up luci-app-pptpserver

This commit is contained in:
SirPdboy 2022-09-06 15:21:57 +08:00 committed by GitHub
parent 8bc8c6aa86
commit 2869b2624c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 312 additions and 217 deletions

View File

@ -1,4 +1,4 @@
# Copyright (C) 2018-2020 Lienol <lawlienol@gmail.com>
# Copyright (C) 2018-2021 Lienol <lawlienol@gmail.com>
#
# This is free software, licensed under the Apache License, Version 2.0 .
#
@ -6,10 +6,10 @@
include $(TOPDIR)/rules.mk
LUCI_TITLE:=LuCI support for PPTP VPN Server
LUCI_DEPENDS:=+pptpd +kmod-mppe +ppp
LUCI_DEPENDS:=+pptpd +kmod-mppe +ppp +luci-lib-jsonc
LUCI_PKGARCH:=all
PKG_VERSION:=1
PKG_RELEASE:=5-20200608
PKG_VERSION:=20211223
PKG_RELEASE:=1
include $(TOPDIR)/feeds/luci/luci.mk

View File

@ -5,14 +5,11 @@ function index()
if not nixio.fs.access("/etc/config/luci-app-pptpserver") then return end
entry({"admin", "vpn"}, firstchild(), "VPN", 45).dependent = false
entry({"admin", "vpn", "pptpd"}, alias("admin", "vpn", "pptpd", "settings"),
_("PPTP VPN Server"), 48)
entry({"admin", "vpn", "pptpd", "settings"}, cbi("pptpd/settings"),
_("General Settings"), 10).leaf = true
entry({"admin", "vpn", "pptpd", "users"}, cbi("pptpd/users"),
_("Users Manager"), 20).leaf = true
entry({"admin", "vpn", "pptpd", "online"}, cbi("pptpd/online"),
_("Online Users"), 30).leaf = true
entry({"admin", "vpn", "pptpd"}, alias("admin", "vpn", "pptpd", "settings"), _("PPTP VPN Server"), 48)
entry({"admin", "vpn", "pptpd", "settings"}, cbi("pptpd/settings"), _("General Settings"), 10).leaf = true
entry({"admin", "vpn", "pptpd", "users"}, cbi("pptpd/users"), _("Users Manager"), 20).leaf = true
entry({"admin", "vpn", "pptpd", "user"}, cbi("pptpd/user")).leaf = true
entry({"admin", "vpn", "pptpd", "online"}, cbi("pptpd/online"), _("Online Users"), 30).leaf = true
entry({"admin", "vpn", "pptpd", "status"}, call("status")).leaf = true
end

