 Commits
network_to
...
6d2fd44dba
| Author | SHA1 | Date | |
|---|---|---|---|
| 6d2fd44dba | |||
| 0c05cfd6c0 | |||
| 540bd1ce03 | |||
| 5e3d8ed47b | |||
| ce66dba7a6 | |||
| 2083444bc1 | |||
| 8cd1bcce64 | |||
| e5a41ec931 | |||
| a0d8a55ca8 | |||
| fc549dfea0 | |||
| b1c51d6cfd | |||
| 235076b6b9 | |||
| 7e05bc0ba0 | |||
| 5fb45c3944 | |||
| 67f1ec7de8 | |||
| 7a2bd651d7 |
@@ -1,5 +1,53 @@
|
||||
------------------------------------------------------------------------------------------------------------------------------------
|
||||
Network Rools V 1.0.0 - A. GIBERT - 2025/08/12
|
||||
Network Tools V 1.2.0 - A. GIBERT - 2026/04/xx
|
||||
------------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
- Migrate Network Tools to the new Rx3 Base Bash library,
|
||||
- Add RPM Spec & bash completion files,
|
||||
- Move install dir form /usr/locla to usr,
|
||||
- Support now rx3-base 1.1.1.
|
||||
|
||||
|
||||
|
||||
------------------------------------------------------------------------------------------------------------------------------------
|
||||
Network Tools V 1.1.3 - A. GIBERT - 2025/09/19
|
||||
------------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
- Fix uptime for gateway destinations,
|
||||
- Add status filtering in the VPN Admin page.
|
||||
|
||||
|
||||
|
||||
------------------------------------------------------------------------------------------------------------------------------------
|
||||
Network Tools V 1.1.2 - A. GIBERT - 2025/09/12
|
||||
------------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
- Minor fixes in config files and openvpn-status.
|
||||
|
||||
|
||||
|
||||
------------------------------------------------------------------------------------------------------------------------------------
|
||||
Network Tools V 1.1.1 - A. GIBERT - 2025/09/03
|
||||
------------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
- Add a new conection state for gateways device up with no gateway client connected,
|
||||
- Improve openvpn stats reporting,
|
||||
- Improve device up api events,
|
||||
- Add network reinit() function,
|
||||
- Add reinit at each supervisor end loop.
|
||||
|
||||
|
||||
|
||||
------------------------------------------------------------------------------------------------------------------------------------
|
||||
Network Tools V 1.1.0 - A. GIBERT - 2025/08/26
|
||||
------------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
- Add VPN Gateway support.
|
||||
|
||||
|
||||
|
||||
------------------------------------------------------------------------------------------------------------------------------------
|
||||
Network Tools V 1.0.0 - A. GIBERT - 2025/08/12
|
||||
------------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
- Initial release,
|
||||
|
||||
@@ -341,7 +341,7 @@ log_print()
|
||||
file_lock "${lock_file}" WRITE 8
|
||||
fi
|
||||
|
||||
printf >> "${log_file}" "%s %9s %3s %8s %s\n" "$(date --rfc-3339=seconds -u)" "($BASHPID)" "${log_type}" "${log_prefix}:" "$*"
|
||||
printf >> "${log_file}" "%s %9s %3s %16s %s\n" "$(date --rfc-3339=seconds -u)" "($BASHPID)" "${log_type}" "${log_prefix}:" "$*"
|
||||
|
||||
if [[ "${lock_file}" != "" ]]
|
||||
then
|
||||
@@ -361,7 +361,7 @@ log_print()
|
||||
|
||||
log_trace()
|
||||
{
|
||||
log_print "${LOG_FILE}" "${LOG_LOCK}" "${LOG_ECHO}" "TRA" $*
|
||||
log_print "${LOG_FILE}" "${LOG_LOCK}" "${LOG_ECHO}" "TRA" "$@"
|
||||
}
|
||||
|
||||
|
||||
@@ -374,7 +374,7 @@ log_trace()
|
||||
|
||||
log_info()
|
||||
{
|
||||
log_print "${LOG_FILE}" "${LOG_LOCK}" "${LOG_ECHO}" "INF" $*
|
||||
log_print "${LOG_FILE}" "${LOG_LOCK}" "${LOG_ECHO}" "INF" "$@"
|
||||
}
|
||||
|
||||
|
||||
@@ -387,7 +387,7 @@ log_info()
|
||||
|
||||
log_warning()
|
||||
{
|
||||
log_print "${LOG_FILE}" "${LOG_LOCK}" "${LOG_ECHO}" "WRN" $*
|
||||
log_print "${LOG_FILE}" "${LOG_LOCK}" "${LOG_ECHO}" "WRN" "$@"
|
||||
}
|
||||
|
||||
|
||||
@@ -400,5 +400,5 @@ log_warning()
|
||||
|
||||
log_error()
|
||||
{
|
||||
log_print "${LOG_FILE}" "${LOG_LOCK}" "${LOG_ECHO}" "ERR" $*
|
||||
log_print "${LOG_FILE}" "${LOG_LOCK}" "${LOG_ECHO}" "ERR" "$@"
|
||||
}
|
||||
@@ -1,27 +1,48 @@
|
||||
#!/bin/bash
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
#
|
||||
# Rx3 DNS Library
|
||||
#
|
||||
# Copyright (C) 2025-2026 Arnaud G. GIBERT
|
||||
# mailto:arnaud@rx3.net
|
||||
#
|
||||
# This is free software: you can redistribute it and/or modify it
|
||||
# under the terms of the GNU Lesser General Public License as published
|
||||
# by the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU Lesser General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU Lesser General Public
|
||||
# License along with this program; If not, see
|
||||
# <https://www.gnu.org/licenses/>.
|
||||
#
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
if [[ "${DNS_BASH}" != "" ]]
|
||||
if [[ "${RX3_DNS_LIB}" != "" ]]
|
||||
then
|
||||
return
|
||||
else
|
||||
declare -g DNS_BASH=1
|
||||
declare -g RX3_DNS_LIB=1
|
||||
fi
|
||||
|
||||
|
||||
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
# Includes
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
. /usr/global/lib/default.bash
|
||||
|
||||
|
||||
|
||||
#[ -e /var/cache/dns.cache ] && . /var/cache/dns.cache
|
||||
: "${RX3_LIB_DIR:=/usr/lib/rx3}"
|
||||
. "${RX3_LIB_DIR}/base.bash"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
# Global Variable
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
@@ -290,6 +311,14 @@ dns_init()
|
||||
|
||||
dns_deinit()
|
||||
{
|
||||
:;
|
||||
DNS_A_TAB=()
|
||||
DNS_A_ID_LIST=""
|
||||
|
||||
DNS_PTR_TAB=()
|
||||
DNS_PTR_ID_LIST=""
|
||||
|
||||
DNS_CACHE_UPDATED=0
|
||||
|
||||
# :;
|
||||
}
|
||||
|
||||
@@ -1,23 +1,48 @@
|
||||
#!/bin/bash
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
#
|
||||
# Rx3 Network Library
|
||||
#
|
||||
# Copyright (C) 2025-2026 Arnaud G. GIBERT
|
||||
# mailto:arnaud@rx3.net
|
||||
#
|
||||
# This is free software: you can redistribute it and/or modify it
|
||||
# under the terms of the GNU Lesser General Public License as published
|
||||
# by the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU Lesser General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU Lesser General Public
