Arnaud G. GIBERT
b1c51d6cfd
- Improve openvpn stats reporting, - Add a new conection state for gateways device up with no gateway client conected.
823 lines
28 KiB
Bash
Executable File
823 lines
28 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
time_in=$(date +%s%N)
|
|
|
|
|
|
# No Log please
|
|
export LOG=""
|
|
|
|
. /usr/local/lib/network.bash
|
|
|
|
|
|
|
|
|
|
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
# Header Print
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
|
|
Header_Print()
|
|
{
|
|
case "${format}"
|
|
in
|
|
"html")
|
|
echo "Content-type: text/html"
|
|
echo ""
|
|
|
|
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">"
|
|
echo "<HTML>"
|
|
echo " <HEAD>"
|
|
echo " <META HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=iso-8859-1\">"
|
|
echo " <META http-equiv=\"Refresh\" content=\"300\">"
|
|
echo " <META http-equiv=\"Pragma\" content=\"no-cache\">"
|
|
echo " <LINK REL=\"shortcut icon\" HREF=\"/favicon.ico\" TYPE=\"image/x-icon\">"
|
|
echo " <LINK REL=\"stylesheet\" TYPE=\"text/css\" HREF=\"/tdsots/default.css\">"
|
|
|
|
if [[ "${cmd_status}" == "" ]]
|
|
then
|
|
echo " <TITLE>Rx3 VPN Admin Board</Title>"
|
|
else
|
|
echo " <TITLE>Rx3 VPN Admin Board: ${cmd_status}</Title>"
|
|
fi
|
|
|
|
if [[ "${redirect}" != "" ]]
|
|
then
|
|
echo " <meta http-equiv=\"REFRESH\" content=\"1; URL=${redirect}\">"
|
|
fi
|
|
|
|
echo " </HEAD>"
|
|
echo " <BODY>"
|
|
;;
|
|
|
|
"csv")
|
|
echo "Content-type: text/csv"
|
|
echo ""
|
|
|
|
echo "SOF"
|
|
|
|
if [[ "${redirect}" != "" ]]
|
|
then
|
|
echo "CMD: ${cmd_status}"
|
|
fi
|
|
;;
|
|
|
|
"txt")
|
|
echo "Content-disposition: attachment; filename=${file_name}"
|
|
echo "Content-type: text/plain"
|
|
echo ""
|
|
;;
|
|
esac
|
|
}
|
|
|
|
|
|
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
# Tailer
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
|
|
Footer_Print()
|
|
{
|
|
case "${format}"
|
|
in
|
|
"html")
|
|
echo " </BODY>"
|
|
echo ""
|
|
echo "</HTML>"
|
|
;;
|
|
|
|
"csv")
|
|
echo ""
|
|
echo "EOF"
|
|
;;
|
|
esac
|
|
}
|
|
|
|
|
|
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
# Destination Status Board
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
|
|
Destination_Status_Board()
|
|
{
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo " <P>"
|
|
echo " <BR>"
|
|
echo " </P>"
|
|
echo ""
|
|
echo " <H2>Destination Status Board</H2>"
|
|
echo ""
|
|
echo " <TABLE BORDER=\"1\" WIDTH=\"100%\">"
|
|
echo " <TR class=\"header\"><TD class=\"header\">#</TD><TD>Name</TD><TD>Type</TD><TD>Device</TD><TD>Status</TD><TD>IP</TD><TD>Host Name</TD><TD>Config</TD><TD>Table</TD><TD>Bytes In</TD><TD>Bytes Out</TD><TD>UpTime</TD></TR>"
|
|
else
|
|
echo "TABLE: Destination_Status_Board"
|
|
echo "#;Name;Type;Device;Status;IP;Host Name;Config;Table;Bytes In;Bytes Out;UpTime"
|
|
fi
|
|
|
|
|
|
for dst_id in ${NETWORK_DST_ID_LIST}
|
|
do
|
|
network_dst_tab_get ${dst_id}
|
|
|
|
if [[ ${dst_status} == 0 ]]
|
|
then
|
|
dst_ip="-"
|
|
fi
|
|
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo -n "<TR><TD class="header">${dst_id}</TD><TD>${dst_name}</TD><TD>${NETWORK_DST_TYPE[${dst_type}]}</TD><TD>${dst_device}</TD>"
