up luci-app-pptpserver

luci-app-pptpserver/Makefile

@@ -1,4 +1,4 @@
-# Copyright (C) 2018-2020 Lienol <lawlienol@gmail.com>
+# Copyright (C) 2018-2021 Lienol <lawlienol@gmail.com>
 #
 # This is free software, licensed under the Apache License, Version 2.0 .
 #
@@ -6,10 +6,10 @@
 include $(TOPDIR)/rules.mk
 
 LUCI_TITLE:=LuCI support for PPTP VPN Server
-LUCI_DEPENDS:=+pptpd +kmod-mppe +ppp
+LUCI_DEPENDS:=+pptpd +kmod-mppe +ppp +luci-lib-jsonc
 LUCI_PKGARCH:=all
-PKG_VERSION:=1
+PKG_VERSION:=20211223
-PKG_RELEASE:=5-20200608
+PKG_RELEASE:=1
 
 include $(TOPDIR)/feeds/luci/luci.mk
 

luci-app-pptpserver/luasrc/controller/pptpd.lua

@@ -5,14 +5,11 @@ function index()
     if not nixio.fs.access("/etc/config/luci-app-pptpserver") then return end
 
     entry({"admin", "vpn"}, firstchild(), "VPN", 45).dependent = false
-    entry({"admin", "vpn", "pptpd"}, alias("admin", "vpn", "pptpd", "settings"),
+    entry({"admin", "vpn", "pptpd"}, alias("admin", "vpn", "pptpd", "settings"), _("PPTP VPN Server"), 48)
-          _("PPTP VPN Server"), 48)
+    entry({"admin", "vpn", "pptpd", "settings"}, cbi("pptpd/settings"), _("General Settings"), 10).leaf = true
-    entry({"admin", "vpn", "pptpd", "settings"}, cbi("pptpd/settings"),
+    entry({"admin", "vpn", "pptpd", "users"}, cbi("pptpd/users"),  _("Users Manager"), 20).leaf = true
-          _("General Settings"), 10).leaf = true
+    entry({"admin", "vpn", "pptpd", "user"}, cbi("pptpd/user")).leaf = true
-    entry({"admin", "vpn", "pptpd", "users"}, cbi("pptpd/users"),
+    entry({"admin", "vpn", "pptpd", "online"}, cbi("pptpd/online"), _("Online Users"), 30).leaf = true
-          _("Users Manager"), 20).leaf = true
-    entry({"admin", "vpn", "pptpd", "online"}, cbi("pptpd/online"),
-          _("Online Users"), 30).leaf = true
     entry({"admin", "vpn", "pptpd", "status"}, call("status")).leaf = true
 end
 