|
||||
# License along with this program; If not, see
|
||||
# <https://www.gnu.org/licenses/>.
|
||||
#
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
if [[ "${NETWORK_BASH}" != "" ]]
|
||||
if [[ "${RX3_NETWORK_LIB}" != "" ]]
|
||||
then
|
||||
return
|
||||
else
|
||||
declare -g NETWORK_BASH=1
|
||||
declare -g RX3_NETWORK_LIB=1
|
||||
fi
|
||||
|
||||
|
||||
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
# Includes
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
. /usr/global/lib/dns.bash
|
||||
: "${RX3_LIB_DIR:=/usr/lib/rx3}"
|
||||
. "${RX3_LIB_DIR}/dns.bash"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
# Global Variable
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
@@ -119,7 +144,7 @@ num_to_ip()
|
||||
# Optional safety check
|
||||
if (( num < 0 || num > 4294967295 ))
|
||||
then
|
||||
echo "num_to_ip: value out of range (0‑4294967295)" >&2
|
||||
echo_error "num_to_ip: value out of range (0‑4294967295)"
|
||||
return 1
|
||||
fi
|
||||
|
||||
@@ -168,6 +193,72 @@ network_common_dump()
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_common_openvpn_stats_get
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
network_common_openvpn_stats_get()
|
||||
{
|
||||
local device="$1"
|
||||
local client="$2"
|
||||
|
||||
|
||||
if [[ "${client}" == "" ]]
|
||||
then
|
||||
client=".*"
|
||||
else
|
||||
if [[ "${device}" == "" ]]
|
||||
then
|
||||
tmp="$( echo "${NETWORK_OPENVPN_STATUS}" | grep "CLIENT_LIST,${client},")"
|
||||
tmp="${tmp/*\//}"
|
||||
device="${tmp/.status*/}"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ "${device}" != "" ]]
|
||||
then
|
||||
if [[ "${NETWORK_OPENVPN_STATUS}" =~ ("${device}.status: TITLE") ]]
|
||||
then
|
||||
# OpenVPN Server Mode
|
||||
|
||||
OIFS="${IFS}"
|
||||
IFS=","
|
||||
set XXX/$( echo "${NETWORK_OPENVPN_STATUS}" | grep "${device}\.status: CLIENT_LIST,${client},") &>/dev/null
|
||||
IFS="${OIFS}"
|
||||
|
||||
tmp="${1/XXX*\//}"
|
||||
ovpn_stat_device="${tmp/.status*/}"
|
||||
ovpn_stat_client_name="$2"
|
||||
ovpn_stat_address_ext="$3"
|
||||
ovpn_stat_address_int="$4"
|
||||
ovpn_stat_address_int6="$5"
|
||||
ovpn_stat_bytes_received="$6"
|
||||
ovpn_stat_bytes_sent="$7"
|
||||
ovpn_stat_connected_date="$8"
|
||||
ovpn_stat_connected_time_t="$9"
|
||||
ovpn_stat_user_name="$10"
|
||||
ovpn_stat_client_id="$11"
|
||||
ovpn_stat_peer_id="$12"
|
||||
ovpn_stat_cipher="$13"
|
||||
else
|
||||
# OpenVPN Client Mode
|
||||
|
||||
set XXX/$( echo "${NETWORK_OPENVPN_STATUS}" | grep "${device}\.status:") &>/dev/null
|
||||
|
||||
tmp="${1/XXX*\//}"
|
||||
ovpn_stat_device="${tmp/.status*/}"
|
||||
ovpn_stat_bytes_received="${18/bytes,}"
|
||||
ovpn_stat_bytes_sent="${22/bytes,}"
|
||||
fi
|
||||
else
|
||||
ovpn_stat_device=""
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_ip_route_tab_load
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
@@ -233,6 +324,7 @@ network_ip_route_tab_dump()
|
||||
echo "NETWORK_IP_ROUTE_ID_LIST: [${NETWORK_IP_ROUTE_ID_LIST}]"
|
||||
echo
|
||||
|
||||
|
||||
echo "NETWORK_IP_ROUTE_IP_IDX:"
|
||||
|
||||
for key in "${!NETWORK_IP_ROUTE_IP_IDX[@]}"
|
||||
@@ -242,6 +334,7 @@ network_ip_route_tab_dump()
|
||||
|
||||
echo
|
||||
|
||||
|
||||
echo "NETWORK_IP_ROUTE_TAB:"
|
||||
|
||||
for key in "${!NETWORK_IP_ROUTE_TAB[@]}"
|
||||
@@ -263,6 +356,7 @@ network_ip_route_tab_dump()
|
||||
network_dst_tab_load()
|
||||
{
|
||||
ndtl_id=0
|
||||
vpn_id=0
|
||||
|
||||
|
||||
log_trace "Network" "Loading Dst tab..."
|
||||
@@ -290,44 +384,70 @@ network_dst_tab_load()
|
||||
|
||||
var_assign NETWORK_TABLE_LIST "${ndtl_table}" INC
|
||||
|
||||
tab_assign NETWORK_DST_TAB "${ndtl_id},Status" "$( ip link show dev ${ndtl_device} 2>/dev/null | grep -q ",UP," && echo 1 || echo 0)"
|
||||
|
||||
ndtl_host_name="vpn${ndtl_id}.${NETWORK_DST_NAME}"
|
||||
ndtl_status="$( ip link show dev ${ndtl_device} 2>/dev/null | grep -q ",UP," && echo "1" || echo "0")"
|
||||
|
||||
|
||||
if [[ "${ndtl_type}" == "5" ]]
|
||||
then
|
||||
ndtl_host_name=""
|
||||
dns_value=""
|
||||
else
|
||||
ndtl_host_name="vpn${vpn_id}.${NETWORK_DST_NAME}"
|
||||
dns_lookup "A" "${ndtl_host_name}" "NOCACHE"
|
||||
vpn_id=$((${vpn_id} + 1))
|
||||
fi
|
||||
|
||||
tab_assign NETWORK_DST_TAB "${ndtl_id},Host_Name" "${ndtl_host_name}"
|
||||
dns_lookup "A" "${ndtl_host_name}" "NOCACHE"
|
||||
tab_assign NETWORK_DST_TAB "${ndtl_id},IP" "${dns_value}"
|
||||
|
||||
case "${ndtl_type}"
|
||||
in
|
||||
"0")
|
||||
set $(ip -s link show ${ndtl_device} 2>/dev/null ) &>/dev/null
|
||||
|
||||
ndtl_bytes_received="$( echo ${27} | numfmt --to=iec-i --suffix=B)"
|
||||
ndtl_bytes_sent="$( echo ${40} | numfmt --to=iec-i --suffix=B)"
|
||||
ndtl_uptime=""
|
||||
ndtl_bytes_received="$( cat /sys/class/net/${ndtl_device}/statistics/rx_bytes 2>/dev/null | numfmt --to=iec-i --suffix=B)"
|
||||
ndtl_bytes_sent="$( cat /sys/class/net/${ndtl_device}/statistics/tx_bytes 2>/dev/null | numfmt --to=iec-i --suffix=B)"
|
||||
;;
|
||||
|
||||
"1")
|
||||
set $( echo "${NETWORK_OPENVPN_STATUS}" | grep ${ndtl_device}) &>/dev/null
|
||||
"1"|"2")
|
||||
network_common_openvpn_stats_get "${ndtl_device}" ""
|
||||
|
||||
# i=1; while [[ $i -lt 50 ]]; do eval "val=\${$i}"; echo "($i):[${val}]" 1>&2; i=$(( $i + 1)); done
|
||||
|
||||
ndtl_bytes_received="$( echo ${18/bytes,} | numfmt --to=iec-i --suffix=B)"
|
||||
ndtl_bytes_sent="$( echo ${22/bytes,} | numfmt --to=iec-i --suffix=B)"
|
||||
ndtl_start_date="$( grep "ext-client-${ndtl_device}.conf" /var/log/rx3-vpn.status 2>/dev/null | sed -e "s/.*Date: \[//" -e "s/\].*//")"
|
||||
|
||||
if [[ "${ndtl_start_date}" == "" ]]
|
||||
if [[ ( "${ndtl_type}" == "1") && ( "${ndtl_status}" == "1") && ( "${ovpn_stat_client_name}" == "") ]]
|
||||
then
|
||||
ndtl_uptime=""
|
||||
ndtl_status="2"
|
||||
|
||||
ndtl_bytes_received=""
|
||||
ndtl_bytes_sent=""
|
||||
else
|
||||
ndtl_uptime=$( echo "$(($(date +%s) - $(date -d "${ndtl_start_date}" +%s)))" | awk '{days = int($1/86400); print days " day" (( days > 1 ) ? "s" : "") strftime(" %H:%M:%S", $1,1)}')
|
||||
ndtl_bytes_received="$( echo ${ovpn_stat_bytes_received} | numfmt --to=iec-i --suffix=B)"
|
||||
ndtl_bytes_sent="$( echo ${ovpn_stat_bytes_sent} | numfmt --to=iec-i --suffix=B)"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
