diff --git a/luci-app-ipsec-server/Makefile b/luci-app-ipsec-server/Makefile index 54313c4b7..7a8bf32e9 100644 --- a/luci-app-ipsec-server/Makefile +++ b/luci-app-ipsec-server/Makefile @@ -6,10 +6,10 @@ include $(TOPDIR)/rules.mk LUCI_TITLE:=LuCI support for IPSec VPN Server -LUCI_DEPENDS:=+strongswan +strongswan-minimal +strongswan-mod-kernel-libipsec +strongswan-mod-openssl +strongswan-mod-xauth-generic +xl2tpd +luci-lib-jsonc +LUCI_DEPENDS:=+strongswan +strongswan-minimal +strongswan-mod-kernel-libipsec +strongswan-mod-openssl +strongswan-mod-xauth-generic +xl2tpd +luci-lib-jsonc +kmod-tun LUCI_PKGARCH:=all PKG_VERSION:=20211216 -PKG_RELEASE:=1 +PKG_RELEASE:=2 include $(TOPDIR)/feeds/luci/luci.mk diff --git a/luci-app-ipsec-server/luasrc/controller/ipsec-server.lua b/luci-app-ipsec-server/luasrc/controller/ipsec-server.lua index fc24df07e..921c2599c 100644 --- a/luci-app-ipsec-server/luasrc/controller/ipsec-server.lua +++ b/luci-app-ipsec-server/luasrc/controller/ipsec-server.lua @@ -8,6 +8,7 @@ function index() entry({"admin", "vpn", "ipsec-server"}, alias("admin", "vpn", "ipsec-server", "settings"), _("IPSec VPN Server"), 49).dependent = false entry({"admin", "vpn", "ipsec-server", "settings"}, cbi("ipsec-server/settings"), _("General Settings"), 10).leaf = true entry({"admin", "vpn", "ipsec-server", "users"}, cbi("ipsec-server/users"), _("Users Manager"), 20).leaf = true + entry({"admin", "vpn", "ipsec-server", "l2tp_user"}, cbi("ipsec-server/l2tp_user")).leaf = true entry({"admin", "vpn", "ipsec-server", "online"}, cbi("ipsec-server/online"), _("L2TP Online Users"), 30).leaf = true entry({"admin", "vpn", "ipsec-server", "status"}, call("status")).leaf = true end diff --git a/luci-app-ipsec-server/luasrc/model/cbi/ipsec-server/l2tp_user.lua b/luci-app-ipsec-server/luasrc/model/cbi/ipsec-server/l2tp_user.lua new file mode 100644 index 000000000..7781a4b6e --- /dev/null +++ b/luci-app-ipsec-server/luasrc/model/cbi/ipsec-server/l2tp_user.lua @@ -0,0 +1,35 @@ +local d = require "luci.dispatcher" +local sys = require "luci.sys" + +m = Map("luci-app-ipsec-server", "L2TP/IPSec PSK " .. translate("Users Manager")) +m.redirect = d.build_url("admin", "vpn", "ipsec-server", "users") + +if sys.call("command -v xl2tpd > /dev/null") == 0 then + s = m:section(NamedSection, arg[1], "l2tp_users", "") + s.addremove = false + s.anonymous = true + + o = s:option(Flag, "enabled", translate("Enabled")) + o.default = 1 + o.rmempty = false + + o = s:option(Value, "username", translate("Username")) + o.placeholder = translate("Username") + o.rmempty = false + + o = s:option(Value, "password", translate("Password")) + o.placeholder = translate("Password") + o.rmempty = false + + o = s:option(Value, "ipaddress", translate("IP address")) + o.placeholder = translate("Automatically") + o.datatype = "ip4addr" + o.rmempty = true + + o = s:option(DynamicList, "routes", translate("Static Routes")) + o.placeholder = "192.168.10.0/24" + o.datatype = "ipmask4" + o.rmempty = true +end + +return m diff --git a/luci-app-ipsec-server/luasrc/model/cbi/ipsec-server/users.lua b/luci-app-ipsec-server/luasrc/model/cbi/ipsec-server/users.lua index e0a439338..d5c883d86 100644 --- a/luci-app-ipsec-server/luasrc/model/cbi/ipsec-server/users.lua +++ b/luci-app-ipsec-server/luasrc/model/cbi/ipsec-server/users.lua @@ -1,3 +1,4 @@ +local d = require "luci.dispatcher" local sys = require "luci.sys" m = Map("luci-app-ipsec-server") @@ -9,14 +10,16 @@ s.anonymous = true s.template = "cbi/tblsection" o = s:option(Flag, "enabled", translate("Enabled")) +o.default = 1 o.rmempty = false -o = s:option(Value, "username", translate("User name")) -o.placeholder = translate("User name") -o.rmempty = true +o = s:option(Value, "username", translate("Username")) +o.placeholder = translate("Username") +o.rmempty = false o = s:option(Value, "password", translate("Password")) -o.rmempty = true +o.placeholder = translate("Password") +o.rmempty = false if sys.call("command -v xl2tpd > /dev/null") == 0 then s = m:section(TypedSection, "l2tp_users", "L2TP/IPSec PSK " .. translate("Users Manager")) @@ -24,16 +27,23 @@ if sys.call("command -v xl2tpd > /dev/null") == 0 then s.addremove = true s.anonymous = true s.template = "cbi/tblsection" + s.extedit = d.build_url("admin", "vpn", "ipsec-server", "l2tp_user", "%s") + function s.create(e, t) + t = TypedSection.create(e, t) + luci.http.redirect(e.extedit:format(t)) + end o = s:option(Flag, "enabled", translate("Enabled")) + o.default = 1 o.rmempty = false - o = s:option(Value, "username", translate("User name")) - o.placeholder = translate("User name") - o.rmempty = true + o = s:option(Value, "username", translate("Username")) + o.placeholder = translate("Username") + o.rmempty = false o = s:option(Value, "password", translate("Password")) - o.rmempty = true + o.placeholder = translate("Password") + o.rmempty = false o = s:option(Value, "ipaddress", translate("IP address")) o.placeholder = translate("Automatically") diff --git a/luci-app-ipsec-server/po/zh-cn/ipsec.po b/luci-app-ipsec-server/po/zh-cn/ipsec.po index ab038f732..b822a2f03 100644 --- a/luci-app-ipsec-server/po/zh-cn/ipsec.po +++ b/luci-app-ipsec-server/po/zh-cn/ipsec.po @@ -13,11 +13,8 @@ msgstr "当前状态" msgid "General settings" msgstr "基本设置" -msgid "Online Users" -msgstr "在线用户" - -msgid "L2TP Online Users" -msgstr "L2TP 在线用户" +msgid "Enabled" +msgstr "启用" msgid "VPN Client IP" msgstr "VPN客户端地址段" @@ -37,6 +34,42 @@ msgstr "VPN客户端获取IP范围,例如:192.168.101.10-20" msgid "L2TP/IPSec is not compatible with kernel-libipsec, which will disable this module." msgstr "L2TP/IPSec不兼容kernel-libipsec,开启将会禁用此模块。" +msgid "Users Manager" +msgstr "用户管理" + +msgid "Username" +msgstr "用户名" + +msgid "Password" +msgstr "密码" + +msgid "IP address" +msgstr "IP 地址" + +msgid "Automatically" +msgstr "自动分配" + +msgid "Online Users" +msgstr "在线用户" + +msgid "L2TP Online Users" +msgstr "L2TP 在线用户" + +msgid "Login Time" +msgstr "登录时间" + +msgid "Blacklist" +msgstr "黑名单" + +msgid "Add to Blacklist" +msgstr "加入黑名单" + +msgid "Remove from Blacklist" +msgstr "移出黑名单" + +msgid "Forced offline" +msgstr "强制下线" + msgid "NOT RUNNING" msgstr "未运行" diff --git a/luci-app-ipsec-server/root/etc/init.d/luci-app-ipsec-server b/luci-app-ipsec-server/root/etc/init.d/luci-app-ipsec-server index 603f1c028..30f69cd82 100755 --- a/luci-app-ipsec-server/root/etc/init.d/luci-app-ipsec-server +++ b/luci-app-ipsec-server/root/etc/init.d/luci-app-ipsec-server @@ -135,7 +135,9 @@ start() { local l2tp_users=$(get_enabled_anonymous_secs "@l2tp_users") [ -n "$l2tp_users" ] && { for user in $l2tp_users; do - eval $(uci -q show "${CONFIG}.${user}" | cut -d'.' -sf 3-) + for i in $(uci -q show "${CONFIG}.${user}" | cut -d '.' -sf 3- | cut -d '=' -sf 1); do + eval $i=\"$(uci -q get "${CONFIG}.${user}".$i)\" + done [ "$enabled" -eq 1 ] || return 0 [ -n "$username" ] || return 0 [ -n "$password" ] || return 0 @@ -203,7 +205,9 @@ start() { local ipsec_users=$(get_enabled_anonymous_secs "@ipsec_users") [ -n "$ipsec_users" ] && { for user in $ipsec_users; do - eval $(uci -q show "${CONFIG}.${user}" | cut -d'.' -sf 3-) + for i in $(uci -q show "${CONFIG}.${user}" | cut -d '.' -sf 3- | cut -d '=' -sf 1); do + eval $i=\"$(uci -q get "${CONFIG}.${user}".$i)\" + done [ "$enabled" -eq 1 ] || return 0 [ -n "$username" ] || return 0 [ -n "$password" ] || return 0 diff --git a/luci-app-ipsec-server/root/usr/share/xl2tpd/ip-down b/luci-app-ipsec-server/root/usr/share/xl2tpd/ip-down index 3ccaeb49d..9434e7615 100755 --- a/luci-app-ipsec-server/root/usr/share/xl2tpd/ip-down +++ b/luci-app-ipsec-server/root/usr/share/xl2tpd/ip-down @@ -1,6 +1,9 @@ #!/bin/sh _LOGOUT_TIME="$(date "+%Y-%m-%d %H:%M:%S")" +CONFIG="luci-app-ipsec-server" +L2TP_PATH=/var/etc/xl2tpd +L2TP_SESSION_PATH=${L2TP_PATH}/session _USERNAME=${PEERNAME} _IFACE=${1} @@ -13,7 +16,7 @@ _BYTES_SENT=${BYTES_SENT} _BYTES_RCVD=${BYTES_RCVD} _CONNECT_TIME=${CONNECT_TIME} -rm -f /var/etc/xl2tpd/session/${_USERNAME}.${_IFACE} +rm -f ${L2TP_SESSION_PATH}/${_USERNAME}.${_IFACE} rm -f /var/run/${_IFACE}.pid #可根据退出的账号自定义脚本,如静态路由表,组网等。 diff --git a/luci-app-ipsec-server/root/usr/share/xl2tpd/ip-up b/luci-app-ipsec-server/root/usr/share/xl2tpd/ip-up index bbc3d3bd1..6109d037e 100755 --- a/luci-app-ipsec-server/root/usr/share/xl2tpd/ip-up +++ b/luci-app-ipsec-server/root/usr/share/xl2tpd/ip-up @@ -1,6 +1,9 @@ #!/bin/sh _LOGIN_TIME="$(date "+%Y-%m-%d %H:%M:%S")" +CONFIG="luci-app-ipsec-server" +L2TP_PATH=/var/etc/xl2tpd +L2TP_SESSION_PATH=${L2TP_PATH}/session _USERNAME=${PEERNAME} _IFACE=${1} @@ -12,9 +15,9 @@ _PEERIP=${5} _PID=$(cat /var/run/${_IFACE}.pid 2>/dev/null) _REMOTEIP=$(cat /var/etc/xl2tpd/xl2tpd.log 2>/dev/null | grep "PID: ${_PID}" | grep -o -E '([0-9]{1,3}[\.]){3}[0-9]{1,3}') -mkdir -p /var/etc/xl2tpd/session +mkdir -p ${L2TP_SESSION_PATH} -cat <<-EOF > /var/etc/xl2tpd/session/${_USERNAME}.