luci-app-pptpserver/luasrc/model/cbi/pptpd/online.lua

@@ -1,78 +1,84 @@
-local e = {}
 local o = require "luci.dispatcher"
-local a = luci.util.execi("/bin/busybox top -bn1 | grep '/usr/sbin/pppd'")
+local fs = require "nixio.fs"
-for t in a do
+local jsonc = require "luci.jsonc"
-    local a, n, h, s, o, i = t:match("^ *(%d+) +(%d+) +.+options%.pptpd +(%d+) +(%S.-%S)%:(%S.-%S) +.+ +(.+)")
+
-    local t = tonumber(a)
+local sessions = {}
-    if t then
+local session_path = "/var/etc/pptpd/session"
-        e["%02i.%s" % {t, "online"}] = {
+if fs.access(session_path) then
-            ['PID'] = a,
+    for filename in fs.dir(session_path) do
-            ['PPID'] = n,
+        local session_file = session_path .. "/" .. filename
-            ['SPEED'] = h,
+        local file = io.open(session_file, "r")
-            ['GATEWAY'] = s,
+        local t = jsonc.parse(file:read("*a"))
-            ['VIP'] = o,
+        if t then
-            ['CIP'] = i,
+            t.session_file = session_file
-            ['BLACKLIST'] = 0
+            sessions[#sessions + 1] = t
-        }
+        end
+        file:close()
     end
 end
-local a = luci.util.execi("sed = /etc/firewall.user | sed 'N;s/\\n/:/'")
+
-for t in a do
+local blacklist = {}
-    local t, a = t:match("^ *(%d+)%:.+%#%# pptpd%-blacklist%-(.+)")
+local firewall_user_path = "/etc/firewall.user"
-    local t = tonumber(t)
+if fs.access(firewall_user_path) then
-    if t then
+    for line in io.lines(firewall_user_path) do
-        e["%02i.%s" % {t, "blacklist"}] =
+        local m = line:match('pptpd%-blacklist%-([^\n]+)')
-            {
+        if m then
-                ['PID'] = "-1",
+            local t = {}
-                ['PPID'] = "-1",
+            t.ip = m
-                ['SPEED'] = "-1",
+            blacklist[#blacklist + 1] = t
-                ['GATEWAY'] = "-",
+        end
-                ['VIP'] = "-",
-                ['CIP'] = a,
-                ['BLACKLIST'] = 1
-            }
     end
 end
+
 f = SimpleForm("processes", translate("PPTP VPN Server"))
 f.reset = false
 f.submit = false
 f.description = translate("Simple, quick and convenient PPTP VPN, universal across the platform")
-t = f:section(Table, e, translate("Online Users"))
+
-t:option(DummyValue, "GATEWAY", translate("Server IP"))
+t = f:section(Table, sessions, translate("Online Users"))
-t:option(DummyValue, "VIP", translate("Client IP"))
+t:option(DummyValue, "username", translate("Username"))
-t:option(DummyValue, "CIP", translate("IP address"))
+t:option(DummyValue, "interface", translate("Interface"))
-blacklist = t:option(Button, "_blacklist", translate("Blacklist"))
+t:option(DummyValue, "ip", translate("Client IP"))
-function blacklist.render(e, t, a)
+t:option(DummyValue, "remote_ip", translate("IP address"))
-    if e.map:get(t, "BLACKLIST") == 0 then