|
||||
|
||||
tab_assign NETWORK_DST_TAB "${ndtl_id},Status" "${ndtl_status}"
|
||||
|
||||
|
||||
if [[ "${ndtl_status}" == "1" ]]
|
||||
then
|
||||
if [[ "${ndtl_type}" == "1" ]]
|
||||
then
|
||||
ndtl_start_date="${ovpn_stat_connected_date}"
|
||||
ndtl_uptime="$( echo $(( $(date +%s) - ${ovpn_stat_connected_time_t})) | awk '{days = int($1/86400); print days " day" (( days > 1 ) ? "s" : "") strftime(" %H:%M:%S", $1,1)}')"
|
||||
else
|
||||
ndtl_start_date="$( stat -c %Z /sys/class/net/${ndtl_device})"
|
||||
ndtl_uptime="$( echo $(( $(date +%s) - ${ndtl_start_date})) | awk '{days = int($1/86400); print days " day" (( days > 1 ) ? "s" : "") strftime(" %H:%M:%S", $1,1)}')"
|
||||
fi
|
||||
else
|
||||
ndtl_start_date=""
|
||||
ndtl_uptime=""
|
||||
fi
|
||||
|
||||
|
||||
tab_assign NETWORK_DST_TAB "${ndtl_id},Bytes_Received" "${ndtl_bytes_received}"
|
||||
tab_assign NETWORK_DST_TAB "${ndtl_id},Bytes_Sent" "${ndtl_bytes_sent}"
|
||||
tab_assign NETWORK_DST_TAB "${ndtl_id},Start_Date" "${ndtl_start_date}"
|
||||
tab_assign NETWORK_DST_TAB "${ndtl_id},Uptime" "${ndtl_uptime}"
|
||||
|
||||
tab_assign NETWORK_DST_NAME_IDX "${ndtl_name}" "${ndtl_id}"
|
||||
@@ -375,9 +495,20 @@ network_dst_tab_get()
|
||||
|
||||
network_dst_tab_dump()
|
||||
{
|
||||
echo "NETWORK_DST_TYPE:"
|
||||
|
||||
for key in "${!NETWORK_DST_TYPE[@]}"
|
||||
do
|
||||
echo "[${key}]: [${NETWORK_DST_TYPE[${key}]}]"
|
||||
done | sort -n
|
||||
|
||||
echo
|
||||
|
||||
|
||||
echo "NETWORK_DST_ID_LIST: [${NETWORK_DST_ID_LIST}]"
|
||||
echo
|
||||
|
||||
|
||||
echo "NETWORK_DST_NAME_IDX:"
|
||||
|
||||
for key in "${!NETWORK_DST_NAME_IDX[@]}"
|
||||
@@ -387,6 +518,7 @@ network_dst_tab_dump()
|
||||
|
||||
echo
|
||||
|
||||
|
||||
echo "NETWORK_DST_DEV_IDX:"
|
||||
|
||||
for key in "${!NETWORK_DST_DEV_IDX[@]}"
|
||||
@@ -396,6 +528,7 @@ network_dst_tab_dump()
|
||||
|
||||
echo
|
||||
|
||||
|
||||
echo "NETWORK_DST_TAB:"
|
||||
|
||||
for key in "${!NETWORK_DST_TAB[@]}"
|
||||
@@ -440,6 +573,55 @@ network_dst_tab_dev_lookup()
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_dst_ip_update
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
network_dst_ip_update()
|
||||
{
|
||||
local dst_ip_new="$1"
|
||||
|
||||
|
||||
if [[ "${dst_ip}" != "${dst_ip_new}" ]]
|
||||
then
|
||||
log_info "Network" "Update [${dst_host_name}]: Old: [${dst_ip}] New: [${dst_ip_new}]"
|
||||
|
||||
${DEBUG} /usr/local/sbin/ip_host_update "${dst_host_name/.*}" "${dst_host_name#*.}" "${dst_ip_new}" 60
|
||||
tab_assign NETWORK_DST_TAB "${dst_id},IP" "${dst_ip_new}"
|
||||
else
|
||||
log_trace "Network" "Skiping [${dst_host_name}]: IP: [${dst_ip}]"
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_dst_name_ip_update
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
network_dst_name_ip_update()
|
||||
{
|
||||
local dst_name="$1"
|
||||
local dst_ip_new="$2"
|
||||
|
||||
|
||||
network_dst_tab_name_lookup "${job_name}"
|
||||
|
||||
if [[ "${dst_id}" != "" ]]
|
||||
then
|
||||
network_dst_tab_get "${dst_id}"
|
||||
network_dst_ip_update "${dst_ip_new}"
|
||||
else
|
||||
log_error "Network" "dst name not found: [${dst_name}]"
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_src_tab_load
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
@@ -490,13 +672,24 @@ network_src_tab_load()
|
||||
device_num="$(( ( ${ip_num} - ${ip_base}) / 4))"
|
||||
|
||||
nstl_device="${NETWORK_SRC_LOCAL_DEVICE}-${device_num}"
|
||||
;;&
|
||||
nstl_status="$( ip link show dev ${nstl_device} 2>/dev/null | grep -q ",UP," && echo "1" || echo "0")"
|
||||
|
||||
if [[ "${nstl_status}" == 1 ]]
|
||||
then
|
||||
nstl_bytes_received="$( cat /sys/class/net/${nstl_device}/statistics/rx_bytes 2>/dev/null | numfmt --to=iec-i --suffix=B)"
|
||||
nstl_bytes_sent="$( cat /sys/class/net/${nstl_device}/statistics/tx_bytes 2>/dev/null | numfmt --to=iec-i --suffix=B)"
|
||||
nstl_start_date="$( stat -c %Z /sys/class/net/${nstl_device})"
|
||||
nstl_uptime="$( echo $(( $(date +%s) - ${nstl_start_date})) | awk '{days = int($1/86400); print days " day" (( days > 1 ) ? "s" : "") strftime(" %H:%M:%S", $1,1)}')"
|
||||
else
|
||||
nstl_bytes_received=""
|
||||
nstl_bytes_sent=""
|
||||
nstl_uptime=""
|
||||
nstl_last_seen=""
|
||||
fi
|
||||
;;
|
||||
|
||||
"1") # Routed
|
||||
nstl_device=""
|
||||
;;&
|
||||
|
||||
"0"|"1") # Local + Routed
|
||||
nstl_status="2"
|
||||
|
||||
nstl_bytes_received=""
|
||||
@@ -506,28 +699,23 @@ network_src_tab_load()
|
||||
;;
|
||||
|
||||
"2") # OpenVPN
|
||||
nstl_device="tun0"
|
||||
nstl_status_line="$( echo "${NETWORK_OPENVPN_STATUS}" | grep "${nstl_device}.log: CLIENT_LIST.*${nstl_ip},")"
|
||||
network_common_openvpn_stats_get "" "${nstl_host_name}"
|
||||
|
||||
if [[ "${nstl_status_line}" == "" ]]
|
||||
if [[ "${ovpn_stat_device}" == "" ]]
|
||||
then
|
||||
nstl_device=""
|
||||
nstl_status="0"
|
||||
nstl_bytes_received=""
|
||||
nstl_bytes_sent=""
|
||||
nstl_start_date=""
|
||||
nstl_uptime=""
|
||||
nstl_last_seen="$( stat -c "%x" /etc/openvpn/status/${nstl_host_name}.status 2>/dev/null | sed -e 's/\..*//')"
|
||||
|
||||
else
|
||||
nstl_device="${ovpn_stat_device}"
|
||||
nstl_status="1"
|
||||
|
||||
IFS=,
|
||||
set ${nstl_status_line} &>/dev/null
|
||||
unset IFS
|
||||
|
||||
nstl_bytes_received=$( echo ${6} | numfmt --to=iec-i --suffix=B)
|
||||
nstl_bytes_sent=$( echo ${7} | numfmt --to=iec-i --suffix=B)
|
||||
nstl_start_date=${8}
|
||||
nstl_bytes_received=$( echo ${ovpn_stat_bytes_sent} | numfmt --to=iec-i --suffix=B)
|
||||
nstl_bytes_sent=$( echo ${ovpn_stat_bytes_sent} | numfmt --to=iec-i --suffix=B)
|
||||
nstl_start_date=${ovpn_stat_connected_date}
|
||||
nstl_uptime=$( echo "$(($(date +%s) - $(date -d "${nstl_start_date}" +%s)))" | awk '{days = int($1/86400); print days " day" (( days > 1 ) ? "s" : "") strftime(" %H:%M:%S", $1,1)}')
|
||||
nstl_last_seen="$(stat -c "%x" /etc/openvpn/status/${nstl_host_name}.status 2>/dev/null | sed -e 's/\..*//')"
|
||||
fi
|
||||
@@ -536,7 +724,7 @@ network_src_tab_load()
|
||||
|
||||
if [[ " ${NETWORK_TABLE_LIST} " != *" ${nstl_table} "* ]]
|
||||
then
|
||||
err_echo "Invalid table number: [${nstl_table}] in network src entry: [${nstl_id}]!"