|
|
|
|
case "${dst_status}"
|
|
in
|
|
"0")
|
|
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD>"
|
|
;;
|
|
|
|
"1")
|
|
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD>"
|
|
;;
|
|
|
|
"2")
|
|
echo -n "<TD><IMG SRC=\"/icons/user-unready.png\" TITLE=\"Unready\" ALT=\"Unready\"></TD>"
|
|
;;
|
|
|
|
*)
|
|
echo -n "<TD><IMG SRC=\"\" TITLE=\"Unknown\" ALT=\"Unknown\"></TD>"
|
|
;;
|
|
esac
|
|
|
|
|
|
echo "<TD>${dst_ip:--}</TD><TD>${dst_host_name:--}</TD><TD>${dst_config:--}</TD><TD>${dst_table}</TD><TD>${dst_bytes_received:--}</TD><TD>${dst_bytes_sent:--}</TD><TD>${dst_uptime:--}</TD>"
|
|
else
|
|
echo "${dst_id};${dst_name};${NETWORK_DST_TYPE[${dst_type}]};${dst_device};${dst_status};${dst_ip};${dst_host_name};${dst_config};${dst_table};${dst_bytes_received};${dst_bytes_sent};${dst_uptime}"
|
|
fi
|
|
done
|
|
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo " </TABLE>"
|
|
echo " <P>"
|
|
echo " <BR>"
|
|
echo " </P>"
|
|
echo ""
|
|
else
|
|
echo ""
|
|
fi
|
|
}
|
|
|
|
|
|
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
# Source Routing Board Line
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
|
|
Source_Routing_Board_Line()
|
|
{
|
|
src_id=$1
|
|
|
|
network_src_tab_get ${src_id}
|
|
|
|
if [[ ( "${filter}" == "") || ( "${filter}" == "owner") || ( "${filter}" == "${src_owner}") ]]
|
|
then
|
|
if [[ ( "${admin}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
|
then
|
|
class="default"
|
|
else
|
|
if [[ "${filter}" == "owner" ]]
|
|
then
|
|
class="skip"
|
|
else
|
|
class="dark"
|
|
fi
|
|
fi
|
|
else
|
|
# filter == user not owner of this line
|
|
|
|
class="skip"
|
|
fi
|
|
|
|
|
|
if [[ "${class}" != "skip" ]]
|
|
then
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo -n "<TR class="${class}"><TD class="header">${src_id}</TD>"
|
|
|
|
echo -n "<TD>${NETWORK_SRC_TYPE[${src_type}]}</TD><TD>${src_ip}</TD><TD>${src_host_name:--}</TD>"
|
|
|
|
echo -n "<TD>${src_device:--}</TD>"
|
|
|
|
case "${src_status}"
|
|
in
|
|
"0")
|
|
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD>"
|
|
;;
|
|
|
|
"1")
|
|
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD>"
|
|
;;
|
|
|
|
"2")
|
|
echo -n "<TD>-</TD>"
|
|
;;
|
|
esac
|
|
else
|
|
echo -n "${src_id};${NETWORK_SRC_TYPE[${src_type}]};${src_ip};${src_host_name};${src_device};${status};"
|
|
fi
|
|
|
|
|
|
for dst_id in ${NETWORK_DST_ID_LIST}
|
|
do
|
|
network_dst_tab_get ${dst_id}
|
|
|
|
if [[ ( "${admin}" == "true") || ( "${dst_type}" != 1) ]]
|
|
then
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo -n "<TD><TABLE class=\"${class}\" BORDER=\"0\" WIDTH=\"100%\"><TR><TD class=\"half\">"
|
|
|
|
if [[ "${dst_table}" == "${src_table}" ]]
|
|
then
|
|
echo -n "<IMG SRC=\"/icons/user-online.png\" TITLE=\"Up\" ALT=\"Up\"></TD><TD> "
|
|
else
|
|
echo -n "<IMG SRC=\"/icons/user-busy.png\" TITLE=\"Down\" ALT=\"Down\"></TD><TD>"
|
|
|
|
if [[ ( ${admin} == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
|
then
|
|
echo -n "<A HREF=\"?cmd=route_set&admin=${admin}&filter=${filter}&ip=${src_ip}&vpn=${dst_id}\"><IMG SRC=\"/icons/user-invisible.png\" TITLE=\"Activate\" ALT=\"Activate\"></A>"