View File

@ -1,78 +1,84 @@
local e = {}
local o = require "luci.dispatcher"
local a = luci.util.execi("/bin/busybox top -bn1 | grep '/usr/sbin/pppd'")
for t in a do
local a, n, h, s, o, i = t:match("^ *(%d+) +(%d+) +.+options%.pptpd +(%d+) +(%S.-%S)%:(%S.-%S) +.+ +(.+)")
local t = tonumber(a)
local fs = require "nixio.fs"
local jsonc = require "luci.jsonc"
local sessions = {}
local session_path = "/var/etc/pptpd/session"
if fs.access(session_path) then
for filename in fs.dir(session_path) do
local session_file = session_path .. "/" .. filename
local file = io.open(session_file, "r")
local t = jsonc.parse(file:read("*a"))
if t then
e["%02i.%s" % {t, "online"}] = {
['PID'] = a,
['PPID'] = n,
['SPEED'] = h,
['GATEWAY'] = s,
['VIP'] = o,
['CIP'] = i,
['BLACKLIST'] = 0
}
t.session_file = session_file
sessions[#sessions + 1] = t
end
file:close()
end
end
local a = luci.util.execi("sed = /etc/firewall.user | sed 'N;s/\\n/:/'")
for t in a do
local t, a = t:match("^ *(%d+)%:.+%#%# pptpd%-blacklist%-(.+)")
local t = tonumber(t)
if t then
e["%02i.%s" % {t, "blacklist"}] =
{
['PID'] = "-1",
['PPID'] = "-1",
['SPEED'] = "-1",
['GATEWAY'] = "-",
['VIP'] = "-",
['CIP'] = a,
['BLACKLIST'] = 1
}
local blacklist = {}
local firewall_user_path = "/etc/firewall.user"
if fs.access(firewall_user_path) then
for line in io.lines(firewall_user_path) do
local m = line:match('pptpd%-blacklist%-([^\n]+)')
if m then
local t = {}
t.ip = m
blacklist[#blacklist + 1] = t
end
end
end
f = SimpleForm("processes", translate("PPTP VPN Server"))
f.reset = false
f.submit = false
f.description = translate("Simple, quick and convenient PPTP VPN, universal across the platform")
t = f:section(Table, e, translate("Online Users"))
t:option(DummyValue, "GATEWAY", translate("Server IP"))
t:option(DummyValue, "VIP", translate("Client IP"))
t:option(DummyValue, "CIP", translate("IP address"))
blacklist = t:option(Button, "_blacklist", translate("Blacklist"))
function blacklist.render(e, t, a)
if e.map:get(t, "BLACKLIST") == 0 then
t = f:section(Table, sessions, translate("Online Users"))
t:option(DummyValue, "username", translate("Username"))
t:option(DummyValue, "interface", translate("Interface"))
t:option(DummyValue, "ip", translate("Client IP"))
t:option(DummyValue, "remote_ip", translate("IP address"))
t:option(DummyValue, "login_time", translate("Login Time"))
_blacklist = t:option(Button, "_blacklist", translate("Blacklist"))
function _blacklist.render(e, t, a)
e.title = translate("Add to Blacklist")
e.inputstyle = "remove"
else
e.title = translate("Remove from Blacklist")
e.inputstyle = "apply"
end
Button.render(e, t, a)
end
function blacklist.write(t, a)
local e = t.map:get(a, "CIP")
if t.map:get(a, "BLACKLIST") == 0 then
luci.util.execi(
"echo 'iptables -A input_rule -s %s -p tcp --dport 1723 -j DROP ## pptpd-blacklist-%s' >> /etc/firewall.user" %
{e, e})
luci.util.execi(
"iptables -A input_rule -s %s -p tcp --dport 1723 -j DROP" % {e})
null, t.tag_error[a] = luci.sys.process.signal(t.map:get(a, "PID"), 9)
else
luci.util.execi(
"sed -i -e '/## pptpd-blacklist-%s/d' /etc/firewall.user" % {e})
luci.util.execi(
"iptables -D input_rule -s %s -p tcp --dport 1723 -j DROP" % {e})
end
function _blacklist.write(t, s)
local e = t.map:get(s, "remote_ip")
luci.util.execi("echo 'iptables -I INPUT -s %s -p tcp --dport 1723 -j DROP ## pptpd-blacklist-%s' >> /etc/firewall.user" % {e, e})
luci.util.execi("iptables -I INPUT -s %s -p tcp --dport 1723 -j DROP" % {e})
luci.util.execi("rm -f " .. t.map:get(s, "session_file"))
null, t.tag_error[s] = luci.sys.process.signal(t.map:get(s, "pid"), 9)
luci.http.redirect(o.build_url("admin/vpn/pptpd/online"))
end
kill = t:option(Button, "_kill", translate("Forced offline"))
kill.inputstyle = "reset"
function kill.write(e, t)
null, e.tag_error[t] = luci.sys.process.signal(e.map:get(t, "PID"), 9)
_kill = t:option(Button, "_kill", translate("Forced offline"))
_kill.inputstyle = "reset"
function _kill.write(t, s)
luci.util.execi("rm -f " .. t.map:get(s, "session_file"))
null, t.tag_error[t] = luci.sys.process.signal(t.map:get(s, "pid"), 9)
luci.http.redirect(o.build_url("admin/vpn/pptpd/online"))
end
t = f:section(Table, blacklist, translate("Blacklist"))
t:option(DummyValue, "ip", translate("IP address"))
_blacklist2 = t:option(Button, "_blacklist2", translate("Blacklist"))
function _blacklist2.render(e, t, a)
e.title = translate("Remove from Blacklist")
e.inputstyle = "apply"
Button.render(e, t, a)
end
function _blacklist2.write(t, s)
local e = t.map:get(s, "ip")
luci.util.execi("sed -i -e '/## pptpd-blacklist-%s/d' /etc/firewall.user" % {e})
luci.util.execi("iptables -D INPUT -s %s -p tcp --dport 1723 -j DROP" % {e})
luci.http.redirect(o.build_url("admin/vpn/pptpd/online"))
end
return f