|
||||
echo_error "Invalid table number: [${nstl_table}] in network src entry: [${nstl_id}]!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
@@ -614,6 +802,16 @@ network_src_tab_get()
|
||||
|
||||
network_src_tab_dump()
|
||||
{
|
||||
echo "NETWORK_SRC_TYPE:"
|
||||
|
||||
for key in "${!NETWORK_SRC_TYPE[@]}"
|
||||
do
|
||||
echo "[${key}]: [${NETWORK_SRC_TYPE[${key}]}]"
|
||||
done | sort -n
|
||||
|
||||
echo
|
||||
|
||||
|
||||
echo "NETWORK_SRC_ID_LIST: [${NETWORK_SRC_ID_LIST}]"
|
||||
echo
|
||||
|
||||
@@ -706,7 +904,7 @@ network_route_dst_init()
|
||||
local dst_id="$1"
|
||||
|
||||
|
||||
network_dst_tab_get ${dst_id}
|
||||
network_dst_tab_get "${dst_id}"
|
||||
|
||||
if [[ ${dst_type} == "0" ]]
|
||||
then
|
||||
@@ -726,7 +924,21 @@ network_route_dst_init()
|
||||
fi
|
||||
|
||||
|
||||
target_device=${dst_device}
|
||||
# network_route_rx3_init ${dst_device}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_route_rx3_init
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
network_route_rx3_init()
|
||||
{
|
||||
local target_device="$1"
|
||||
|
||||
|
||||
log_trace "Network" "Add [${target_device}] Rx3 routes in VPN tables"
|
||||
|
||||
@@ -740,7 +952,7 @@ network_route_dst_init()
|
||||
|
||||
if [[ "${ip_route_device}" == "${target_device}" ]]
|
||||
then
|
||||
${DEBUG} ip route add ${ip_route_ip}/${ip_route_mask} table ${dst_table} dev ${ip_route_device}
|
||||
${DEBUG} ip route add ${ip_route_ip}/${ip_route_mask} dev ${ip_route_device} table ${dst_table}
|
||||
fi
|
||||
done
|
||||
done
|
||||
@@ -779,6 +991,65 @@ network_route_other_init()
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_device_init
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
network_device_init()
|
||||
{
|
||||
local dst_id="$1"
|
||||
local device_name="$2"
|
||||
|
||||
|
||||
log_trace "Network" "Init dst_id: [${dst_id}] device_name: [${device_name}]"
|
||||
|
||||
if [[ "${dst_id}" == "" ]]
|
||||
then
|
||||
network_dst_tab_dev_lookup "${device_name}"
|
||||
fi
|
||||
|
||||
if [[ "${dst_id}" != "" ]]
|
||||
then
|
||||
network_route_dst_init "${dst_id}"
|
||||
|
||||
device_name="${dst_device}"
|
||||
fi
|
||||
|
||||
network_route_rx3_init "${device_name}"
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_device_deinit
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
network_device_deinit()
|
||||
{
|
||||
local dst_id="$1"
|
||||
local device_name="$2"
|
||||
|
||||
|
||||
log_trace "Network" "DeInit dst_id: [${dst_id}] device_name: [${device_name}]"
|
||||
|
||||
if [[ "${dst_id}" == "" ]]
|
||||
then
|
||||
network_dst_tab_dev_lookup "${device_name}"
|
||||
fi
|
||||
|
||||
if [[ "${dst_id}" != "" ]]
|
||||
then
|
||||
network_dst_tab_get "${dst_id}"
|
||||
|
||||
network_dst_ip_update "0.0.0.0"
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_route_init
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
@@ -787,9 +1058,15 @@ network_route_init()
|
||||
{
|
||||
for dst_id in ${NETWORK_DST_ID_LIST}
|
||||
do
|
||||
network_route_dst_init ${dst_id}
|
||||
network_route_other_init ${dst_id}
|
||||
network_device_init "${dst_id}" ""
|
||||
network_route_other_init "${dst_id}"
|
||||
done
|
||||
|
||||
# for dst_id in ${NETWORK_DST_ID_LIST}
|
||||
# do
|
||||
# network_route_dst_init ${dst_id}
|
||||
# network_route_other_init ${dst_id}
|
||||
# done
|
||||
}
|
||||
|
||||
|
||||
@@ -842,13 +1119,13 @@ network_table_set()
|
||||
|
||||
if [[ "${src_id}" == "" ]]
|
||||
then
|
||||
err_echo "IP not found: [${nts_ip}]!"
|
||||
echo_error "IP not found: [${nts_ip}]!"
|
||||
return 1
|
||||
fi
|
||||
|
||||
if [[ " ${NETWORK_TABLE_LIST} " != *" ${nts_table} "* ]]
|
||||
then
|
||||
err_echo "Table not found: [${nts_table}]!"
|
||||
echo_error "Table not found: [${nts_table}]!"
|
||||
return 1
|
||||
fi
|
||||
|
||||
@@ -866,6 +1143,23 @@ network_table_set()
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_dst_address_init_all
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
network_dst_address_init_all()
|
||||
{
|
||||
for dst_id in ${NETWORK_DST_ID_LIST}
|
||||
do
|
||||
network_dst_tab_get "${dst_id}"
|
||||
network_dst_ip_update "0.0.0.0"
|
||||
done
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_dst_address_refresh
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
@@ -873,29 +1167,47 @@ network_table_set()
|
||||
network_dst_address_refresh()
|
||||
{
|
||||
local dst_id="$1"
|
||||
local dst_host_name="$2"
|
||||
local dst_ip_old="$3"
|
||||
|
||||
local dst_ip_new
|
||||
local proxy_host="proxy${dst_id}.${NETWORK_DST_PROXY_NAME}"
|
||||
local proxy_host
|
||||
local proxy_port=8080
|
||||
|
||||
|
||||
dst_ip_new=$( nc -w ${NETWORK_NC_TIMEOUT} ${proxy_host} ${proxy_port})
|
||||
network_dst_tab_get "${dst_id}"
|
||||
|
||||
if is_valid_ip ${dst_ip_new}
|
||||
if [[ ( "${dst_host_name}" != "" )]]
|
||||
then
|
||||
if [[ "${dst_ip_old}" != "${dst_ip_new}" ]]
|
||||
if [[ ${dst_host_name} =~ ([0-9]+) ]]
|
||||
then
|
||||
log_info "Network" "Update ${dst_host_name}: Old: [${dst_ip_old}] New: [${dst_ip_new}]"
|
||||
${DEBUG} /usr/local/sbin/ip_host_update "${dst_host_name/.*}" "${dst_host_name#*.}" "${dst_ip_new}" 60
|
||||
proxy_host="proxy${BASH_REMATCH[1]}.${NETWORK_DST_PROXY_NAME}"
|
||||
|
||||
tab_assign NETWORK_DST_TAB "${dst_id},IP" "${dst_ip_new}"
|
||||
if [[ ( "${dst_status}" == 1) || ( ( "${dst_status}" != 1) && ( "${dst_ip}" != "0.0.0.0")) ]]
|
||||
then
|
||||
if [[ ( ( "${dst_ip}" != "0.0.0.0") && ( "${dst_status}" != 1)) ]]
|
||||
then
|
||||
log_info "Network" "Reseting IP: [${dst_host_name}]: IP: [${dst_ip_new}] Status: (${dst_status})"
|
||||
dst_ip_new="0.0.0.0"
|
||||
else
|
||||
log_trace "Network" "Skiping ${dst_host_name}: IP: [${dst_ip_old}]"
|
||||
dst_ip_new="$( nc -w "${NETWORK_NC_TIMEOUT}" "${proxy_host}" "${proxy_port}" 2>/dev/null)"
|
||||
fi
|
||||
|
||||
if is_valid_ip "${dst_ip_new}"
|
||||
then
|
||||
if [[ "${dst_ip}" != "${dst_ip_new}" ]]
|
||||
then
|
||||
network_dst_ip_update "${dst_ip_new}"
|
||||
else
|
||||
log_trace "Network" "Skiping: [${dst_host_name}]: No changes..."
|
||||
fi
|
||||
else
|
||||
log_info "Network" "Skiping ${dst_host_name}: Invalid IP: [${dst_ip_new}] Old IP: [${dst_ip_old}]"
|
||||
log_info "Network" "Skiping: [${dst_host_name}]: Invalid IP: [${dst_ip_new}]"
|
||||
fi
|
||||
else
|
||||
log_trace "Network" "Skiping: [${dst_host_name}]: Device not Up..."
|
||||
fi
|
||||
else
|
||||
log_info "Network" "Skiping: dst_id: [${dst_id}]: Invalid host_name: [${dst_host_name}]"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
@@ -911,8 +1223,7 @@ network_dst_address_refresh_all()
|
||||
{
|
||||
for dst_id in ${NETWORK_DST_ID_LIST}
|
||||
do
|
||||
network_dst_tab_get ${dst_id}
|
||||
network_dst_address_refresh ${dst_id} ${dst_host_name} ${dst_ip}
|
||||
network_dst_address_refresh "${dst_id}"
|
||||
done
|
||||
}
|
||||
|
||||
@@ -1233,6 +1544,23 @@ network_init()
|
||||
|
||||
network_deinit()
|
||||
{
|
||||
NETWORK_OPENVPN_STATUS=""
|
||||
|
||||
NETWORK_IP_ROUTE_TAB=()
|
||||
NETWORK_IP_ROUTE_ID_LIST=""
|
||||
NETWORK_IP_ROUTE_IP_IDX=()
|
||||
|
||||
NETWORK_SRC_TYPE=""
|
||||
NETWORK_SRC_TAB=()
|
||||
NETWORK_SRC_ID_LIST=""
|
||||
NETWORK_SRC_IP_IDX=()
|
||||
|
||||
NETWORK_DST_TYPE=""
|
||||
NETWORK_DST_TAB=()
|
||||
NETWORK_DST_ID_LIST=""
|
||||
NETWORK_DST_NAME_IDX=()
|
||||
NETWORK_DST_DEV_IDX=()
|
||||
|
||||
dns_deinit
|
||||
}
|
||||
|
||||
@@ -1240,6 +1568,20 @@ network_deinit()
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_reinit
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
network_reinit()
|
||||
{
|
||||
network_deinit
|
||||
network_init
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
# network_start
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
@@ -1254,6 +1596,8 @@ network_start()
|
||||
|
||||
network_forward_start
|
||||
|
||||
network_dst_address_init_all
|
||||
|
||||
log_info "Network" "Network started!"