|
|
else
|
|
echo -n " "
|
|
fi
|
|
fi
|
|
|
|
echo -n "</TD></TR></TABLE></TD>"
|
|
else
|
|
|
|
if [[ "${dst_table}" == "${src_table}" ]]
|
|
then
|
|
echo -n "1;"
|
|
else
|
|
echo -n "0;"
|
|
fi
|
|
fi
|
|
fi
|
|
done
|
|
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
if [[ "${port_range}" != "0" ]]
|
|
then
|
|
echo -n "<TD>${src_port_range}</TD><TD>${src_port_start:--}</TD><TD>${src_port_end:--}</TD>"
|
|
else
|
|
echo -n "<TD>${src_port_range}</TD><TD>-</TD><TD>-</TD>"
|
|
fi
|
|
|
|
echo "<TD><A HREF=\"?admin=${admin}&filter=${src_owner}\">${src_owner}</A></TD><TD>${src_bytes_received:--}</TD><TD>${src_bytes_sent:--}</TD><TD>${src_uptime:--}</TD><TD>${src_last_seen:--}</TD></TR>"
|
|
else
|
|
echo "${src_port_range};${src_port_start};${src_port_end};${src_owner};${src_bytes_received};${src_bytes_sent};${src_uptime};${src_last_seen}"
|
|
fi
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
# Source Routing Board
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
|
|
Source_Routing_Board()
|
|
{
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo " <P>"
|
|
echo " <BR>"
|
|
echo " </P>"
|
|
echo ""
|
|
echo " <H2>Source Routing Board</H2>"
|
|
echo ""
|
|
echo " <TABLE BORDER=\"1\" WIDTH=\"100%\">"
|
|
echo -n " <TR class="header"><TD class="header">#</TD><TD>Type</TD><TD>IP</TD><TD>Host Name</TD><TD>Device</TD><TD>Status</TD>"
|
|
else
|
|
echo "TABLE: Source_Routing_Board"
|
|
echo -n "#;Type;IP;Host Name;Status;Device;"
|
|
fi
|
|
|
|
|
|
for dst_id in ${NETWORK_DST_ID_LIST}
|
|
do
|
|
network_dst_tab_get ${dst_id}
|
|
|
|
if [[ ( "${admin}" == "true") || ( "${dst_type}" != 1) ]]
|
|
then
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo -n "<TD>${dst_name}</TD>"
|
|
else
|
|
echo -n "${dst_name};"
|
|
fi
|
|
fi
|
|
done
|
|
|
|
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo "<TD>Port Range</TD><TD>From Port</TD><TD>To Port</TD><TD>Owner</TD><TD>Bytes In</TD><TD>Bytes Out</TD><TD>UpTime</TD><TD>Last Seen</TD></TR>"
|
|
else
|
|
echo "Port Range;From Port;To Port;Owner;Bytes In;Bytes Out;UpTime;Last Seen"
|
|
fi
|
|
|
|
|
|
for src_id in ${NETWORK_SRC_ID_LIST}
|
|
do
|
|
Source_Routing_Board_Line ${src_id}
|
|
done
|
|
|
|
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo " </TABLE>"
|
|
echo " <P>"
|
|
echo " <BR>"
|
|
echo " </P>"
|
|
else
|
|
echo ""
|
|
fi
|
|
}
|
|
|
|
|
|
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
# OpenVPN Board
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
|
|
VPN_OpenVPN_Board()
|
|
{
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo " <P>"
|
|
echo " <BR>"
|
|
echo " </P>"
|
|
echo ""
|
|
echo " <H2>OpenVPN Board</H2>"
|
|
echo ""
|
|
echo " <TABLE BORDER=\"1\" WIDTH=\"100%\">"
|
|
echo " <TR class="header"><TD class="header" ROWSPAN=3>#</TD><TD ROWSPAN=3>IP</TD><TD ROWSPAN=3>Host Name</TD><TD COLSPAN=4>Configuration</TD><TD COLSPAN=5>Certificates</TD></TR><TR class=\"header\"><TD COLSPAN=2>Default Route VPN</TD><TD COLSPAN=2>No Default Route VPN</TD><TD ROWSPAN=2>CA Certificate (.crt)</TD><TD ROWSPAN=2>TC Certificate (.key)</TD><TD ROWSPAN=2>Private Key (.key)</TD><TD ROWSPAN=2>Cerificate Signing Request (.csr)</TD><TD ROWSPAN=2>Public Certificate (.crt)</TD></TR><TR class=\"header\"><TD>External Crt</TD><TD>Inline Crt</TD><TD>External Crt</TD><TD>Inline Crt</TD></TR>"