${_IFACE} +cat <<-EOF > ${L2TP_SESSION_PATH}/${_USERNAME}.${_IFACE} { "username": "${_USERNAME}", "interface": "${_IFACE}", @@ -27,25 +30,27 @@ cat <<-EOF > /var/etc/xl2tpd/session/${_USERNAME}.${_IFACE} } EOF -#如果给用户绑定了IP地址,仅只能单用户。 -cfgid=$(uci show luci-app-ipsec-server | grep "@l2tp_users" | grep "\.username='${_USERNAME}'" | cut -d '.' -sf 2) +#只能单用户使用 +cfgid=$(uci show ${CONFIG} | grep "@l2tp_users" | grep "\.username='${_USERNAME}'" | cut -d '.' -sf 2) [ -n "$cfgid" ] && { - - ip=$(uci -q get luci-app-ipsec-server.${cfgid}.ipaddress) - [ -n "$ip" ] && { - HAS_LOGIN=$(ls /var/etc/xl2tpd/session | grep "^${_USERNAME}\.ppp" | grep -v "${_IFACE}") - [ -n "$HAS_LOGIN" ] && { - #踢出之前的用户 - KO_IFACE=$(echo $HAS_LOGIN | awk -F '.' '{print $2}') - KO_PID=$(cat /var/run/${KO_IFACE}.pid 2>/dev/null) - [ -n "$KO_PID" ] && kill -9 ${KO_PID} >/dev/null 2>&1 - rm -f /var/etc/xl2tpd/session/${HAS_LOGIN} - rm -f /var/run/${KO_IFACE}.pid - } + HAS_LOGIN=$(ls ${L2TP_SESSION_PATH} | grep "^${_USERNAME}\.ppp" | grep -v "${_IFACE}") + [ -n "$HAS_LOGIN" ] && { + #踢出之前的用户 + KO_IFACE=$(echo $HAS_LOGIN | awk -F '.' '{print $2}') + KO_PID=$(cat /var/run/${KO_IFACE}.pid 2>/dev/null) + [ -n "$KO_PID" ] && kill -9 ${KO_PID} >/dev/null 2>&1 + rm -f ${L2TP_SESSION_PATH}/${HAS_LOGIN} + rm -f /var/run/${KO_IFACE}.pid + } + routes=$(uci -q get ${CONFIG}.${cfgid}.routes) + [ -n "$routes" ] && { + for router in ${routes}; do + route add -net ${router} dev ${_IFACE} >/dev/null 2>&1 + done } } -#可根据登录的账号自定义脚本,如静态路由表,组网等。 +#可根据登录的账号自定义脚本,如组网、日志、限速、权限等特殊待遇。 SCRIPT="/usr/share/xl2tpd/ip-up.d/${_USERNAME}" [ -s "$SCRIPT" ] && { [ ! -x "$SCRIPT" ] && chmod 0755 "$SCRIPT" diff --git a/luci-app-pptp-server/Makefile b/luci-app-pptp-server/Makefile index b3777b8e6..f731e7837 100644 --- a/luci-app-pptp-server/Makefile +++ b/luci-app-pptp-server/Makefile @@ -9,7 +9,7 @@ LUCI_TITLE:=LuCI support for PPTP VPN Server LUCI_DEPENDS:=+pptpd +kmod-mppe +ppp +luci-lib-jsonc LUCI_PKGARCH:=all PKG_VERSION:=20211216 -PKG_RELEASE:=1 +PKG_RELEASE:=2 include $(TOPDIR)/feeds/luci/luci.mk diff --git a/luci-app-pptp-server/luasrc/controller/pptpd.lua b/luci-app-pptp-server/luasrc/controller/pptpd.lua index 3a5ec26de..6b71f2ca1 100644 --- a/luci-app-pptp-server/luasrc/controller/pptpd.lua +++ b/luci-app-pptp-server/luasrc/controller/pptpd.lua @@ -5,14 +5,11 @@ function index() if not nixio.fs.access("/etc/config/luci-app-pptp-server") then return end entry({"admin", "vpn"}, firstchild(), "VPN", 45).dependent = false - entry({"admin", "vpn", "pptpd"}, alias("admin", "vpn", "pptpd", "settings"), - _("PPTP VPN Server"), 48) - entry({"admin", "vpn", "pptpd", "settings"}, cbi("pptpd/settings"), - _("General Settings"), 10).leaf = true - entry({"admin", "vpn", "pptpd", "users"}, cbi("pptpd/users"), - _("Users Manager"), 20).leaf = true - entry({"admin", "vpn", "pptpd", "online"}, cbi("pptpd/online"), - _("Online Users"), 30).leaf = true + entry({"admin", "vpn", "pptpd"}, alias("admin", "vpn", "pptpd", "settings"), _("PPTP VPN Server"), 48) + entry({"admin", "vpn", "pptpd", "settings"}, cbi("pptpd/settings"), _("General Settings"), 10).leaf = true + entry({"admin", "vpn", "pptpd", "users"}, cbi("pptpd/users"), _("Users Manager"), 20).leaf = true + entry({"admin", "vpn", "pptpd", "user"}, cbi("pptpd/user")).leaf = true + entry({"admin", "vpn", "pptpd", "online"}, cbi("pptpd/online"), _("Online Users"), 30).leaf = true entry({"admin", "vpn", "pptpd", "status"}, call("status")).leaf = true end diff --git a/luci-app-pptp-server/luasrc/model/cbi/pptpd/settings.lua b/luci-app-pptp-server/luasrc/model/cbi/pptpd/settings.lua index 9a19bb4e0..b5f410359 100644 --- a/luci-app-pptp-server/luasrc/model/cbi/pptpd/settings.lua +++ b/luci-app-pptp-server/luasrc/model/cbi/pptpd/settings.lua @@ -13,7 +13,7 @@ o = s:option(DummyValue, "pptpd_status", translate("Current Condition")) o.template = "pptpd/status" o.value = translate("Collecting data...") -o = s:option(Flag, "enabled", translate("Enable VPN Server")) +o = s:option(Flag, "enabled", translate("Enabled")) o.rmempty = false o = s:option(Value, "localip", translate("Server IP"), translate("VPN Server IP address, it not required.")) diff --git a/luci-app-pptp-server/luasrc/model/cbi/pptpd/user.lua b/luci-app-pptp-server/luasrc/model/cbi/pptpd/user.lua new file mode 100644 index 000000000..3677b7083 --- /dev/null +++ b/luci-app-pptp-server/luasrc/model/cbi/pptpd/user.lua @@ -0,0 +1,32 @@ +local d = require "luci.dispatcher" + +m = Map("luci-app-pptp-server", translate("Users Manager")) +m.redirect = d.build_url("admin", "vpn", "pptpd", "users") + +s = m:section(NamedSection, arg[1], "users", "") +s.addremove = false +s.anonymous = true + +o = s:option(Flag, "enabled", translate("Enabled")) +o.default = 1 +o.rmempty = false + +o = s:option(Value, "username", translate("Username")) +o.placeholder = translate("Username") +o.rmempty = false + +o = s:option(Value, "password", translate("Password")) +o.placeholder = translate("Password") +o.rmempty = false + +o = s:option(Value, "ipaddress", translate("IP address")) +o.placeholder = translate("Automatically") +o.datatype = "ip4addr" +o.rmempty = true + +o = s:option(DynamicList, "routes", translate("Static Routes")) +o.placeholder = "192.168.10.0/24" +o.datatype = "ipmask4" +o.rmempty = true + +return m diff --git a/luci-app-pptp-server/luasrc/model/cbi/pptpd/users.lua b/luci-app-pptp-server/luasrc/model/cbi/pptpd/users.lua index a382232da..d11ba5853 100644 --- a/luci-app-pptp-server/luasrc/model/cbi/pptpd/users.lua +++ b/luci-app-pptp-server/luasrc/model/cbi/pptpd/users.lua @@ -1,3 +1,5 @@ +local d = require "luci.dispatcher" + m = Map("luci-app-pptp-server", translate("PPTP VPN Server")) m.description = translate("Simple, quick and convenient PPTP VPN, universal across the platform") @@ -5,20 +7,27 @@ s = m:section(TypedSection, "users", translate("Users