|
||||
}
|
||||
|
||||
@@ -1,23 +1,48 @@
|
||||
#!/bin/bash -x
|
||||
#!/bin/bash
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
#
|
||||
# Rx3 VPN Library
|
||||
#
|
||||
# Copyright (C) 2025-2026 Arnaud G. GIBERT
|
||||
# mailto:arnaud@rx3.net
|
||||
#
|
||||
# This is free software: you can redistribute it and/or modify it
|
||||
# under the terms of the GNU Lesser General Public License as published
|
||||
# by the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU Lesser General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU Lesser General Public
|
||||
# License along with this program; If not, see
|
||||
# <https://www.gnu.org/licenses/>.
|
||||
#
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
if [[ "${VPN_BASH}" != "" ]]
|
||||
if [[ "${RX3_VPN_LIB}" != "" ]]
|
||||
then
|
||||
return
|
||||
else
|
||||
declare -g VPN_BASH=1
|
||||
declare -g RX3_VPN_LIB=1
|
||||
fi
|
||||
|
||||
|
||||
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
# Includes
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
. /usr/local/lib/network.bash
|
||||
: "${RX3_LIB_DIR:=/usr/lib/rx3}"
|
||||
. "${RX3_LIB_DIR}/network.bash"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
# Global Variable
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
@@ -200,7 +225,7 @@ vpn_job_tab_init()
|
||||
do
|
||||
network_dst_tab_get ${dst_id}
|
||||
|
||||
if [[ "${dst_type}" == "1" ]] && [[ "${dst_config}" != "" ]]
|
||||
if [[ "${dst_type}" == "2" ]] && [[ "${dst_config}" != "" ]]
|
||||
then
|
||||
config_file="${VPN_CONFIG_FILE/DEVICE/${dst_device}}"
|
||||
|
||||
@@ -208,7 +233,7 @@ vpn_job_tab_init()
|
||||
|
||||
tab_assign VPN_JOB_TAB "${job_id},Name" "${dst_name}"
|
||||
tab_assign VPN_JOB_TAB "${job_id},PId" "0"
|
||||
tab_assign VPN_JOB_TAB "${job_id},Cmd" "/usr/sbin/openvpn --config ${config_file} --dev ${dst_device} --daemon"
|
||||
tab_assign VPN_JOB_TAB "${job_id},Cmd" "/usr/sbin/openvpn --config ${config_file} --daemon"
|
||||
tab_assign VPN_JOB_TAB "${job_id},Date" ""
|
||||
|
||||
tab_assign VPN_JOB_NAME_IDX "${dst_name}" "${job_id}"
|
||||
@@ -315,6 +340,7 @@ vpn_supervisor()
|
||||
do
|
||||
vpn_job_tab_get "${job_id}"
|
||||
|
||||
|
||||
${DEBUG} kill -0 "${job_pid}" 2>/dev/null
|
||||
rc=$?
|
||||
|
||||
@@ -335,6 +361,8 @@ vpn_supervisor()
|
||||
tab_assign VPN_JOB_TAB "${job_id},Date" "$(date --rfc-3339=seconds -u)"
|
||||
|
||||
log_info "VPN" "PId: [${VPN_JOB_TAB["${job_id},PId"]}]!"
|
||||
|
||||
network_dst_name_ip_update "${job_name}" "0.0.0.0"
|
||||
fi
|
||||
done
|
||||
|
||||
@@ -345,6 +373,8 @@ vpn_supervisor()
|
||||
|
||||
log_trace "VPN" "Refreshing DNS entries..."
|
||||
network_dst_address_refresh_all
|
||||
|
||||
network_reinit
|
||||
done
|
||||
}
|
||||
|
||||
@@ -1,61 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
#DEBUG=""
|
||||
#DEBUG="echo"
|
||||
#DEBUG=":"
|
||||
|
||||
#LOG=":"
|
||||
#LOG="echo"
|
||||
|
||||
|
||||
|
||||
# Includes
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
. /usr/local/lib/network.bash
|
||||
|
||||
|
||||
|
||||
# Global Variables
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
#LOG_FILE=/var/log/openvpn/up-down.log
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Main
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
Dev="$1"
|
||||
Local_MTU="$2"
|
||||
Remote_MTU="$3"
|
||||
Local_Address="$4"
|
||||
Local_Netmask="$5"
|
||||
Phase="$6"
|
||||
|
||||
|
||||
network_init
|
||||
|
||||
|
||||
network_dst_tab_dev_lookup "${Dev}"
|
||||
network_dst_tab_get "${dst_id}"
|
||||
|
||||
|
||||
line="[${Dev}]: Local_MTU: [${Local_MTU}] Remote_MTU: [${Remote_MTU}] Local_Address: [${Local_Address}] Local_Netmask: [${Local_Netmask}] Dst_Table: ${dst_table} Phase: ${Phase}"
|
||||
|
||||
if [[ "${dst_table}" != "" ]]
|
||||
then
|
||||
log_info "VPN-Down" "$line" " Status: [OK]"
|
||||
|
||||
remote_address=0.0.0.0
|
||||
|
||||
log_trace "VPN-Down" "[${Dev}]: set ${remote_address} to vpn${id}.vpn.rx3"
|
||||
|
||||
${DEBUG} ip_host_update vpn${id} vpn.rx3 ${remote_address} 60
|
||||
else
|
||||
log_error "VPN-Down" "$line" " Status: [ERROR]!"
|
||||
fi
|
||||
|
||||
log_trace "VPN-Down" "[${Dev}]: Done!"
|
||||
@@ -1,10 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
dev=$1
|
||||
|
||||
if [[ "$1" != "" ]]
|
||||
then
|
||||
cat /etc/openvpn/openvpn-status-$dev.log
|
||||
else
|
||||
awk '{print FILENAME ": " $0}' /etc/openvpn/openvpn-status-*.log
|
||||
fi
|
||||
42
usr/sbin/openvpn-client-down
Executable file
42
usr/sbin/openvpn-client-down
Executable file
@@ -0,0 +1,42 @@
|
||||
#!/bin/bash
|
||||
|
||||
#DEBUG=""
|
||||
#DEBUG="echo"
|
||||
#DEBUG=":"
|
||||
|
||||
#LOG=":"
|
||||
#LOG="echo"
|
||||
#LOG=""
|
||||
|
||||
|
||||
|
||||
# Includes
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
. /usr/local/lib/network.bash
|
||||
|
||||
|
||||
|
||||
# Global Variables
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
#LOG_FILE=/var/log/openvpn/up-down.log
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Main
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
network_init
|
||||
|
||||
|
||||
|
||||
line="[${dev}]: Local_Int_Address: [${ifconfig_local}] Remote_Int_Address: [${ifconfig_pool_remote_ip}] Remote_Ext_Addres: [${untrusted_ip}] Common_Name: [${common_name}] Duration: [${time_duration}]"
|
||||
|
||||
log_info "VPN-Client-Down" "$line" " Status: [OK]"
|
||||
|
||||
touch /etc/openvpn/status/${common_name}.status
|
||||
|
||||
log_trace "VPN-Client-Down" "[${dev}]: Done!"
|
||||
45
usr/sbin/openvpn-client-up
Executable file
45
usr/sbin/openvpn-client-up
Executable file
@@ -0,0 +1,45 @@
|
||||
#!/bin/bash
|
||||
|
||||
#DEBUG=""
|
||||
#DEBUG="echo"
|
||||
#DEBUG=":"
|
||||
|
||||
#LOG=":"
|
||||
#LOG="echo"
|
||||
#LOG=""
|
||||
|
||||
|
||||
|
||||
# Includes
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
. /usr/local/lib/network.bash
|
||||
|
||||
|
||||
|
||||
# Global Variables
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
#LOG_FILE=/var/log/openvpn/up-down.log
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Main
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
Output_Param_File="$1"
|
||||
|
||||
|
||||
network_init
|
||||
|
||||
|
||||
|
||||
line="[${dev}]: Local_Int_Address: [${ifconfig_local}] Remote_Int_Address: [${ifconfig_pool_remote_ip}] Remote_Ext_Addres: [${untrusted_ip}] Common_Name: [${common_name}] Output_Param_File: [${Output_Param_File}]"
|
||||
|
||||
log_info "VPN-Client-Up" "$line" " Status: [OK]"
|
||||
|
||||
touch /etc/openvpn/status/${common_name}.status
|
||||
|
||||
log_trace "VPN-Client-Up" "[${dev}]: Done!"