|
|
else
|
|
echo "TABLE: OpenVPN_Board"
|
|
echo "#;IP;Host Name;Certificate"
|
|
fi
|
|
|
|
idx=0
|
|
|
|
for src_id in ${NETWORK_SRC_ID_LIST}
|
|
do
|
|
network_src_tab_get ${src_id}
|
|
|
|
if [[ "${src_type}" == 2 ]]
|
|
then
|
|
if [[ ( "${filter}" == "") || ( "${filter}" == "owner") || ( "${filter}" == "${src_owner}") ]]
|
|
then
|
|
if [[ ( "${admin}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
|
then
|
|
class="default"
|
|
else
|
|
if [[ "${filter}" == "owner" ]]
|
|
then
|
|
class="skip"
|
|
else
|
|
class="dark"
|
|
fi
|
|
fi
|
|
else
|
|
# filter == user not owner of this line
|
|
|
|
class="skip"
|
|
fi
|
|
|
|
if [[ "${class}" != "skip" ]]
|
|
then
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo -n " <TR class=\"${class}\"><TD class=\"header\">${idx}</TD><TD>${src_ip}</TD><TD>${src_host_name}</TD>"
|
|
echo -n "<TD><A HREF=\"?cmd=config_download&admin=${admin}&filter=${filter}&ip=${src_ip}&defroute=true&type=ext\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Default Route External Certificates\" ALT=\"Configuration External Certificates\"></A></TD>"
|
|
|
|
if [[ ( "${admin}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
|
then
|
|
echo -n "<TD><A HREF=\"?cmd=config_download&admin=${admin}&filter=${filter}&ip=${src_ip}&defroute=true&type=inline\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Default Route Inline Certificates\" ALT=\"Configuration Inline Certificates\"></A></TD>"
|
|
else
|
|
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Inline Certificates\" ALT=\"Configuration Inline Certificates\"></TD>"
|
|
fi
|
|
|
|
echo -n "<TD><A HREF=\"?cmd=config_download&admin=${admin}&filter=${filter}&ip=${src_ip}&defroute=false&type=ext\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration NoDefault Route External Certificates\" ALT=\"Configuration External Certificates\"></A></TD>"
|
|
|
|
if [[ ( "${admin}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
|
then
|
|
echo -n "<TD><A HREF=\"?cmd=config_download&admin=${admin}&filter=${filter}&ip=${src_ip}&defroute=false&type=inline\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration NoDefault Route Inline Certificates\" ALT=\"Configuration Inline Certificates\"></A></TD>"
|
|
else
|
|
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Configuration Inline Certificates\" ALT=\"Configuration Inline Certificates\"></TD>"
|
|
fi
|
|
else
|
|
echo -n "${idx};${src_ip};${src_host_name}"
|
|
fi
|
|
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo -n "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&filter=${filter}&ip=${src_ip}&type=ca\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"CA Certificate\" ALT=\"CA Certificate\"></A></TD>"
|
|
|
|
if [[ ( "${admin}" == "true") || ( "${REMOTE_USER}" == "${src_owner}") ]]
|
|
then
|
|