Manager")) s.addremove = true s.anonymous = true s.template = "cbi/tblsection" +s.extedit = d.build_url("admin", "vpn", "pptpd", "user", "%s") +function s.create(e, t) + t = TypedSection.create(e, t) + luci.http.redirect(e.extedit:format(t)) +end o = s:option(Flag, "enabled", translate("Enabled")) +o.default = 1 o.rmempty = false -o = s:option(Value, "username", translate("User name")) -o.placeholder = translate("User name") -o.rmempty = true +o = s:option(Value, "username", translate("Username")) +o.placeholder = translate("Username") +o.rmempty = false o = s:option(Value, "password", translate("Password")) -o.rmempty = true +o.placeholder = translate("Password") +o.rmempty = false o = s:option(Value, "ipaddress", translate("IP address")) o.placeholder = translate("Automatically") -o.datatype = "ipaddr" +o.datatype = "ip4addr" o.rmempty = true return m diff --git a/luci-app-pptp-server/po/zh-cn/pptpd.po b/luci-app-pptp-server/po/zh-cn/pptpd.po index 23505b809..4ccdd9fd0 100644 --- a/luci-app-pptp-server/po/zh-cn/pptpd.po +++ b/luci-app-pptp-server/po/zh-cn/pptpd.po @@ -4,17 +4,14 @@ msgstr "PPTP VPN 服务器" msgid "Simple, quick and convenient PPTP VPN, universal across the platform" msgstr "简单快捷方便的PPTP VPN,全平台通用。" -msgid "PPTP VPN Server status" -msgstr "PPTP VPN 服务器运行状态" - msgid "Current Condition" msgstr "当前状态" msgid "General settings" msgstr "基本设置" -msgid "Enable VPN Server" -msgstr "启用 VPN 服务器" +msgid "Enabled" +msgstr "启用" msgid "Server IP" msgstr "服务器 IP 地址" @@ -28,34 +25,16 @@ msgstr "客户端 IP 地址" msgid "VPN Client IP address, it not required." msgstr "分配给客户端的 IP 地址范围,留空将自动设置。" -msgid "DNS IP address" -msgstr "DNS IP 地址" - -msgid "This will be sent to the client, it not required." -msgstr "设置 VPN 服务器默认 DNS 服务器,该设置非必须。" - msgid "Enable MPPE Encryption" msgstr "启用MPPE 加密" msgid "Allows 128-bit encrypted connection." msgstr "允许使用 128 位加密连接。" -msgid "is_nat" -msgstr "NAT转发" - -msgid "Interface" -msgstr "接口" - -msgid "Specify interface forwarding traffic." -msgstr "指定接口转发流量。" - msgid "Users Manager" msgstr "用户管理" -msgid "Enabled" -msgstr "启用" - -msgid "User name" +msgid "Username" msgstr "用户名" msgid "Password" diff --git a/luci-app-pptp-server/root/etc/init.d/luci-app-pptp-server b/luci-app-pptp-server/root/etc/init.d/luci-app-pptp-server index ee69ec089..2d7fad6e8 100755 --- a/luci-app-pptp-server/root/etc/init.d/luci-app-pptp-server +++ b/luci-app-pptp-server/root/etc/init.d/luci-app-pptp-server @@ -88,7 +88,9 @@ start() { local pptp_users=$(get_enabled_anonymous_secs "@users") [ -n "$pptp_users" ] && { for user in $pptp_users; do - eval $(uci -q show "${CONFIG}.${user}" | cut -d'.' -sf 3-) + for i in $(uci -q show "${CONFIG}.${user}" | cut -d '.' -sf 3- | cut -d '=' -sf 1); do + eval $i=\"$(uci -q get "${CONFIG}.${user}".