View File

@ -13,7 +13,7 @@ o = s:option(DummyValue, "pptpd_status", translate("Current Condition"))
o.template = "pptpd/status"
o.value = translate("Collecting data...")
o = s:option(Flag, "enabled", translate("Enable VPN Server"))
o = s:option(Flag, "enabled", translate("Enabled"))
o.rmempty = false
o = s:option(Value, "localip", translate("Server IP"), translate("VPN Server IP address, it not required."))

View File

@ -0,0 +1,32 @@
local d = require "luci.dispatcher"
m = Map("luci-app-pptpserver", translate("Users Manager"))
m.redirect = d.build_url("admin", "vpn", "pptpd", "users")
s = m:section(NamedSection, arg[1], "users", "")
s.addremove = false
s.anonymous = true
o = s:option(Flag, "enabled", translate("Enabled"))
o.default = 1
o.rmempty = false
o = s:option(Value, "username", translate("Username"))
o.placeholder = translate("Username")
o.rmempty = false
o = s:option(Value, "password", translate("Password"))
o.placeholder = translate("Password")
o.rmempty = false
o = s:option(Value, "ipaddress", translate("IP address"))
o.placeholder = translate("Automatically")
o.datatype = "ip4addr"
o.rmempty = true
o = s:option(DynamicList, "routes", translate("Static Routes"))
o.placeholder = "192.168.10.0/24"
o.datatype = "ipmask4"
o.rmempty = true
return m

View File

@ -1,3 +1,4 @@
local d = require "luci.dispatcher"
m = Map("luci-app-pptpserver", translate("PPTP VPN Server"))
m.description = translate("Simple, quick and convenient PPTP VPN, universal across the platform")
@ -5,20 +6,27 @@ s = m:section(TypedSection, "users", translate("Users Manager"))
s.addremove = true
s.anonymous = true
s.template = "cbi/tblsection"
s.extedit = d.build_url("admin", "vpn", "pptpd", "user", "%s")
function s.create(e, t)
t = TypedSection.create(e, t)
luci.http.redirect(e.extedit:format(t))
end
o = s:option(Flag, "enabled", translate("Enabled"))
o.default = 1
o.rmempty = false
o = s:option(Value, "username", translate("Username"))
o.placeholder = translate("Username")
o.rmempty = true
o.rmempty = false
o = s:option(Value, "password", translate("Password"))
o.rmempty = true
o.placeholder = translate("Password")
o.rmempty = false
o = s:option(Value, "ipaddress", translate("IP address"))
o.placeholder = translate("Automatically")
o.datatype = "ipaddr"
o.datatype = "ip4addr"
o.rmempty = true
return m