echo -n "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&filter=${filter}&ip=${src_ip}&type=tc\" ><IMG SRC=\"/icons/user-online.png\" TITLE=\"TC Certificate\" ALT=\"TC Certificate\"></A></TD>"
|
|
|
|
if [[ -f /etc/openvpn/tls/certs/${src_host_name}.crt ]]
|
|
then
|
|
echo -n "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&filter=${filter}&ip=${src_ip}&type=key\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></A></TD>"
|
|
echo -n "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&filter=${filter}&ip=${src_ip}&type=csr\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Certificate Signing Request\" ALT=\"Certificat Signing Request\"></A></TD>"
|
|
echo "<TD><A HREF=\"?cmd=cert_download&admin=${admin}&filter=${filter}&ip=${src_ip}&type=crt\"><IMG SRC=\"/icons/user-online.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></A></TD></TR>"
|
|
else
|
|
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></TD>"
|
|
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Certificat Signing Request\" ALT=\"Certificat Signing Request\"></TD>"
|
|
echo "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></TD></TR>"
|
|
fi
|
|
else
|
|
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"TC Certificate\" ALT=\"TC Certificate\"></TD>"
|
|
|
|
if [[ -f /etc/openvpn/tls/certs/${src_host_name}.crt ]]
|
|
then
|
|
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></TD>"
|
|
echo -n "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Certificat Signing Request\" ALT=\"Certificat Signing Request\"></TD>"
|
|
echo "<TD><IMG SRC=\"/icons/user-online.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></TD></TR>"
|
|
else
|
|
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Private Key\" ALT=\"Private Key\"></TD>"
|
|
echo -n "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Certificat Signing Request\" ALT=\"Certificat Signing Request\"></TD>"
|
|
echo "<TD><IMG SRC=\"/icons/user-busy.png\" TITLE=\"Public Certificate\" ALT=\"Public Certificate\"></TD></TR>"
|
|
fi
|
|
fi
|
|
else
|
|
if [[ -f /etc/openvpn/tls/certs/${src_host_name}.crt ]]
|
|
then
|
|
echo ";1"
|
|
else
|
|
echo ";0"
|
|
fi
|
|
fi
|
|
|
|
idx=$(( ${idx} + 1))
|
|
fi
|
|
fi
|
|
done
|
|
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo " </TABLE>"
|
|
echo " <P>"
|
|
echo " <BR>"
|
|
echo " </P>"
|
|
fi
|
|
}
|
|
|
|
|
|
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
# Main Board Print
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
|
|
Main_Board_Print()
|
|
{
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo ""
|
|
|
|
if [[ "${admin}" == "true" ]]
|
|
then
|
|
admin_mode=" - Admin Mode"
|
|
else
|
|
admin_mode=""
|
|
fi
|
|
|
|
case "${filter}"
|
|
in
|
|
"owner")
|
|
filter_mode="My VPN"
|
|
;;
|
|
|
|
"")
|
|
filter_mode="All VPN"
|
|
;;
|
|
|
|
*)
|
|
filter_mode="${filter} VPN"
|
|
;;
|
|
esac
|
|
|
|
echo " <H1>VPN Admin Board: ${filter_mode}${admin_mode}</H1>"
|
|
|
|
|
|
echo " <P>"
|
|
echo " <BR>"
|
|
echo ""
|
|
echo " <b>Date: $(/bin/date)</b><br>"
|
|
echo " </P>"
|
|
echo " <HR>"
|
|
echo ""
|
|
fi
|
|
|
|
Destination_Status_Board
|
|
Source_Routing_Board
|
|
VPN_OpenVPN_Board
|
|
|
|
if [[ "${format}" == "html" ]]
|
|
then
|
|
echo " <P>"
|
|