$i)\" + done [ "$enabled" -eq 1 ] || return 0 [ -n "$username" ] || return 0 [ -n "$password" ] || return 0 diff --git a/luci-app-pptp-server/root/usr/share/pptpd/ip-down b/luci-app-pptp-server/root/usr/share/pptpd/ip-down index 52af53f99..cc65dae9d 100755 --- a/luci-app-pptp-server/root/usr/share/pptpd/ip-down +++ b/luci-app-pptp-server/root/usr/share/pptpd/ip-down @@ -1,6 +1,9 @@ #!/bin/sh _LOGOUT_TIME="$(date "+%Y-%m-%d %H:%M:%S")" +CONFIG="luci-app-pptp-server" +PPTP_PATH=/var/etc/pptpd +PPTP_SESSION_PATH=${PPTP_PATH}/session _USERNAME=${PEERNAME} _IFACE=${1} @@ -13,7 +16,7 @@ _BYTES_SENT=${BYTES_SENT} _BYTES_RCVD=${BYTES_RCVD} _CONNECT_TIME=${CONNECT_TIME} -rm -f /var/etc/pptpd/session/${_USERNAME}.${_IFACE} +rm -f ${PPTP_SESSION_PATH}/${_USERNAME}.${_IFACE} rm -f /var/run/${_IFACE}.pid #可根据退出的账号自定义脚本,如静态路由表,组网等。 diff --git a/luci-app-pptp-server/root/usr/share/pptpd/ip-up b/luci-app-pptp-server/root/usr/share/pptpd/ip-up index cb71eba4a..be277dd2d 100755 --- a/luci-app-pptp-server/root/usr/share/pptpd/ip-up +++ b/luci-app-pptp-server/root/usr/share/pptpd/ip-up @@ -1,6 +1,9 @@ #!/bin/sh _LOGIN_TIME="$(date "+%Y-%m-%d %H:%M:%S")" +CONFIG="luci-app-pptp-server" +PPTP_PATH=/var/etc/pptpd +PPTP_SESSION_PATH=${PPTP_PATH}/session _USERNAME=${PEERNAME} _IFACE=${1} @@ -12,9 +15,9 @@ _REMOTEIP=${6} _PID="$(cat /var/run/${_IFACE}.pid 2>/dev/null)" -mkdir -p /var/etc/pptpd/session +mkdir -p ${PPTP_SESSION_PATH} -cat <<-EOF > /var/etc/pptpd/session/${_USERNAME}.${_IFACE} +cat <<-EOF > ${PPTP_SESSION_PATH}/${_USERNAME}.${_IFACE} { "username": "${_USERNAME}", "interface": "${_IFACE}", @@ -27,24 +30,27 @@ cat <<-EOF > /var/etc/pptpd/session/${_USERNAME}.${_IFACE} } EOF -#如果给用户绑定了IP地址,仅只能单用户。 -cfgid=$(uci show luci-app-pptp-server | grep "\.username='${_USERNAME}'" | cut -d '.' -sf 2) +#只能单用户使用 +cfgid=$(uci show ${CONFIG} | grep "@users" | grep "\.username='${_USERNAME}'" | cut -d '.' -sf 2) [ -n "$cfgid" ] && { - ip=$(uci -q get luci-app-pptp-server.${cfgid}.ipaddress) - [ -n "$ip" ] && { - HAS_LOGIN=$(ls /var/etc/pptpd/session | grep "^${_USERNAME}\.ppp" | grep -v "${_IFACE}") - [ -n "$HAS_LOGIN" ] && { - #踢出之前的用户 - KO_IFACE=$(echo $HAS_LOGIN | awk -F '.' '{print $2}') - KO_PID=$(cat /var/run/${KO_IFACE}.pid 2>/dev/null) - [ -n "$KO_PID" ] && kill -9 ${KO_PID} >/dev/null 2>&1 - rm -f /var/etc/pptpd/session/${HAS_LOGIN} - rm -f /var/run/${KO_IFACE}.pid - } + HAS_LOGIN=$(ls ${PPTP_SESSION_PATH} | grep "^${_USERNAME}\.ppp" | grep -v "${_IFACE}") + [ -n "$HAS_LOGIN" ] && { + #踢出之前的用户 + KO_IFACE=$(echo $HAS_LOGIN | awk -F '.' '{print $2}') + KO_PID=$(cat /var/run/${KO_IFACE}.pid 2>/dev/null) + [ -n "$KO_PID" ] && kill -9 ${KO_PID} >/dev/null 2>&1 + rm -f ${PPTP_SESSION_PATH}/${HAS_LOGIN} + rm -f /var/run/${KO_IFACE}.pid + } + routes=$(uci -q get ${CONFIG}.${cfgid}.routes) + [ -n "$routes" ] && { + for router in ${routes}; do + route add -net ${router} dev ${_IFACE} >/dev/null 2>&1 + done } } -#可根据登录的账号自定义脚本,如静态路由表,组网等。 +#可根据登录的账号自定义脚本,如组网、日志、限速、权限等特殊待遇。 SCRIPT="/usr/share/pptpd/ip-up.d/${_USERNAME}" [ -s "$SCRIPT" ] && { [ ! -x "$SCRIPT" ] && chmod 0755 "$SCRIPT"