|
||||
46
usr/sbin/openvpn-down
Executable file
46
usr/sbin/openvpn-down
Executable file
@@ -0,0 +1,46 @@
|
||||
#!/bin/bash
|
||||
|
||||
#DEBUG=""
|
||||
#DEBUG="echo"
|
||||
#DEBUG=":"
|
||||
|
||||
#LOG=":"
|
||||
#LOG="echo"
|
||||
|
||||
|
||||
|
||||
# Includes
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
. /usr/local/lib/network.bash
|
||||
|
||||
|
||||
|
||||
# Global Variables
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
#LOG_FILE=/var/log/openvpn/up-down.log
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Main
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
Dev="$1"
|
||||
Local_MTU="$2"
|
||||
Remote_MTU="$3"
|
||||
Local_Address="$4"
|
||||
Local_Netmask="$5"
|
||||
Phase="$6"
|
||||
|
||||
|
||||
network_init
|
||||
|
||||
|
||||
log_info "VPN-Down" "[${Dev}]: Local_MTU: [${Local_MTU}] Remote_MTU: [${Remote_MTU}] Local_Address: [${Local_Address}] Local_Netmask: [${Local_Netmask}] Dst_Table: [${dst_table}] Phase: [${Phase}] Status: [OK]"
|
||||
|
||||
network_device_deinit "" "${Dev}"
|
||||
|
||||
log_trace "VPN-Down" "[${Dev}]: Done!"
|
||||
10
usr/sbin/openvpn-status
Executable file
10
usr/sbin/openvpn-status
Executable file
@@ -0,0 +1,10 @@
|
||||
#!/bin/bash
|
||||
|
||||
dev=$1
|
||||
|
||||
if [[ "$1" != "" ]]
|
||||
then
|
||||
cat /var/lib/openvpn/$dev.status
|
||||
else
|
||||
awk '{print FILENAME ": " $0}' /var/lib/openvpn/*.status
|
||||
fi
|
||||
@@ -40,20 +40,9 @@ Phase="$6"
|
||||
network_init
|
||||
|
||||
|
||||
network_dst_tab_dev_lookup "${Dev}"
|
||||
network_dst_tab_get "${dst_id}"
|
||||
|
||||
log_info "VPN-Up" "[${Dev}]: Local_MTU: [${Local_MTU}] Remote_MTU: [${Remote_MTU}] Local_Address: [${Local_Address}] Local_Netmask: [${Local_Netmask}] Phase: [${Phase}] Status: [OK]"
|
||||
|
||||
line="[${Dev}]: Local_MTU: [${Local_MTU}] Remote_MTU: [${Remote_MTU}] Local_Address: [${Local_Address}] Local_Netmask: [${Local_Netmask}] Dst_Table: [${dst_table}] Dst_Id: [${dst_id}] Phase: [${Phase}]"
|
||||
|
||||
if [[ "${dst_table}" != "" ]]
|
||||
then
|
||||
log_info "VPN-Up" "$line" " Status: [OK]"
|
||||
log_trace "VPN-Up" "[${Dev}]: ip route add table: [${dst_table}] default dev: [${Dev}]"
|
||||
|
||||
network_route_dst_init ${dst_id}
|
||||
else
|
||||
log_error "VPN-Up" "$line" " Status: [ERROR]!"
|
||||
fi
|
||||
network_device_init "" "${Dev}"
|
||||
|
||||
log_trace "VPN-Up" "[${Dev}]: Done!"
|
||||
@@ -1,4 +1,43 @@
|
||||
#!/bin/bash
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
#
|
||||
# Rx3 Net Adm
|
||||
#
|
||||
# Copyright (C) 2025-2026 Arnaud G. GIBERT
|
||||
# mailto:arnaud@rx3.net
|
||||
#
|
||||
# This is free software: you can redistribute it and/or modify it
|
||||
# under the terms of the GNU Lesser General Public License as published
|
||||
# by the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU Lesser General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU Lesser General Public
|
||||
# License along with this program; If not, see
|
||||
# <https://www.gnu.org/licenses/>.
|
||||
#
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
|
||||
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
# Includes
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
: "${RX3_LIB_DIR:=/usr/lib/rx3}"
|
||||
. "${RX3_LIB_DIR}/network.bash"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
# Global Variable
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
RETVAL=0
|
||||
prog="rx3-net"
|
||||
@@ -12,13 +51,6 @@ prog="rx3-net"
|
||||
|
||||
|
||||
|
||||
# Includes
|
||||
#-----------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
. /usr/local/lib/network.bash
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#--------------------------------------------------------------------------------------------------------------------------
|
||||
@@ -109,10 +109,10 @@ Destination_Status_Board()
|
||||
echo " <H2>Destination Status Board</H2>"
|
||||
echo ""
|
||||
echo " <TABLE BORDER=\"1\" WIDTH=\"100%\">"
|
||||
echo " <TR class=\"header\"><TD class=\"header\">#</TD><TD>Name</TD><TD>Type</TD><TD>Device</TD><TD>IP</TD><TD>Host Name</TD><TD>Config</TD><TD>Table</TD><TD>Status</TD><TD>Bytes In</TD><TD>Bytes Out</TD><TD>UpTime</TD></TR>"
|
||||
echo " <TR class=\"header\"><TD class=\"header\">#</TD><TD>Name</TD><TD>Type</TD><TD>Device</TD><TD>Status</TD><TD>IP</TD><TD>Host Name</TD><TD>Config</TD><TD>Table</TD><TD>Bytes In</TD><TD>Bytes Out</TD><TD>UpTime</TD></TR>"
|
||||
else
|
||||
echo "TABLE: Destination_Status_Board"
|
||||
echo "#;Name;Type;Device;IP;Host Name;Config;Table;Status;Bytes In;Bytes Out;UpTime"
|
||||
echo "#;Name;Type;Device;Status;IP;Host Name;Config;Table;Bytes In;Bytes Out;UpTime"
|
||||
fi
|
||||
|
||||
|
||||
@@ -125,20 +125,35 @@ Destination_Status_Board()
|
||||
dst_ip="-"
|
||||
fi
|
||||
|
||||
if [[ ( "${status}" == "" ) || ( "${status}" == "${dst_status}") ]]
|
||||
then
|
||||
if [[ "${format}" == "html" ]]
|
||||
then
|
||||
echo -n "<TR><TD class="header">${dst_id}</TD><TD>${dst_name}</TD><TD>${NETWORK_DST_TYPE[${dst_type}]}</TD><TD>${dst_device}</TD><TD>${dst_ip}</TD><TD>${dst_host_name}</TD><TD>${dst_config:--}</TD><TD>${dst_table}</TD><TD>"
|
||||
echo -n "<TR><TD class="header">${dst_id}</TD><TD>${dst_name}</TD><TD>${NETWORK_DST_TYPE[${dst_type}]}</TD><TD>${dst_device}</TD>"
|
||||
|
||||
if [[ "${dst_status}" == 1 ]]
|
||||
then
|
||||
echo -n "<IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD>"
|
||||
case "${dst_status}"
|
||||
in
|
||||
"0")
|
||||
echo -n "<TD><A HREF=\"?admin=${admin}&user=${user}&status=${dst_status}\"><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></A></TD>"
|
||||
;;
|
||||
|
||||
"1")
|
||||
echo -n "<TD><A HREF=\"?admin=${admin}&user=${user}&status=${dst_status}\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></A></TD>"
|
||||
;;
|
||||
|
||||
"2")
|
||||
echo -n "<TD><A HREF=\"?admin=${admin}&user=${user}&status=${dst_status}\"><IMG SRC=\"/icons/user-unready.png\" TITLE=\"Unready\" ALT=\"Unready\"></A></TD>"
|
||||
;;
|
||||
|
||||
*)
|
||||
echo -n "<TD><IMG SRC=\"\" TITLE=\"Unknown\" ALT=\"Unknown\"></TD>"
|
||||
;;
|
||||
esac
|
||||
|
||||
echo "<TD>${dst_ip:--}</TD><TD>${dst_host_name:--}</TD><TD>${dst_config:--}</TD><TD>${dst_table}</TD><TD>${dst_bytes_received:--}</TD><TD>${dst_bytes_sent:--}</TD><TD>${dst_uptime:--}</TD>"
|
||||
else
|
||||
echo -n "<IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD>"
|
||||
echo "${dst_id};${dst_name};${NETWORK_DST_TYPE[${dst_type}]};${dst_device};${dst_status};${dst_ip};${dst_host_name};${dst_config};${dst_table};${dst_bytes_received};${dst_bytes_sent};${dst_uptime}"
|
||||
fi
|
||||
|
||||
echo "<TD>${dst_bytes_received:--}</TD><TD>${dst_bytes_sent:--}</TD><TD>${dst_uptime:--}</TD>"
|
||||
else
|
||||
echo "${dst_id};${dst_name};${NETWORK_DST_TYPE[${dst_type}]};${dst_device};${dst_ip};${dst_host_name};${dst_config};${dst_table};${dst_status};${dst_bytes_received};${dst_bytes_sent};${dst_uptime}"
|
||||
fi
|
||||
done
|
||||
|
||||