View File

@ -4,17 +4,14 @@ msgstr "PPTP VPN 服务器"
msgid "Simple, quick and convenient PPTP VPN, universal across the platform"
msgstr "简单快捷方便的PPTP VPN全平台通用。"
msgid "PPTP VPN Server status"
msgstr "PPTP VPN 服务器运行状态"
msgid "Current Condition"
msgstr "当前状态"
msgid "General settings"
msgstr "基本设置"
msgid "Enable VPN Server"
msgstr "启用 VPN 服务器"
msgid "Enabled"
msgstr "启用"
msgid "Server IP"
msgstr "服务器 IP 地址"
@ -28,33 +25,15 @@ msgstr "客户端 IP 地址"
msgid "VPN Client IP address, it not required."
msgstr "分配给客户端的 IP 地址范围,留空将自动设置。"
msgid "DNS IP address"
msgstr "DNS IP 地址"
msgid "This will be sent to the client, it not required."
msgstr "设置 VPN 服务器默认 DNS 服务器,该设置非必须。"
msgid "Enable MPPE Encryption"
msgstr "启用MPPE 加密"
msgid "Allows 128-bit encrypted connection."
msgstr "允许使用 128 位加密连接。"
msgid "is_nat"
msgstr "NAT转发"
msgid "Interface"
msgstr "接口"
msgid "Specify interface forwarding traffic."
msgstr "指定接口转发流量。"
msgid "Users Manager"
msgstr "用户管理"
msgid "Enabled"
msgstr "启用"
msgid "Username"
msgstr "用户名"
@ -67,9 +46,12 @@ msgstr "IP 地址"
msgid "Automatically"
msgstr "自动分配"
msgid "Online Users""
msgid "Online Users"
msgstr "在线用户"
msgid "Login Time"
msgstr "登录时间"
msgid "Blacklist"
msgstr "黑名单"

View File

@ -5,8 +5,3 @@ config service 'pptpd'
option remoteip '192.168.2.10-20'
option enabled '0'
config users
option enabled '1'
option username 'guest'
option password '123456'