+t:option(DummyValue, "login_time", translate("Login Time"))
-        e.title = translate("Add to Blacklist")
+
-        e.inputstyle = "remove"
+_blacklist = t:option(Button, "_blacklist", translate("Blacklist"))
-    else
+function _blacklist.render(e, t, a)
-        e.title = translate("Remove from Blacklist")
+    e.title = translate("Add to Blacklist")
-        e.inputstyle = "apply"
+    e.inputstyle = "remove"
-    end
     Button.render(e, t, a)
 end
-function blacklist.write(t, a)
+function _blacklist.write(t, s)
-    local e = t.map:get(a, "CIP")
+    local e = t.map:get(s, "remote_ip")
-    if t.map:get(a, "BLACKLIST") == 0 then
+    luci.util.execi("echo 'iptables -I INPUT -s %s -p tcp --dport 1723 -j DROP ## pptpd-blacklist-%s' >> /etc/firewall.user" % {e, e})
-        luci.util.execi(
+    luci.util.execi("iptables -I INPUT -s %s -p tcp --dport 1723 -j DROP" % {e})
-            "echo 'iptables -A input_rule -s %s -p tcp --dport 1723 -j DROP ## pptpd-blacklist-%s' >> /etc/firewall.user" %
+    luci.util.execi("rm -f " .. t.map:get(s, "session_file"))
-                {e, e})
+    null, t.tag_error[s] = luci.sys.process.signal(t.map:get(s, "pid"), 9)
-        luci.util.execi(
-            "iptables -A input_rule -s %s -p tcp --dport 1723 -j DROP" % {e})
-        null, t.tag_error[a] = luci.sys.process.signal(t.map:get(a, "PID"), 9)
-    else
-        luci.util.execi(
-            "sed -i -e '/## pptpd-blacklist-%s/d' /etc/firewall.user" % {e})
-        luci.util.execi(
-            "iptables -D input_rule -s %s -p tcp --dport 1723 -j DROP" % {e})
-    end
     luci.http.redirect(o.build_url("admin/vpn/pptpd/online"))
 end
-kill = t:option(Button, "_kill", translate("Forced offline"))
+
-kill.inputstyle = "reset"
+_kill = t:option(Button, "_kill", translate("Forced offline"))
-function kill.write(e, t)
+_kill.inputstyle = "reset"
-    null, e.tag_error[t] = luci.sys.process.signal(e.map:get(t, "PID"), 9)
+function _kill.write(t, s)
+    luci.util.execi("rm -f " .. t.map:get(s, "session_file"))
+    null, t.tag_error[t] = luci.sys.process.signal(t.map:get(s, "pid"), 9)
     luci.http.redirect(o.build_url("admin/vpn/pptpd/online"))
 end
+
+t = f:section(Table, blacklist, translate("Blacklist"))
+t:option(DummyValue, "ip", translate("IP address"))
+
+_blacklist2 = t:option(Button, "_blacklist2", translate("Blacklist"))
+function _blacklist2.render(e, t, a)
+    e.title = translate("Remove from Blacklist")
+    e.inputstyle = "apply"
+    Button.render(e, t, a)
+end
+function _blacklist2.write(t, s)
+    local e = t.map:get(s, "ip")
+    luci.util.execi("sed -i -e '/## pptpd-blacklist-%s/d' /etc/firewall.user" % {e})
+    luci.util.execi("iptables -D INPUT -s %s -p tcp --dport 1723 -j DROP" % {e})
+    luci.http.redirect(o.build_url("admin/vpn/pptpd/online"))
+end
+
 return f