echo " <BR>"
|
|
echo " <BR>"
|
|
echo -n " "
|
|
|
|
if [[ " ${ADMIN_USER_LIST} " == *" ${REMOTE_USER} "* ]]
|
|
then
|
|
if [[ "${admin}" == "true" ]]
|
|
then
|
|
echo -n "<A HREF=\"?filter=${filter}\">Non Admin Mode</A>"
|
|
else
|
|
echo -n "<A HREF=\"?admin=true&filter=${filter}\">Admin Mode</A>"
|
|
fi
|
|
|
|
echo -n " "
|
|
fi
|
|
|
|
if [[ "${filter}" != "" ]]
|
|
then
|
|
echo -n "<A HREF=\"?admin=${admin}\">All VPN</A>"
|
|
fi
|
|
|
|
echo ""
|
|
echo " </P>"
|
|
|
|
time_out=$(date +%s%N)
|
|
elaps=$((${time_out} - ${time_in}))
|
|
elaps_sec=$((${elaps} / 1000000000))
|
|
elaps_mili=$(( ( ${elaps} / 1000000) - ( ${elaps_sec} * 1000)))
|
|
|
|
echo " <P>"
|
|
echo " <BR>"
|
|
echo " <BR>"
|
|
printf "Page generated in %d.%03d seconds" ${elaps_sec} ${elaps_mili}
|
|
echo " </P>"
|
|
echo ""
|
|
echo " <HR>"
|
|
echo ""
|
|
echo " <P>"
|
|
echo " <A HREF=\"/tdsots/admin/\">Rx3 Admin</A>"
|
|
echo " </P>"
|
|
echo ""
|
|
echo " <HR>"
|
|
echo ""
|
|
echo " <P>"
|
|
echo " <A HREF=\"http://www.hertgen.com/anybrowser/\"> <IMG SRC=\"/images/anyb09.png\" ALT=\"Best Viewed With Any Browser\"></A>"
|
|
echo " <A HREF=\"http://validator.w3.org/check?uri=referer\"><IMG SRC=\"/images/valid-html401.png\" ALT=\"Valid HTML 4.01!\"></A>"
|
|
echo " <A HREF=\"http://jigsaw.w3.org/css-validator/\"> <IMG SRC=\"/images/valid-css.png\" ALT=\"Valid CSS!\"></A>"
|
|
echo " </P>"
|
|
fi
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
# Main
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
# Args
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
|
|
cmd=""
|
|
format=""
|
|
filter=""
|
|
ip=""
|
|
vpn=""
|
|
type=""
|
|
redirect=""
|
|
cmd_status=""
|
|
admin=""
|
|
|
|
if [[ "${QUERY_STRING}" != "" ]]
|
|
then
|
|
OIFS=${IFS}
|
|
IFS="\&"
|
|
set ${QUERY_STRING}
|
|
IFS=${OIFS}
|
|
|
|
i=$#
|
|
|
|
while [[ "${i}" != 0 ]]
|
|
do
|
|
var=${1/=*/}
|
|
arg=${1/*=/}
|
|
|
|
case "${var}"
|
|
in
|
|
"cmd")
|
|
cmd=${arg}
|
|
;;
|
|
|
|
"format")
|
|
format=${arg}
|
|
;;
|
|
|
|
"admin")
|
|
admin=${arg}
|
|
;;
|
|
|
|
"filter")
|
|
filter=${arg}
|
|
;;
|
|
|
|
"ip")
|
|
ip=${arg}
|
|
;;
|
|
|
|
"vpn")
|
|
vpn=${arg}
|
|
;;
|
|
|
|
"type")
|
|
type=${arg}
|
|
;;
|
|
|
|
"filename")
|
|
filename=${arg}
|
|
;;
|
|
|
|
"defroute")
|
|
defroute=${arg}
|
|
;;
|
|
esac
|
|
|
|
shift
|
|
i=$((i - 1))
|
|
done
|
|
fi
|
|
|
|
if [[ "${format}" == "" ]]
|
|
then
|
|
format="html"
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
# Command Handler
|
|
#--------------------------------------------------------------------------------------------------------------------------
|
|
|
|
network_init
|
|
|
|
#network_tab_dump
|
|
|
|
if [[ ( ${admin} == "true") && ( " ${ADMIN_USER_LIST} " != *" ${REMOTE_USER} "*) ]]
|
|
then
|
|
cmd_status="${cmd}: Admin NOT_AUTHORIZED"
|
|
|
|
redirect="?filter=${filter}"
|
|
|
|
Header_Print
|
|
Footer_Print
|
|
else
|
|
|
|
case "${cmd}"
|
|
in
|
|
"")
|
|
Header_Print
|
|
Main_Board_Print
|
|
Footer_Print
|
|
;;
|
|
|
|
"route_set")
|
|
network_src_tab_ip_lookup "${ip}"
|
|
network_src_tab_get "${src_id}"
|
|
|
|
network_dst_tab_get "${vpn}"
|
|
|
|