@@ -166,13 +181,13 @@ Source_Routing_Board_Line()
|
||||
|
||||
network_src_tab_get ${src_id}
|
||||
|
||||
if [[ ( "${filter}" == "") || ( "${filter}" == "owner") || ( "${filter}" == "${src_owner}") ]]
|
||||
if [[ ( "${user}" == "") || ( "${user}" == "owner") || ( "${user}" == "${src_owner}") ]]
|
||||
then
|
||||
if [[ ( "${admin}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
||||
then
|
||||
class="default"
|
||||
else
|
||||
if [[ "${filter}" == "owner" ]]
|
||||
if [[ "${user}" == "owner" ]]
|
||||
then
|
||||
class="skip"
|
||||
else
|
||||
@@ -180,11 +195,16 @@ Source_Routing_Board_Line()
|
||||
fi
|
||||
fi
|
||||
else
|
||||
# filter == user not owner of this line
|
||||
# user == user not owner of this line
|
||||
|
||||
class="skip"
|
||||
fi
|
||||
|
||||
if [[ ( "${status}" != "") && ( "${status}" != "${src_status}") ]]
|
||||
then
|
||||
class="skip"
|
||||
fi
|
||||
|
||||
|
||||
if [[ "${class}" != "skip" ]]
|
||||
then
|
||||
@@ -199,19 +219,19 @@ Source_Routing_Board_Line()
|
||||
case "${src_status}"
|
||||
in
|
||||
"0")
|
||||
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD>"
|
||||
echo -n "<TD><A HREF=\"?admin=${admin}&user=${user}&status=${src_status}\"><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></A></TD>"
|
||||
;;
|
||||
|
||||
"1")
|
||||
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD>"
|
||||
echo -n "<TD><A HREF=\"?admin=${admin}&user=${user}&status=${src_status}\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></A></TD>"
|
||||
;;
|
||||
|
||||
"2")
|
||||
echo -n "<TD>-</TD>"
|
||||
echo -n "<TD><A HREF=\"?admin=${admin}&user=${user}&status=${src_status}\">-</A></TD>"
|
||||
;;
|
||||
esac
|
||||
else
|
||||
echo -n "${src_id};${NETWORK_SRC_TYPE[${src_type}]};${src_ip};${src_host_name};${src_device};${status};"
|
||||
echo -n "${src_id};${NETWORK_SRC_TYPE[${src_type}]};${src_ip};${src_host_name};${src_device};${src_status};"
|
||||
fi
|
||||
|
||||
|
||||
@@ -219,6 +239,8 @@ Source_Routing_Board_Line()
|
||||
do
|
||||
network_dst_tab_get ${dst_id}
|
||||
|
||||
if [[ ( "${admin}" == "true") || ( "${dst_type}" != 1) ]]
|
||||
then
|
||||
if [[ "${format}" == "html" ]]
|
||||
then
|
||||
echo -n "<TD><TABLE class=\"${class}\" BORDER=\"0\" WIDTH=\"100%\"><TR><TD class=\"half\">"
|
||||
@@ -231,7 +253,7 @@ Source_Routing_Board_Line()
|
||||
|
||||
if [[ ( ${admin} == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
||||
then
|
||||
echo -n "<A HREF=\"?cmd=route_set&admin=${admin}&filter=${filter}&ip=${src_ip}&vpn=${dst_id}\"><IMG SRC=\"/icons/user-invisible.png\" TITLE=\"Activate\" ALT=\"Activate\"></A>"
|
||||
echo -n "<A HREF=\"?cmd=route_set&admin=${admin}&user=${user}&status=${status}&ip=${src_ip}&vpn=${dst_id}\"><IMG SRC=\"/icons/user-invisible.png\" TITLE=\"Activate\" ALT=\"Activate\"></A>"
|
||||
else
|
||||
echo -n " "
|
||||
fi
|
||||
@@ -247,6 +269,7 @@ Source_Routing_Board_Line()
|
||||
echo -n "0;"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
if [[ "${format}" == "html" ]]
|
||||
@@ -258,7 +281,7 @@ Source_Routing_Board_Line()
|
||||
echo -n "<TD>${src_port_range}</TD><TD>-</TD><TD>-</TD>"
|
||||
fi
|
||||
|
||||
echo "<TD><A HREF=\"?admin=${admin}&filter=${src_owner}\">${src_owner}</A></TD><TD>${src_bytes_received:--}</TD><TD>${src_bytes_sent:--}</TD><TD>${src_uptime:--}</TD><TD>${src_last_seen:--}</TD></TR>"
|
||||
echo "<TD><A HREF=\"?admin=${admin}&user=${src_owner}&status=${status}\">${src_owner}</A></TD><TD>${src_bytes_received:--}</TD><TD>${src_bytes_sent:--}</TD><TD>${src_uptime:--}</TD><TD>${src_last_seen:--}</TD></TR>"
|
||||
else
|
||||
echo "${src_port_range};${src_port_start};${src_port_end};${src_owner};${src_bytes_received};${src_bytes_sent};${src_uptime};${src_last_seen}"
|
||||
fi
|
||||
@@ -294,12 +317,15 @@ Source_Routing_Board()
|
||||
do
|
||||
network_dst_tab_get ${dst_id}
|
||||
|
||||
if [[ ( "${admin}" == "true") || ( "${dst_type}" != 1) ]]
|
||||
then
|
||||
if [[ "${format}" == "html" ]]
|
||||
then
|
||||
echo -n "<TD>${dst_name}</TD>"
|
||||
else
|
||||
echo -n "${dst_name};"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
@@ -359,13 +385,13 @@ VPN_OpenVPN_Board()
|
||||
|
||||
if [[ "${src_type}" == 2 ]]
|
||||
then
|
||||
if [[ ( "${filter}" == "") || ( "${filter}" == "owner") || ( "${filter}" == "${src_owner}") ]]
|
||||
if [[ ( "${user}" == "") || ( "${user}" == "owner") || ( "${user}" == "${src_owner}") ]]
|
||||
then
|
||||
if [[ ( "${admin}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
||||
then
|
||||
class="default"
|
||||
else
|
||||
if [[ "${filter}" == "owner" ]]
|
||||
if [[ "${user}" == "owner" ]]
|
||||
then
|
||||
class="skip"
|
||||
else
|
||||
@@ -373,30 +399,36 @@ VPN_OpenVPN_Board()
|
||||
fi
|
||||
fi
|
||||
else
|
||||
# filter == user not owner of this line
|
||||
# user == user not owner of this line
|
||||
|
||||
class="skip"
|
||||
fi
|
||||
|
||||
if [[ ( "${status}" != "") && ( "${status}" != "${src_status}") ]]
|
||||
then
|
||||
class="skip"
|
||||
fi
|
||||
|
||||
|
||||
if [[ "${class}" != "skip" ]]
|
||||
then
|
||||
if [[ "${format}" == "html" ]]
|
||||
then
|
||||
echo -n " <TR class=\"${class}\"><TD class=\"header\">${idx}</TD><TD>${src_ip}</TD><TD>${src_host_name}</TD>"
|
||||
echo -n "<TD><A HREF=\"?cmd=config_download&admin=${admin}&filter=${filter}&ip=${src_ip}&defroute=true&type=ext\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Default Route External Certificates\" ALT=\"Configuration External Certificates\"></A></TD>"
|
||||
echo -n "<TD><A HREF=\"?cmd=config_download&admin=${admin}&user=${user}&status=${status}&ip=${src_ip}&defroute=true&type=ext\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Default Route External Certificates\" ALT=\"Configuration External Certificates\"></A></TD>"
|
||||
|
||||
if [[ ( "${admin}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
||||
then
|
||||
echo -n "<TD><A HREF=\"?cmd=config_download&admin=${admin}&filter=${filter}&ip=${src_ip}&defroute=true&type=inline\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Default Route Inline Certificates\" ALT=\"Configuration Inline Certificates\"></A></TD>"
|
||||
echo -n "<TD><A HREF=\"?cmd=config_download&admin=${admin}&user=${user}&status=${status}&ip=${src_ip}&defroute=true&type=inline\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Default Route Inline Certificates\" ALT=\"Configuration Inline Certificates\"></A></TD>"
|
||||
else
|
||||
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Inline Certificates\" ALT=\"Configuration Inline Certificates\"></TD>"
|
||||
fi
|
||||
|
||||
echo -n "<TD><A HREF=\"?cmd=config_download&admin=${admin}&filter=${filter}&ip=${src_ip}&defroute=false&type=ext\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration NoDefault Route External Certificates\" ALT=\"Configuration External Certificates\"></A></TD>"
|
||||
echo -n "<TD><A HREF=\"?cmd=config_download&admin=${admin}&user=${user}&status=${status}&ip=${src_ip}&defroute=false&type=ext\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration NoDefault Route External Certificates\" ALT=\"Configuration External Certificates\"></A></TD>"