luci-app-pptpserver/luasrc/model/cbi/pptpd/settings.lua

@@ -13,7 +13,7 @@ o = s:option(DummyValue, "pptpd_status", translate("Current Condition"))
 o.template = "pptpd/status"
 o.value = translate("Collecting data...")
 
-o = s:option(Flag, "enabled", translate("Enable VPN Server"))
+o = s:option(Flag, "enabled", translate("Enabled"))
 o.rmempty = false
 
 o = s:option(Value, "localip", translate("Server IP"), translate("VPN Server IP address, it not required."))

luci-app-pptpserver/luasrc/model/cbi/pptpd/user.lua

@@ -0,0 +1,32 @@
+local d = require "luci.dispatcher"
+
+m = Map("luci-app-pptpserver", translate("Users Manager"))
+m.redirect = d.build_url("admin", "vpn", "pptpd", "users")
+
+s = m:section(NamedSection, arg[1], "users", "")
+s.addremove = false
+s.anonymous = true
+
+o = s:option(Flag, "enabled", translate("Enabled"))
+o.default = 1
+o.rmempty = false
+
+o = s:option(Value, "username", translate("Username"))
+o.placeholder = translate("Username")
+o.rmempty = false
+
+o = s:option(Value, "password", translate("Password"))
+o.placeholder = translate("Password")
+o.rmempty = false
+
+o = s:option(Value, "ipaddress", translate("IP address"))
+o.placeholder = translate("Automatically")
+o.datatype = "ip4addr"
+o.rmempty = true
+
+o = s:option(DynamicList, "routes", translate("Static Routes"))
+o.placeholder = "192.168.10.0/24"
+o.datatype = "ipmask4"
+o.rmempty = true
+
+return m

luci-app-pptpserver/luasrc/model/cbi/pptpd/users.lua

@@ -1,3 +1,4 @@
+local d = require "luci.dispatcher"
 m = Map("luci-app-pptpserver", translate("PPTP VPN Server"))
 m.description = translate("Simple, quick and convenient PPTP VPN, universal across the platform")
 
