#!/bin/bash -x if [[ "${VPN_BASH}" != "" ]] then return else declare -g VPN_BASH=1 fi # Includes #----------------------------------------------------------------------------------------------------------------------------------- . /usr/local/lib/network.bash # Global Variable #----------------------------------------------------------------------------------------------------------------------------------- declare -Ag VPN_JOB_TAB declare -Ag VPN_JOB_ID_LIST declare -Ag VPN_JOB_NAME_IDX declare -g VPN_LOG_FILE="/var/log/network/rx3-vpn.log" declare -g VPN_PID_FILE="/var/lib/network/rx3-vpn.pid" declare -g VPN_STATUS_FILE="/var/lib/network/rx3-vpn.status" declare -g VPN_STATUS_LOCK="/var/lock/network/rx3-vpn.status" if [ ! -v LOG ] || [[ "${LOG}" == "" ]] then export LOG=":" fi #-------------------------------------------------------------------------------------------------------------------------- # vpn_config_make #-------------------------------------------------------------------------------------------------------------------------- vpn_config_make() { local Config_File="$1" local Device="$2" local Target_Config="$3" local mng_port=$(( 2330 + ${Device/tun/})) ${LOG} "Creating config File: [${Config_File}] Device: [${Device}] Mng_Port: (${mng_port}) Target_Config: [${Target_Config}]" ${DEBUG} cp -f ${VPN_TEMPLATE_FILE} ${Config_File} ${DEBUG} sed -e "s/TARGET-CFG/${Target_Config}-client.conf/" -e "s/VPN-DEVICE/${Device}/" -e "s/MNG-PORT/${mng_port}/" -i ${Config_File} } #-------------------------------------------------------------------------------------------------------------------------- # vpn_job_tab_load #-------------------------------------------------------------------------------------------------------------------------- vpn_job_tab_load() { local job_id=0 local job_pid local job_date local job_cmd ${LOG} 1>&2 "Loading Job tab..." while IFS= read -r line do line=${line%%#*} if [[ ! -z "$line" ]] then set ${line} job_name="$1" job_pid="$2" job_date="$3 $4" shift; shift; shift; shift job_cmd="$*" var_assign VPN_JOB_ID_LIST "${job_id}" INC tab_assign VPN_JOB_TAB "${job_id},Name" "${job_name}" tab_assign VPN_JOB_TAB "${job_id},PId" "${job_pid}" tab_assign VPN_JOB_TAB "${job_id},Date" "${job_date}" tab_assign VPN_JOB_TAB "${job_id},Cmd" "${job_cmd}" tab_assign VPN_JOB_NAME_IDX "${job_name}" "${job_id}" job_id=$(( ${job_id} + 1)) fi done <<< ${VPN_STATUS} } #-------------------------------------------------------------------------------------------------------------------------- # vpn_job_tab_get #-------------------------------------------------------------------------------------------------------------------------- vpn_job_tab_get() { job_id="$1" job_name="${VPN_JOB_TAB["${job_id},Name"]}" job_pid="${VPN_JOB_TAB["${job_id},PId"]}" job_date="${VPN_JOB_TAB["${job_id},Date"]}" job_cmd="${VPN_JOB_TAB["${job_id},Cmd"]}" } #-------------------------------------------------------------------------------------------------------------------------- # vpn_job_tab_save #-------------------------------------------------------------------------------------------------------------------------- vpn_job_tab_save() { local job_id=0 local dst_id local config_file file_lock ${VPN_STATUS_LOCK} WRITE 9 >${VPN_STATUS_FILE} echo >>${VPN_STATUS_FILE} '#------------------------------------------------------------------------------- # VPN Status #------------------------------------------------------------------------------- VPN_STATUS=" #------------------------------------------------------------------------------- # Name