|
||||
|
||||
if [[ ( "${admin}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
||||
then
|
||||
echo -n "<TD><A HREF=\"?cmd=config_download&admin=${admin}&filter=${filter}&ip=${src_ip}&defroute=false&type=inline\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration NoDefault Route Inline Certificates\" ALT=\"Configuration Inline Certificates\"></A></TD>"
|
||||
echo -n "<TD><A HREF=\"?cmd=config_download&admin=${admin}&user=${user}&status=${status}&ip=${src_ip}&defroute=false&type=inline\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration NoDefault Route Inline Certificates\" ALT=\"Configuration Inline Certificates\"></A></TD>"
|
||||
else
|
||||
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Inline Certificates\" ALT=\"Configuration Inline Certificates\"></TD>"
|
||||
fi
|
||||
@@ -406,17 +438,17 @@ VPN_OpenVPN_Board()
|
||||
|
||||
if [[ "${format}" == "html" ]]
|
||||
then
|
||||
echo -n "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&filter=${filter}&ip=${src_ip}&type=ca\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"CA Certificate\" ALT=\"CA Certificate\"></A></TD>"
|
||||
echo -n "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&user=${user}&status=${status}&ip=${src_ip}&type=ca\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"CA Certificate\" ALT=\"CA Certificate\"></A></TD>"
|
||||
|
||||
if [[ ( "${admin}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
||||
then
|
||||
echo -n "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&filter=${filter}&ip=${src_ip}&type=tc\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"TC Certificate\" ALT=\"TC Certificate\"></A></TD>"
|
||||
echo -n "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&user=${user}&status=${status}&ip=${src_ip}&type=tc\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"TC Certificate\" ALT=\"TC Certificate\"></A></TD>"
|
||||
|
||||
if [[ -f /etc/openvpn/tls/certs/${src_host_name}.crt ]]
|
||||
then
|
||||
echo -n "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&filter=${filter}&ip=${src_ip}&type=key\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></A></TD>"
|
||||
echo -n "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&filter=${filter}&ip=${src_ip}&type=csr\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Certificate Signing Request\" ALT=\"Certificat Signing Request\"></A></TD>"
|
||||
echo "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&filter=${filter}&ip=${src_ip}&type=crt\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></A></TD></TR>"
|
||||
echo -n "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&user=${user}&status=${status}&ip=${src_ip}&type=key\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></A></TD>"
|
||||
echo -n "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&user=${user}&status=${status}&ip=${src_ip}&type=csr\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Certificate Signing Request\" ALT=\"Certificat Signing Request\"></A></TD>"
|
||||
echo "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&user=${user}&status=${status}&ip=${src_ip}&type=crt\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></A></TD></TR>"
|
||||
else
|
||||
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></TD>"
|
||||
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Certificat Signing Request\" ALT=\"Certificat Signing Request\"></TD>"
|
||||
@@ -478,22 +510,46 @@ Main_Board_Print()
|
||||
admin_mode=""
|
||||
fi
|
||||
|
||||
case "${filter}"
|
||||
case "${user}"
|
||||
in
|
||||
"owner")
|
||||
filter_mode="My VPN"
|
||||
"")
|
||||
user_mode="All"
|
||||
;;
|
||||
|
||||
"")
|
||||
filter_mode="All VPN"
|
||||
"owner")
|
||||
user_mode="My"
|
||||
;;
|
||||
|
||||
*)
|
||||
filter_mode="${filter} VPN"
|
||||
user_mode="${user}"
|
||||
;;
|
||||
esac
|
||||
|
||||
echo " <H1>VPN Admin Board: ${filter_mode}${admin_mode}</H1>"
|
||||
case "${status}"
|
||||
in
|
||||
"")
|
||||
status_mode="All"
|
||||
;;
|
||||
|
||||
"0")
|
||||
status_mode="Down"
|
||||
;;
|
||||
|
||||
"1")
|
||||
status_mode="UP"
|
||||
;;
|
||||
|
||||
"2")
|
||||
status_mode="Not Conected"
|
||||
;;
|
||||
|
||||
*)
|
||||
status_mode="Unkwown"
|
||||
;;
|
||||
esac
|
||||
|
||||
|
||||
echo " <H1>VPN Admin Board: ${user_mode} VPN - ${status_mode} Status${admin_mode}</H1>"
|
||||
|
||||
|
||||
echo " <P>"
|
||||
@@ -520,17 +576,23 @@ Main_Board_Print()
|
||||
then
|
||||
if [[ "${admin}" == "true" ]]
|
||||
then
|
||||
echo -n "<A HREF=\"?filter=${filter}\">Non Admin Mode</A>"
|
||||
echo -n "<A HREF=\"?user=${user}&status=${status}\">Non Admin Mode</A>"
|
||||
else
|
||||
echo -n "<A HREF=\"?admin=true&filter=${filter}\">Admin Mode</A>"
|
||||
echo -n "<A HREF=\"?admin=true&user=${user}&status=${status}\">Admin Mode</A>"
|
||||
fi
|
||||
|
||||
echo -n " "
|
||||
fi
|
||||
|
||||
if [[ "${filter}" != "" ]]
|
||||
if [[ "${user}" != "" ]]
|
||||
then
|
||||
echo -n "<A HREF=\"?admin=${admin}\">All VPN</A>"
|
||||
echo -n "<A HREF=\"?admin=${admin}&status=${status}\">All VPN</A>"
|
||||
echo -n " "
|
||||
fi
|
||||
|
||||
if [[ "${status}" != "" ]]
|
||||
then
|
||||
echo -n "<A HREF=\"?admin=${admin}&user=${user}\">All Status</A>"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
@@ -579,7 +641,8 @@ Main_Board_Print()
|
||||
|
||||
cmd=""
|
||||
format=""
|
||||
filter=""
|
||||
user=""
|
||||
status=""
|
||||
ip=""
|
||||
vpn=""
|
||||
type=""
|
||||
@@ -619,6 +682,14 @@ then
|
||||
filter=${arg}
|
||||
;;
|
||||
|
||||
"user")
|
||||
user=${arg}
|
||||
;;
|
||||
|
||||
"status")
|
||||
status=${arg}
|
||||
;;
|
||||
|
||||
"ip")
|
||||
ip=${arg}
|
||||
;;
|
||||
@@ -666,7 +737,7 @@ if [[ ( ${admin} == "true") && ( " ${ADMIN_USER_LIST} " != *" ${REMOTE_USER} "*)
|
||||
then
|
||||
cmd_status="${cmd}: Admin NOT_AUTHORIZED"
|
||||
|
||||
redirect="?filter=${filter}"
|
||||
redirect="?user=${user}&up=${up}"
|
||||
|
||||
Header_Print
|
||||
Footer_Print
|
||||
@@ -684,9 +755,11 @@ else
|
||||
network_src_tab_ip_lookup "${ip}"
|
||||
network_src_tab_get "${src_id}"
|
||||
|
||||
if [[ ( ${admin} == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
||||
network_dst_tab_get "${vpn}"
|
||||
|
||||
if [[ ( ${admin} == "true") || ( ( "${REMOTE_USER}" == "${src_owner}") && ( "${dst_type}" != 1)) ]]
|
||||
then
|
||||
sudo /usr/local/sbin/rx3_net_adm table_set ${ip} $((${vpn} + 3)) 1>&2
|
||||
sudo /usr/local/sbin/rx3_net_adm table_set ${ip} ${dst_table} 1>&2
|
||||
|
||||
if [[ "$?" == 0 ]]
|
||||
then
|
||||
@@ -695,7 +768,7 @@ else
|
||||
cmd_status="route_set: KO"
|
||||
fi
|
||||
else
|
||||
cmd_status="route_set: NOT_AUTHORIZED [${REMOTE_USER}]/[${src_owner}]"
|
||||
cmd_status="route_set: NOT_AUTHORIZED [${REMOTE_USER}]/[${src_owner}]/[${dst_type}]"
|
||||
fi
|
||||
|
||||
redirect="?admin=${admin}&filter=${filter}"
|
||||
|
||||
Reference in New Issue
Block a user