@@ -5,20 +6,27 @@ s = m:section(TypedSection, "users", translate("Users Manager"))
 s.addremove = true
 s.anonymous = true
 s.template = "cbi/tblsection"
+s.extedit = d.build_url("admin", "vpn", "pptpd", "user", "%s")
+function s.create(e, t)
+    t = TypedSection.create(e, t)
+    luci.http.redirect(e.extedit:format(t))
+end
 
 o = s:option(Flag, "enabled", translate("Enabled"))
+o.default = 1
 o.rmempty = false
 
-o = s:option(Value, "username", translate("User name"))
+o = s:option(Value, "username", translate("Username"))
-o.placeholder = translate("User name")
+o.placeholder = translate("Username")
-o.rmempty = true
+o.rmempty = false
 
 o = s:option(Value, "password", translate("Password"))
-o.rmempty = true
+o.placeholder = translate("Password")
+o.rmempty = false
 
 o = s:option(Value, "ipaddress", translate("IP address"))
 o.placeholder = translate("Automatically")
-o.datatype = "ipaddr"
+o.datatype = "ip4addr"
 o.rmempty = true
 
 return m

luci-app-pptpserver/po/zh-cn/pptpd.po

@@ -4,17 +4,14 @@ msgstr "PPTP VPN 服务器"
 msgid "Simple, quick and convenient PPTP VPN, universal across the platform"
 msgstr "简单快捷方便的PPTP VPN，全平台通用。"
 
-msgid "PPTP VPN Server status"
-msgstr "PPTP VPN 服务器运行状态"
-
 msgid "Current Condition"
 msgstr "当前状态"
 
 msgid "General settings"
 msgstr "基本设置"
 
-msgid "Enable VPN Server"
+msgid "Enabled"
-msgstr "启用 VPN 服务器"
+msgstr "启用"
 
 msgid "Server IP"
 msgstr "服务器 IP 地址"
@@ -28,34 +25,16 @@ msgstr "客户端 IP 地址"
 msgid "VPN Client IP address, it not required."
 msgstr "分配给客户端的 IP 地址范围，留空将自动设置。"
 
-msgid "DNS IP address"
-msgstr "DNS IP 地址"
-
-msgid "This will be sent to the client, it not required."
-msgstr "设置 VPN 服务器默认 DNS 服务器，该设置非必须。"
-
 msgid "Enable MPPE Encryption"
 msgstr "启用MPPE 加密"
 
 msgid "Allows 128-bit encrypted connection."
 msgstr "允许使用 128 位加密连接。"
 
-msgid "is_nat"
-msgstr "NAT转发"
-
-msgid "Interface"
-msgstr "接口"
-
-msgid "Specify interface forwarding traffic."
-msgstr "指定接口转发流量。"
-
 msgid "Users Manager"
 msgstr "用户管理"
 
-msgid "Enabled"
+msgid "Username"
-msgstr "启用"
-
-msgid "User name"
 msgstr "用户名"
 
 msgid "Password"
@@ -67,9 +46,12 @@ msgstr "IP 地址"
 msgid "Automatically"
 msgstr "自动分配"
 
-msgid "Online Users""
+msgid "Online Users"
 msgstr "在线用户"
 
+msgid "Login Time"
+msgstr "登录时间"
+
 msgid "Blacklist"
 msgstr "黑名单"
 

luci-app-pptpserver/root/etc/config/luci-app-pptpserver

@@ -5,8 +5,3 @@ config service 'pptpd'
 	option remoteip '192.168.2.10-20'
 	option enabled '0'
 
-config users
-	option enabled '1'
-	option username 'guest'
-	option password '123456'
-

luci-app-pptpserver/root/etc/init.d/luci-app-pptpserver

@@ -1,59 +1,51 @@
 #!/bin/sh /etc/rc.common
 
 START=99
-CONFIG=luci-app-pptpserver
+CONFIG="luci-app-pptpserver"
-CONFIG_FILE=/var/etc/$CONFIG.conf
+PPTP_PATH=/var/etc/pptpd
-RUN_D=/var/run
+PPTP_CONFIG_FILE=${PPTP_PATH}/pptpd.conf
-CHAP_SECRETS=/var/etc/chap-secrets
+PPTP_OPTIONS_FILE=${PPTP_PATH}/options.pptpd
-SERVER_NAME="pptp-server"
+CHAP_SECRETS=/etc/ppp/chap-secrets
-TEMP=/tmp/pptpd.tmp
 