View File

@ -1,59 +1,51 @@
#!/bin/sh /etc/rc.common
START=99
CONFIG=luci-app-pptpserver
CONFIG_FILE=/var/etc/$CONFIG.conf
RUN_D=/var/run
CHAP_SECRETS=/var/etc/chap-secrets
SERVER_NAME="pptp-server"
TEMP=/tmp/pptpd.tmp
CONFIG="luci-app-pptpserver"
PPTP_PATH=/var/etc/pptpd
PPTP_CONFIG_FILE=${PPTP_PATH}/pptpd.conf
PPTP_OPTIONS_FILE=${PPTP_PATH}/options.pptpd
CHAP_SECRETS=/etc/ppp/chap-secrets
add_rule() {
iptables -t nat -I POSTROUTING -s ${localip%.*}.0/24 -m comment --comment "PPTP VPN Server" -j MASQUERADE
iptables -I forwarding_rule -s ${localip%.*}.0/24 -m comment --comment "PPTP VPN Server" -j ACCEPT
iptables -I INPUT -p tcp --dport 1723 -m comment --comment "PPTP VPN Server" -j ACCEPT 2>/dev/null
localip=$(uci -q get ${CONFIG}.@service[0].localip)
[ -z "${localip}" ] && localip="172.16.100.1"
ipt_flag="PPTP VPN Server"
get_enabled_anonymous_secs() {
uci -q show "${CONFIG}" | grep "${1}\[.*\.enabled='1'" | cut -d '.' -sf2
}
del_rule() {
iptables -D INPUT -p tcp --dport 1723 -m comment --comment "PPTP VPN Server" -j ACCEPT 2> /dev/null
pptp_nums=$(iptables -t nat -n -L POSTROUTING 2>/dev/null | grep -c "PPTP VPN Server")
if [ -n "$pptp_nums" ]; then
until [ "$pptp_nums" = 0 ]
do
pptp_rules=$(iptables -t nat -n -L POSTROUTING --line-num 2>/dev/null | grep "PPTP VPN Server" | awk '{print $1}')
for pptp_rule in $pptp_rules
do
iptables -t nat -D POSTROUTING $pptp_rule 2> /dev/null
break
done
pptp_nums=$(expr $pptp_nums - 1)
done
fi
nums=$(iptables -n -L forwarding_rule 2>/dev/null | grep -c "PPTP VPN Server")
if [ -n "$nums" ]; then
until [ "$nums" = 0 ]
do
rules=$(iptables -n -L forwarding_rule --line-num 2>/dev/null | grep "PPTP VPN Server" | awk '{print $1}')
for rule in $rules
do
iptables -D forwarding_rule $rule 2> /dev/null
break
done
nums=$(expr $nums - 1)
ipt_rule() {
if [ "$1" = "add" ]; then
iptables -t nat -I POSTROUTING -s ${localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j MASQUERADE 2>/dev/null
iptables -I forwarding_rule -s ${localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null
iptables -I INPUT -p tcp --dport 1723 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null
iptables -t mangle -I OUTPUT -p tcp --sport 1723 -m comment --comment "${ipt_flag}" -j RETURN 2>/dev/null
else
ipt_del() {
for i in $(seq 1 $($1 -nL $2 | grep -c "${ipt_flag}")); do
local index=$($1 --line-number -nL $2 | grep "${ipt_flag}" | head -1 | awk '{print $1}')
$1 -w -D $2 $index 2>/dev/null
done
}
ipt_del "iptables" "forwarding_rule"
ipt_del "iptables" "INPUT"
ipt_del "iptables -t nat" "POSTROUTING"
ipt_del "iptables -t mangle" "OUTPUT"
fi
}
gen_include() {
echo '#!/bin/sh' > /var/etc/$CONFIG.include
echo '#!/bin/sh' > /var/etc/${CONFIG}.include
extract_rules() {
echo "*$1"
iptables-save -t $1 | grep "PPTP VPN Server" | \
iptables-save -t $1 | grep "${ipt_flag}" | \
sed -e "s/^-A \(INPUT\)/-I \1 1/"
echo 'COMMIT'
}
cat <<-EOF >> /var/etc/$CONFIG.include
iptables-save -c | grep -v "PPTP VPN Server" | iptables-restore -c
cat <<-EOF >> /var/etc/${CONFIG}.include
iptables-save -c | grep -v "${ipt_flag}" | iptables-restore -c
iptables-restore -n <<-EOT
$(extract_rules filter)
$(extract_rules nat)
@ -62,76 +54,72 @@ gen_include() {
return 0
}
setup_login() {
config_get enabled $1 enabled
[ "$enabled" -eq 0 ] && return 0
config_get ipaddress $1 ipaddress
[ -n "$ipaddress" ] || local ipaddress="*"
config_get username $1 username
config_get password $1 password
[ -n "$username" ] || return 0
[ -n "$password" ] || return 0
echo "$username $SERVER_NAME $password $ipaddress" >> $CHAP_SECRETS
}
setup_config() {
config_get enabled $1 enabled
[ "$enabled" -eq 0 ] && return 1