PId Date Cmd #-------------------------------------------------------------------------------' for job_id in ${VPN_JOB_ID_LIST} do vpn_job_tab_get "${job_id}" echo -e >>${VPN_STATUS_FILE} "${job_name}\t${job_pid}\t${job_date}\t${job_cmd}" done echo >>${VPN_STATUS_FILE} '"' file_unlock 9 } #-------------------------------------------------------------------------------------------------------------------------- # vpn_job_tab_init #-------------------------------------------------------------------------------------------------------------------------- vpn_job_tab_init() { local job_id=0 local dst_id local config_file for dst_id in ${NETWORK_DST_ID_LIST} do network_dst_tab_get ${dst_id} if [[ "${dst_type}" == "1" ]] && [[ "${dst_config}" != "" ]] then config_file="${VPN_CONFIG_FILE/DEVICE/${dst_device}}" var_assign VPN_JOB_ID_LIST "${job_id}" INC tab_assign VPN_JOB_TAB "${job_id},Name" "${dst_name}" tab_assign VPN_JOB_TAB "${job_id},PId" "0" tab_assign VPN_JOB_TAB "${job_id},Cmd" "/usr/sbin/openvpn --config ${config_file} --dev ${dst_device} --daemon" tab_assign VPN_JOB_TAB "${job_id},Date" "" tab_assign VPN_JOB_NAME_IDX "${dst_name}" "${job_id}" vpn_config_make "${config_file}" "${dst_device}" "${dst_config}" log_print "${VPN_LOG_FILE}" "${LOG}" "Loading config: Id: [${job_id}] Name: [${dst_name}] Cmd: [${VPN_JOB_TAB["${job_id},Cmd"]}]" job_id=$(( ${job_id} + 1)) fi done } #-------------------------------------------------------------------------------------------------------------------------- # vpn_job_tab_deinit #-------------------------------------------------------------------------------------------------------------------------- vpn_job_tab_deinit() { local job_id for job_id in ${VPN_JOB_ID_LIST} do vpn_job_tab_get "${job_id}" if [[ "${job_PId}" -gt 0 ]] then log_print "${VPN_LOG_FILE}" "${LOG}" "Killing : Id: [${job_id}] Name: [${job_name}] PId: [${job_pid}]..." kill -15 ${job_pid} fi done ${LOG} "Flushing status file..." file_lock ${VPN_STATUS_LOCK} WRITE 9 >${VPN_STATUS_FILE} file_unlock 9 } #-------------------------------------------------------------------------------------------------------------------------- # vpn_job_tab_dump #-------------------------------------------------------------------------------------------------------------------------- vpn_job_tab_dump() { echo "VPN_JOB_ID_LIST: [${VPN_JOB_ID_LIST}]" echo echo "VPN_JOB_NAME_IDX:" for key in "${!VPN_JOB_NAME_IDX[@]}" do echo "[${key}]: [${VPN_JOB_NAME_IDX[${key}]}]" done | sort -n echo echo "VPN_JOB_TAB:" for key in "${!VPN_JOB_TAB[@]}" do echo "[${key}]: [${VPN_JOB_TAB[${key}]}]" done | sort -n echo } #-------------------------------------------------------------------------------------------------------------------------- # vpn_supervisor #-------------------------------------------------------------------------------------------------------------------------- vpn_supervisor() { local job_id local job_pid log_print "${VPN_LOG_FILE}" "${LOG}" "Starting Supervisor..." # Main Loop while true do for job_id in ${VPN_JOB_ID_LIST} do vpn_job_tab_get "${job_id}" ${DEBUG} kill -0 "${job_pid}" 2>/dev/null rc=$? if [[ ${job_pid} == 0 ]] || [[ $rc != 0 ]] then log_print "${VPN_LOG_FILE}" "${LOG}" "Restarting Cmd: [${job_cmd}]..." eval ${DEBUG} ${job_cmd} job_pid="$( ps aux | grep "${job_cmd}" | grep -v grep | head -1 | awk '{print $2}')" if [[ "${job_pid}" == "" ]] then job_pid=0 fi tab_assign VPN_JOB_TAB "${job_id},PId" "${job_pid}" tab_assign VPN_JOB_TAB "${job_id},Date" "$(date --rfc-3339=seconds -u)" log_print "${VPN_LOG_FILE}" "${LOG}" "PId: [${VPN_JOB_TAB["${job_id},PId"]}]!" fi done log_print "${VPN_LOG_FILE}" "${LOG}" "Saving VPN tab..." vpn_job_tab_save sleep 30 log_print "${VPN_LOG_FILE}" "${LOG}" "Refreshing DNS entries..." network_dst_address_refresh_all done } #-------------------------------------------------------------------------------------------------------------------------- # vpn_init #-------------------------------------------------------------------------------------------------------------------------- vpn_init() { network_init file_dir_init ${VPN_STATUS_LOCK} root apache file_lock ${VPN_STATUS_LOCK} READ 9 file_dir_init ${VPN_STATUS_FILE} root apache file_unlock 9 file_dir_init ${VPN_LOG_FILE} root apache if [[ -s "${VPN_STATUS_FILE}" ]] then file_lock ${VPN_STATUS_LOCK} READ 9 . "${VPN_STATUS_FILE}" file_unlock 9 vpn_job_tab_load else vpn_job_tab_init fi } #-------------------------------------------------------------------------------------------------------------------------- # vpn_deinit #-------------------------------------------------------------------------------------------------------------------------- vpn_deinit() { network_deinit } #-------------------------------------------------------------------------------------------------------------------------- # vpn_start #-------------------------------------------------------------------------------------------------------------------------- vpn_start() { local daemon_pid if [[ -s ${VPN_PID_FILE} ]] then daemon_pid=$( cat ${VPN_PID_FILE}) else daemon_pid=0 fi ${DEBUG} kill -0 "${daemon_pid}" 2>/dev/null rc=$? if [[ "${daemon_pid}" == "0" ]] || [[ $rc != 0 ]] then vpn_supervisor & daemon_pid=$! log_print "${VPN_LOG_FILE}" "${LOG}" "Daemon started, PId: [${daemon_pid}]" echo >${VPN_PID_FILE} "${daemon_pid}" else log_print "${VPN_LOG_FILE}" "${LOG}" "Daemon already running PId: [${daemon_pid}]" fi } #-------------------------------------------------------------------------------------------------------------------------- # vpn_stop #-------------------------------------------------------------------------------------------------------------------------- vpn_stop() { local daemon_pid if [[ -s ${VPN_PID_FILE} ]] then daemon_pid=$( cat ${VPN_PID_FILE}) else daemon_pid=0 fi ${DEBUG} kill -0 "${daemon_pid}" 2>/dev/null rc=$? if [[ "${daemon_pid}" == "0" ]] || [[ $rc != 0 ]] then log_print "${VPN_LOG_FILE}" "${LOG}" "Daemon already stoped!" else log_print "${VPN_LOG_FILE}" "${LOG}" "Stoping daemon, PId: [${daemon_pid}]..." kill -15 ${daemon_pid} fi >${VPN_PID_FILE} vpn_job_tab_deinit } #-------------------------------------------------------------------------------------------------------------------------- # vpn_status #-------------------------------------------------------------------------------------------------------------------------- vpn_status() { local daemon_pid local job_id if [[ -s ${VPN_PID_FILE} ]] then daemon_pid=$( cat ${VPN_PID_FILE}) echo "Daemon PId: (${daemon_pid})" else daemon_pid="" echo "Daemon not running" fi echo "Number of VPN Jobs: (${#VPN_JOB_NAME_IDX[@]})" echo -e "Id | Name | Status | PId | Date | Command" echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------" for job_id in ${VPN_JOB_ID_LIST} do vpn_job_tab_get "${job_id}" ${DEBUG} kill -0 "${job_pid}" 2>/dev/null rc=$? if [[ "${job_pid}" == "0" ]] || [[ $rc != 0 ]] then job_status="Down" else job_status="Up" fi printf "%-*s | %-*s | %-*s | %-*s | %-*s | %-*s\n" 8 "${job_id}" 24 "${job_name}" 8 "${job_status}" 8 "${job_pid}" 32 "${job_date}" 8 "${job_cmd}" done }