-add_rule() {
+localip=$(uci -q get ${CONFIG}.@service[0].localip)
-	iptables -t nat -I POSTROUTING -s ${localip%.*}.0/24 -m comment --comment "PPTP VPN Server" -j MASQUERADE
+[ -z "${localip}" ] && localip="172.16.100.1"
-	iptables -I forwarding_rule -s ${localip%.*}.0/24 -m comment --comment "PPTP VPN Server" -j ACCEPT
+
-	iptables -I INPUT -p tcp --dport 1723 -m comment --comment "PPTP VPN Server" -j ACCEPT 2>/dev/null
+ipt_flag="PPTP VPN Server"
+
+get_enabled_anonymous_secs() {
+	uci -q show "${CONFIG}" | grep "${1}\[.*\.enabled='1'" | cut -d '.' -sf2
 }
 
-del_rule() {
+ipt_rule() {
-	iptables -D INPUT -p tcp --dport 1723 -m comment --comment "PPTP VPN Server" -j ACCEPT 2> /dev/null
+	if [ "$1" = "add" ]; then
-	pptp_nums=$(iptables -t nat -n -L POSTROUTING 2>/dev/null | grep -c "PPTP VPN Server")
+		iptables -t nat -I POSTROUTING -s ${localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j MASQUERADE 2>/dev/null
-	if [ -n "$pptp_nums" ]; then
+		iptables -I forwarding_rule -s ${localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null
-		until [ "$pptp_nums" = 0 ]
+		iptables -I INPUT -p tcp --dport 1723 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null
-		do
+		iptables -t mangle -I OUTPUT -p tcp --sport 1723 -m comment --comment "${ipt_flag}" -j RETURN 2>/dev/null
-			pptp_rules=$(iptables -t nat -n -L POSTROUTING --line-num 2>/dev/null | grep "PPTP VPN Server" | awk '{print $1}')
+	else
-			for pptp_rule in $pptp_rules
+		ipt_del() {
-			do
+			for i in $(seq 1 $($1 -nL $2 | grep -c "${ipt_flag}")); do
-				iptables -t nat -D POSTROUTING $pptp_rule 2> /dev/null
+				local index=$($1 --line-number -nL $2 | grep "${ipt_flag}" | head -1 | awk '{print $1}')
-				break
+				$1 -w -D $2 $index 2>/dev/null
 			done
-			pptp_nums=$(expr $pptp_nums - 1)
+		}
-		done
+		ipt_del "iptables" "forwarding_rule"
-	fi
+		ipt_del "iptables" "INPUT"
-	nums=$(iptables -n -L forwarding_rule 2>/dev/null | grep -c "PPTP VPN Server")
+		ipt_del "iptables -t nat" "POSTROUTING"
-	if [ -n "$nums" ]; then
+		ipt_del "iptables -t mangle" "OUTPUT"
-		until [ "$nums" = 0 ]
-		do
-			rules=$(iptables -n -L forwarding_rule --line-num 2>/dev/null | grep "PPTP VPN Server" | awk '{print $1}')
-			for rule in $rules
-			do
-				iptables -D forwarding_rule $rule 2> /dev/null
-				break
-			done
-			nums=$(expr $nums - 1)
-		done
 	fi
 }
 
 gen_include() {
-	echo '#!/bin/sh' > /var/etc/$CONFIG.include
+	echo '#!/bin/sh' > /var/etc/${CONFIG}.include
 	extract_rules() {
 		echo "*$1"
-		iptables-save -t $1 | grep "PPTP VPN Server" | \
+		iptables-save -t $1 | grep "${ipt_flag}" | \
 		sed -e "s/^-A \(INPUT\)/-I \1 1/"
 		echo 'COMMIT'
 	}
-	cat <<-EOF >> /var/etc/$CONFIG.include
+	cat <<-EOF >> /var/etc/${CONFIG}.include
-		iptables-save -c | grep -v "PPTP VPN Server" | iptables-restore -c
+		iptables-save -c | grep -v "${ipt_flag}" | iptables-restore -c
 		iptables-restore -n <<-EOT
 		$(extract_rules filter)
 		$(extract_rules nat)
@@ -62,76 +54,72 @@ gen_include() {
 	return 0
 }
 