mkdir -p /var/etc
cp /etc/pptpd.conf $CONFIG_FILE
config_get localip $1 localip
config_get remoteip $1 remoteip
[ -z "$localip" ] && localip="172.16.100.1"
[ -z "$remoteip" ] && remoteip="172.16.100.10-20"
[ -n "$localip" ] && echo "localip $localip" >> $CONFIG_FILE
[ -n "$remoteip" ] && echo "remoteip $remoteip" >> $CONFIG_FILE
echo "option /etc/ppp/options.pptpd" >> $CONFIG_FILE
sed -i '/mppe/d' /etc/ppp/options.pptpd
config_get mppe $1 mppe
[ -n "$mppe" ] && [ "$mppe" -eq 1 ] && echo "mppe required,no40,no56,stateless" >> /etc/ppp/options.pptpd
sed -i '/ms-dns/d' /etc/ppp/options.pptpd
config_get dns $1 dns
[ -z "$dns" ] && dns="8.8.4.4"
echo "ms-dns $dns">>/etc/ppp/options.pptpd
return 0
}
start_pptpd() {
mkdir -p $RUN_D
for m in arc4 sha1_generic slhc crc-ccitt ppp_generic ppp_async ppp_mppe; do
insmod $m >/dev/null 2>&1
done
ln -sfn $CHAP_SECRETS /etc/ppp/chap-secrets
chmod 600 /etc/ppp/*-secrets
/usr/sbin/pptpd -c $CONFIG_FILE
}
del_user()
{
cat $CHAP_SECRETS | grep -v $SERVER_NAME > $TEMP
cat $TEMP > $CHAP_SECRETS
rm -rf $TEMP
}
start() {
config_load $CONFIG
setup_config "pptpd" || return
del_user
add_rule
config_foreach setup_login users
start_pptpd
local enabled=$(uci -q get ${CONFIG}.@service[0].enabled)
[ "${enabled}" -eq 1 ] || return 1
touch ${CHAP_SECRETS}
mkdir -p ${PPTP_PATH}
cp /etc/ppp/options.pptpd ${PPTP_OPTIONS_FILE}
sed -i '/mppe/d' ${PPTP_OPTIONS_FILE} 2>/dev/null
sed -i '/ms-dns/d' ${PPTP_OPTIONS_FILE} 2>/dev/null
sed -i '/name/d' ${PPTP_OPTIONS_FILE} 2>/dev/null
echo "name pptp-server">> ${PPTP_OPTIONS_FILE}
local mppe=$(uci -q get ${CONFIG}.@service[0].mppe)
[ -n "${mppe}" ] && [ "${mppe}" -eq 1 ] && echo "mppe required,no40,no56,stateless" >> ${PPTP_OPTIONS_FILE}
echo "ms-dns ${localip}">> ${PPTP_OPTIONS_FILE}
cp /etc/pptpd.conf ${PPTP_CONFIG_FILE}
sed -i '/localip/d' ${PPTP_CONFIG_FILE} 2>/dev/null
sed -i '/remoteip/d' ${PPTP_CONFIG_FILE} 2>/dev/null
sed -i '/option/d' ${PPTP_CONFIG_FILE} 2>/dev/null
sed -i '/name/d' ${PPTP_CONFIG_FILE} 2>/dev/null
echo "name pptp-server">> ${PPTP_CONFIG_FILE}
local remoteip=$(uci -q get ${CONFIG}.@service[0].remoteip)
[ -z "${remoteip}" ] && remoteip="172.16.100.10-20"
echo "localip ${localip}" >> ${PPTP_CONFIG_FILE}
echo "remoteip ${remoteip}" >> ${PPTP_CONFIG_FILE}
echo "option ${PPTP_OPTIONS_FILE}" >> ${PPTP_CONFIG_FILE}
local _users=$(get_enabled_anonymous_secs "@users")
[ -n "${_users}" ] && {
for _user in ${_users}; do
local u_enabled=$(uci -q get ${CONFIG}.${_user}.enabled)
[ "${u_enabled}" -eq 1 ] || continue
local u_username=$(uci -q get ${CONFIG}.${_user}.username)
[ -n "${u_username}" ] || continue
local u_password=$(uci -q get ${CONFIG}.${_user}.password)
[ -n "${u_password}" ] || continue
local u_ipaddress=$(uci -q get ${CONFIG}.${_user}.ipaddress)
[ -n "${u_ipaddress}" ] || u_ipaddress="*"
echo "${u_username} pptp-server ${u_password} ${u_ipaddress}" >> ${CHAP_SECRETS}
done
}
echo "ip-up-script /usr/share/pptpd/ip-up" >> ${PPTP_OPTIONS_FILE}
echo "ip-down-script /usr/share/pptpd/ip-down" >> ${PPTP_OPTIONS_FILE}
for m in arc4 sha1_generic slhc crc-ccitt ppp_generic ppp_async ppp_mppe; do
insmod ${m} >/dev/null 2>&1
done
/usr/sbin/pptpd -c ${PPTP_CONFIG_FILE}
ipt_rule add
gen_include
}
stop() {
ps -w | grep "$CONFIG_FILE" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
ps -w | grep "pppd local" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
del_user
del_rule
rm -rf /var/etc/$CONFIG.include
sed -i '/pptp-server/d' ${CHAP_SECRETS} 2>/dev/null
top -bn1 | grep "${PPTP_PATH}" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
ipt_rule del
rm -rf /var/etc/${CONFIG}.include
rm -rf ${PPTP_PATH}
}