if [[ ( ${admin} == "true") || ( ( "${REMOTE_USER}" == "${src_owner}") && ( "${dst_type}" != 1)) ]]
|
|
then
|
|
sudo /usr/local/sbin/rx3_net_adm table_set ${ip} ${dst_table} 1>&2
|
|
|
|
if [[ "$?" == 0 ]]
|
|
then
|
|
cmd_status="route_set: OK"
|
|
else
|
|
cmd_status="route_set: KO"
|
|
fi
|
|
else
|
|
cmd_status="route_set: NOT_AUTHORIZED [${REMOTE_USER}]/[${src_owner}]/[${dst_type}]"
|
|
fi
|
|
|
|
redirect="?admin=${admin}&filter=${filter}"
|
|
|
|
Header_Print
|
|
Footer_Print
|
|
;;
|
|
|
|
"cert_download")
|
|
network_src_tab_ip_lookup "${ip}"
|
|
network_src_tab_get "${src_id}"
|
|
|
|
if [[ ( ${admin} == "true") || ( "${REMOTE_USER}" == "${src_owner}") || ( "${type}" == "ca") || ( "${type}" == "crt") ]]
|
|
then
|
|
cmd_status="cert_download: OK"
|
|
format="txt"
|
|
|
|
case "${type}"
|
|
in
|
|
"ca")
|
|
file_name="ca.crt"
|
|
host_name=""
|
|
;;
|
|
|
|
"tc")
|
|
file_name="tc.key"
|
|
host_name=""
|
|
;;
|
|
|
|
*)
|
|
host_name=$(host ${ip} | sed -e 's/.*domain name pointer //' -e 's/.$//')
|
|
file_name="${host_name}.${type}"
|
|
;;
|
|
esac
|
|
|
|
Header_Print
|
|
sudo /usr/local/sbin/cert_dump ${type} ${host_name}
|
|
else
|
|
cmd_status="cert_download: NOT_AUTHORIZED"
|
|
|
|
redirect="?admin=${admin}&filter=${filter}"
|
|
|
|
format="html"
|
|
Header_Print
|
|
Footer_Print
|
|
fi
|
|
;;
|
|
|
|
"config_download")
|
|
network_src_tab_ip_lookup "${ip}"
|
|
network_src_tab_get "${src_id}"
|
|
|
|
if [[ ( ${admin} == "true") || ( "${REMOTE_USER}" == "${src_owner}") || ( "${type}" == "ext") ]]
|
|
then
|
|
cmd_status="config_download: OK"
|
|
|
|
host_name=$(host ${ip} | sed -e 's/.*domain name pointer //' -e 's/.$//')
|
|
template_name="rx3-client.ovpn"
|
|
|
|
if [[ "${defroute}" == "false" ]]
|
|
then
|
|
defroute_pipe="sed s/#pull-filter/pull-filter/"
|
|
route_type="nodefroute"
|
|
else
|
|
defroute_pipe="cat"
|
|
route_type="defroute"
|
|
fi
|
|
|
|
format="txt"
|
|
|
|
if [[ "${type}" == "ext" ]]
|
|
then
|
|
file_name="${host_name}-${route_type}-external.ovpn"
|
|
Header_Print
|
|
|
|
sed </etc/openvpn/template/${template_name} -e "s/CLIENT_FQDN/${host_name}/g" | ${defroute_pipe}
|
|
else
|
|
file_name="${host_name}-${route_type}-inline.ovpn"
|
|
Header_Print
|
|
|
|
eval "echo \"$( sed </etc/openvpn/template/${template_name} -e "s/ca tls\/certs\/ca.crt/\$(echo \"<ca>\"; sudo \/usr\/local\/sbin\/cert_dump ca; echo \"<\/ca>\")/" -e "s/cert tls\/certs\/CLIENT_FQDN.crt/\$(echo \"<cert>\"; sudo \/usr\/local\/sbin\/cert_dump crt CLIENT_FQDN; echo \"<\/cert>\")/" -e "s/key tls\/private\/CLIENT_FQDN.key/\$(echo \"<key>\"; sudo \/usr\/local\/sbin\/cert_dump key CLIENT_FQDN; echo \"<\/key>\")/" -e "s/tls-crypt tls\/private\/tc.key/\$(echo \"<tls-crypt>\"; sudo \/usr\/local\/sbin\/cert_dump tc; echo \"<\/tls-crypt>\")/" -e "s/CLIENT_FQDN/${host_name}/g")\"" | ${defroute_pipe}
|
|
fi
|
|
else
|
|
cmd_status="config_download: NOT_AUTHORIZED"
|
|
|
|
redirect="?admin=${admin}&filter=${filter}"
|
|
|
|
format="html"
|
|
Header_Print
|
|
Footer_Print
|
|
fi
|
|
;;
|
|
|
|
*)
|
|
cmd_status="${cmd}: UNKNOWN_CMD"
|
|
|
|
Header_Print
|
|
Footer_Print
|
|
;;
|
|
esac
|
|
fi
|
|
|
|
network_deinit
|