-setup_login() {
-	config_get enabled $1 enabled
-	[ "$enabled" -eq 0 ] && return 0
-	config_get ipaddress $1 ipaddress
-	[ -n "$ipaddress" ] || local ipaddress="*"
-	config_get username $1 username
-	config_get password $1 password
-	[ -n "$username" ] || return 0
-	[ -n "$password" ] || return 0
-	echo "$username $SERVER_NAME $password $ipaddress" >> $CHAP_SECRETS
-}
-
-setup_config() {
-	config_get enabled $1 enabled
-	[ "$enabled" -eq 0 ] && return 1
-
-	mkdir -p /var/etc
-	cp /etc/pptpd.conf $CONFIG_FILE
-	
-	config_get localip $1 localip
-	config_get remoteip $1 remoteip
-	[ -z "$localip" ] && localip="172.16.100.1"
-	[ -z "$remoteip" ] && remoteip="172.16.100.10-20"
-	[ -n "$localip" ] && echo "localip  $localip" >> $CONFIG_FILE
-	[ -n "$remoteip" ] && echo "remoteip  $remoteip" >> $CONFIG_FILE
-	echo "option /etc/ppp/options.pptpd" >> $CONFIG_FILE
-	
-	sed -i '/mppe/d' /etc/ppp/options.pptpd
-	config_get mppe $1 mppe
-	[ -n "$mppe" ] && [ "$mppe" -eq 1 ] && echo "mppe required,no40,no56,stateless" >> /etc/ppp/options.pptpd
-	
-	sed -i '/ms-dns/d' /etc/ppp/options.pptpd
-	config_get dns $1 dns
-	[ -z "$dns" ] && dns="8.8.4.4"
-	echo "ms-dns $dns">>/etc/ppp/options.pptpd
-	
-	return 0
-}
-
-start_pptpd() {
-	mkdir -p $RUN_D
-	for m in arc4 sha1_generic slhc crc-ccitt ppp_generic ppp_async ppp_mppe; do
-		insmod $m >/dev/null 2>&1
-	done
-	ln -sfn $CHAP_SECRETS /etc/ppp/chap-secrets
-	chmod 600 /etc/ppp/*-secrets
-	/usr/sbin/pptpd -c $CONFIG_FILE
-}
-
-del_user()
-{
-	cat $CHAP_SECRETS | grep -v $SERVER_NAME > $TEMP
-	cat $TEMP > $CHAP_SECRETS
-	rm -rf $TEMP
-}
-
 start() {
-	config_load $CONFIG
+	local enabled=$(uci -q get ${CONFIG}.@service[0].enabled)
-	setup_config "pptpd" || return
+	[ "${enabled}" -eq 1 ] || return 1
-	del_user
+	touch ${CHAP_SECRETS}
-	add_rule
+	mkdir -p ${PPTP_PATH}
-	config_foreach setup_login users
+	
-	start_pptpd
+	cp /etc/ppp/options.pptpd ${PPTP_OPTIONS_FILE}
+	sed -i '/mppe/d' ${PPTP_OPTIONS_FILE} 2>/dev/null
+	sed -i '/ms-dns/d' ${PPTP_OPTIONS_FILE} 2>/dev/null
+	sed -i '/name/d' ${PPTP_OPTIONS_FILE} 2>/dev/null
+	echo "name pptp-server">> ${PPTP_OPTIONS_FILE}
+	
+	local mppe=$(uci -q get ${CONFIG}.@service[0].mppe)
+	[ -n "${mppe}" ] && [ "${mppe}" -eq 1 ] && echo "mppe required,no40,no56,stateless" >> ${PPTP_OPTIONS_FILE}
+	
+	echo "ms-dns ${localip}">> ${PPTP_OPTIONS_FILE}
+	
+	cp /etc/pptpd.conf ${PPTP_CONFIG_FILE}
+	sed -i '/localip/d' ${PPTP_CONFIG_FILE} 2>/dev/null
+	sed -i '/remoteip/d' ${PPTP_CONFIG_FILE} 2>/dev/null
+	sed -i '/option/d' ${PPTP_CONFIG_FILE} 2>/dev/null
+	sed -i '/name/d' ${PPTP_CONFIG_FILE} 2>/dev/null
+	echo "name pptp-server">> ${PPTP_CONFIG_FILE}
+	
+	local remoteip=$(uci -q get ${CONFIG}.@service[0].remoteip)
+	[ -z "${remoteip}" ] && remoteip="172.16.100.10-20"
+	
+	echo "localip ${localip}" >> ${PPTP_CONFIG_FILE}
+	echo "remoteip ${remoteip}" >> ${PPTP_CONFIG_FILE}
+	echo "option ${PPTP_OPTIONS_FILE}" >> ${PPTP_CONFIG_FILE}
+	
+	local _users=$(get_enabled_anonymous_secs "@users")
+	[ -n "${_users}" ] && {
+		for _user in ${_users}; do
+			local u_enabled=$(uci -q get ${CONFIG}.${_user}.enabled)
+			[ "${u_enabled}" -eq 1 ] || continue
+			
+			local u_username=$(uci -q get ${CONFIG}.${_user}.username)
+			[ -n "${u_username}" ] || continue
+			
+			local u_password=$(uci -q get ${CONFIG}.${_user}.password)
+			[ -n "${u_password}" ] || continue
+			
+			local u_ipaddress=$(uci -q get ${CONFIG}.${_user}.ipaddress)
+			[ -n "${u_ipaddress}" ] || u_ipaddress="*"
+			
+			echo "${u_username} pptp-server ${u_password} ${u_ipaddress}" >> ${CHAP_SECRETS}
+		done
+	}
+	
+	echo "ip-up-script /usr/share/pptpd/ip-up" >> ${PPTP_OPTIONS_FILE}
+	echo "ip-down-script /usr/share/pptpd/ip-down" >> ${PPTP_OPTIONS_FILE}
+	
+	for m in arc4 sha1_generic slhc crc-ccitt ppp_generic ppp_async ppp_mppe; do
+		insmod ${m} >/dev/null 2>&1
+	done
+	/usr/sbin/pptpd -c ${PPTP_CONFIG_FILE}
+	
+	ipt_rule add
 	gen_include
 }
 