View File

@ -15,5 +15,7 @@ uci -q batch <<-EOF >/dev/null
commit ucitrack
EOF
/etc/init.d/pptpd disable 2>/dev/null
/etc/init.d/pptpd stop 2>/dev/null
rm -rf /tmp/luci-*cache
exit 0

View File

@ -0,0 +1,27 @@
#!/bin/sh
_LOGOUT_TIME="$(date "+%Y-%m-%d %H:%M:%S")"
CONFIG="luci-app-pptpserver"
PPTP_PATH=/var/etc/pptpd
PPTP_SESSION_PATH=${PPTP_PATH}/session
_USERNAME=${PEERNAME}
_IFACE=${1}
_TTY=${2}
_SPEED=${3}
_LOCALIP=${4}
_PEERIP=${5}
_REMOTEIP=${6}
_BYTES_SENT=${BYTES_SENT}
_BYTES_RCVD=${BYTES_RCVD}
_CONNECT_TIME=${CONNECT_TIME}
rm -f ${PPTP_SESSION_PATH}/${_USERNAME}.${_IFACE}
rm -f /var/run/${_IFACE}.pid
#可根据退出的账号自定义脚本,如静态路由表,组网等。
SCRIPT="/usr/share/pptpd/ip-down.d/${_USERNAME}"
[ -s "$SCRIPT" ] && {
[ ! -x "$SCRIPT" ] && chmod 0755 "$SCRIPT"
"$SCRIPT" "$@"
}

View File

@ -0,0 +1,58 @@
#!/bin/sh
_LOGIN_TIME="$(date "+%Y-%m-%d %H:%M:%S")"
CONFIG="luci-app-pptpserver"
PPTP_PATH=/var/etc/pptpd
PPTP_SESSION_PATH=${PPTP_PATH}/session
_USERNAME=${PEERNAME}
_IFACE=${1}
_TTY=${2}
_SPEED=${3}
_LOCALIP=${4}
_PEERIP=${5}
_REMOTEIP=${6}
_PID="$(cat /var/run/${_IFACE}.pid 2>/dev/null)"
mkdir -p ${PPTP_SESSION_PATH}
cat <<-EOF > ${PPTP_SESSION_PATH}/${_USERNAME}.${_IFACE}
{
"username": "${_USERNAME}",
"interface": "${_IFACE}",
"tty": "${_TTY}",
"speed": "${_SPEED}",
"ip": "${_PEERIP}",
"remote_ip": "${_REMOTEIP}",
"pid": "${_PID}",
"login_time": "${_LOGIN_TIME}"
}
EOF
#只能单用户使用
cfgid=$(uci show ${CONFIG} | grep "@users" | grep "\.username='${_USERNAME}'" | cut -d '.' -sf 2)
[ -n "$cfgid" ] && {
HAS_LOGIN=$(ls ${PPTP_SESSION_PATH} | grep "^${_USERNAME}\.ppp" | grep -v "${_IFACE}")
[ -n "$HAS_LOGIN" ] && {
#踢出之前的用户
KO_IFACE=$(echo $HAS_LOGIN | awk -F '.' '{print $2}')
KO_PID=$(cat /var/run/${KO_IFACE}.pid 2>/dev/null)
[ -n "$KO_PID" ] && kill -9 ${KO_PID} >/dev/null 2>&1
rm -f ${PPTP_SESSION_PATH}/${HAS_LOGIN}
rm -f /var/run/${KO_IFACE}.pid
}
routes=$(uci -q get ${CONFIG}.${cfgid}.routes)
[ -n "$routes" ] && {
for router in ${routes}; do
route add -net ${router} dev ${_IFACE} >/dev/null 2>&1
done
}
}
#可根据登录的账号自定义脚本,如组网、日志、限速、权限等特殊待遇。
SCRIPT="/usr/share/pptpd/ip-up.d/${_USERNAME}"
[ -s "$SCRIPT" ] && {
[ ! -x "$SCRIPT" ] && chmod 0755 "$SCRIPT"
"$SCRIPT" "$@"
}