 stop() {
-	ps -w | grep "$CONFIG_FILE" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
+	sed -i '/pptp-server/d' ${CHAP_SECRETS} 2>/dev/null
-	ps -w | grep "pppd local" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
+	top -bn1 | grep "${PPTP_PATH}" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
-	del_user
+	ipt_rule del
-	del_rule
+	rm -rf /var/etc/${CONFIG}.include
-	rm -rf /var/etc/$CONFIG.include
+	rm -rf ${PPTP_PATH}
 }

luci-app-pptpserver/root/etc/uci-defaults/luci-app-pptpserver

@@ -15,5 +15,7 @@ uci -q batch <<-EOF >/dev/null
 	commit ucitrack
 EOF
 
+/etc/init.d/pptpd disable 2>/dev/null
+/etc/init.d/pptpd stop 2>/dev/null
 rm -rf /tmp/luci-*cache
 exit 0

luci-app-pptpserver/root/usr/share/pptpd/ip-down

@@ -0,0 +1,27 @@
+#!/bin/sh
+
+_LOGOUT_TIME="$(date "+%Y-%m-%d %H:%M:%S")"
+CONFIG="luci-app-pptpserver"
+PPTP_PATH=/var/etc/pptpd
+PPTP_SESSION_PATH=${PPTP_PATH}/session
+
+_USERNAME=${PEERNAME}
+_IFACE=${1}
+_TTY=${2}
+_SPEED=${3}
+_LOCALIP=${4}
+_PEERIP=${5}
+_REMOTEIP=${6}
+_BYTES_SENT=${BYTES_SENT}
+_BYTES_RCVD=${BYTES_RCVD}
+_CONNECT_TIME=${CONNECT_TIME}
+
+rm -f ${PPTP_SESSION_PATH}/${_USERNAME}.${_IFACE}
+rm -f /var/run/${_IFACE}.pid
+
+#可根据退出的账号自定义脚本，如静态路由表，组网等。
+SCRIPT="/usr/share/pptpd/ip-down.d/${_USERNAME}"
+[ -s "$SCRIPT" ] && {
+	[ ! -x "$SCRIPT" ] && chmod 0755 "$SCRIPT"
+	"$SCRIPT" "$@"
+}

luci-app-pptpserver/root/usr/share/pptpd/ip-up

@@ -0,0 +1,58 @@
+#!/bin/sh
+
+_LOGIN_TIME="$(date "+%Y-%m-%d %H:%M:%S")"
+CONFIG="luci-app-pptpserver"
+PPTP_PATH=/var/etc/pptpd
+PPTP_SESSION_PATH=${PPTP_PATH}/session
+
+_USERNAME=${PEERNAME}
+_IFACE=${1}
+_TTY=${2}
+_SPEED=${3}
+_LOCALIP=${4}
+_PEERIP=${5}
+_REMOTEIP=${6}
+
+_PID="$(cat /var/run/${_IFACE}.pid 2>/dev/null)"
+
+mkdir -p ${PPTP_SESSION_PATH}
+
+cat <<-EOF > ${PPTP_SESSION_PATH}/${_USERNAME}.${_IFACE}
+	{
+	    "username": "${_USERNAME}",
+	    "interface": "${_IFACE}",
+	    "tty": "${_TTY}",
+	    "speed": "${_SPEED}",
+	    "ip": "${_PEERIP}",
+	    "remote_ip": "${_REMOTEIP}",
+	    "pid": "${_PID}",
+	    "login_time": "${_LOGIN_TIME}"
+	}
+EOF
+
+#只能单用户使用
+cfgid=$(uci show ${CONFIG} | grep "@users" | grep "\.username='${_USERNAME}'" | cut -d '.' -sf 2)
+[ -n "$cfgid" ] && {
+	HAS_LOGIN=$(ls ${PPTP_SESSION_PATH} | grep "^${_USERNAME}\.ppp" | grep -v "${_IFACE}")
+	[ -n "$HAS_LOGIN" ] && {
+		#踢出之前的用户
+		KO_IFACE=$(echo $HAS_LOGIN | awk -F '.' '{print $2}')
+		KO_PID=$(cat /var/run/${KO_IFACE}.pid 2>/dev/null)
+		[ -n "$KO_PID" ] && kill -9 ${KO_PID} >/dev/null 2>&1
+		rm -f ${PPTP_SESSION_PATH}/${HAS_LOGIN}
+		rm -f /var/run/${KO_IFACE}.pid
+	}
+	routes=$(uci -q get ${CONFIG}.${cfgid}.routes)
+	[ -n "$routes" ] && {
+		for router in ${routes}; do
+			route add -net ${router} dev ${_IFACE} >/dev/null 2>&1
+		done
+	}
+}
+
+#可根据登录的账号自定义脚本，如组网、日志、限速、权限等特殊待遇。
+SCRIPT="/usr/share/pptpd/ip-up.d/${_USERNAME}"
+[ -s "$SCRIPT" ] && {
+	[ ! -x "$SCRIPT" ] && chmod 0755 "$SCRIPT"
+	"$SCRIPT" "$@"
+}