mirror of
https://github.com/sirpdboy/sirpdboy-package.git
synced 2025-01-07 03:17:03 +08:00
up luci-app-pptpserver
This commit is contained in:
parent
8bc8c6aa86
commit
2869b2624c
@ -1,4 +1,4 @@
|
||||
# Copyright (C) 2018-2020 Lienol <lawlienol@gmail.com>
|
||||
# Copyright (C) 2018-2021 Lienol <lawlienol@gmail.com>
|
||||
#
|
||||
# This is free software, licensed under the Apache License, Version 2.0 .
|
||||
#
|
||||
@ -6,10 +6,10 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
LUCI_TITLE:=LuCI support for PPTP VPN Server
|
||||
LUCI_DEPENDS:=+pptpd +kmod-mppe +ppp
|
||||
LUCI_DEPENDS:=+pptpd +kmod-mppe +ppp +luci-lib-jsonc
|
||||
LUCI_PKGARCH:=all
|
||||
PKG_VERSION:=1
|
||||
PKG_RELEASE:=5-20200608
|
||||
PKG_VERSION:=20211223
|
||||
PKG_RELEASE:=1
|
||||
|
||||
include $(TOPDIR)/feeds/luci/luci.mk
|
||||
|
||||
|
@ -5,14 +5,11 @@ function index()
|
||||
if not nixio.fs.access("/etc/config/luci-app-pptpserver") then return end
|
||||
|
||||
entry({"admin", "vpn"}, firstchild(), "VPN", 45).dependent = false
|
||||
entry({"admin", "vpn", "pptpd"}, alias("admin", "vpn", "pptpd", "settings"),
|
||||
_("PPTP VPN Server"), 48)
|
||||
entry({"admin", "vpn", "pptpd", "settings"}, cbi("pptpd/settings"),
|
||||
_("General Settings"), 10).leaf = true
|
||||
entry({"admin", "vpn", "pptpd", "users"}, cbi("pptpd/users"),
|
||||
_("Users Manager"), 20).leaf = true
|
||||
entry({"admin", "vpn", "pptpd", "online"}, cbi("pptpd/online"),
|
||||
_("Online Users"), 30).leaf = true
|
||||
entry({"admin", "vpn", "pptpd"}, alias("admin", "vpn", "pptpd", "settings"), _("PPTP VPN Server"), 48)
|
||||
entry({"admin", "vpn", "pptpd", "settings"}, cbi("pptpd/settings"), _("General Settings"), 10).leaf = true
|
||||
entry({"admin", "vpn", "pptpd", "users"}, cbi("pptpd/users"), _("Users Manager"), 20).leaf = true
|
||||
entry({"admin", "vpn", "pptpd", "user"}, cbi("pptpd/user")).leaf = true
|
||||
entry({"admin", "vpn", "pptpd", "online"}, cbi("pptpd/online"), _("Online Users"), 30).leaf = true
|
||||
entry({"admin", "vpn", "pptpd", "status"}, call("status")).leaf = true
|
||||
end
|
||||
|
||||
|
@ -1,78 +1,84 @@
|
||||
local e = {}
|
||||
local o = require "luci.dispatcher"
|
||||
local a = luci.util.execi("/bin/busybox top -bn1 | grep '/usr/sbin/pppd'")
|
||||
for t in a do
|
||||
local a, n, h, s, o, i = t:match("^ *(%d+) +(%d+) +.+options%.pptpd +(%d+) +(%S.-%S)%:(%S.-%S) +.+ +(.+)")
|
||||
local t = tonumber(a)
|
||||
local fs = require "nixio.fs"
|
||||
local jsonc = require "luci.jsonc"
|
||||
|
||||
local sessions = {}
|
||||
local session_path = "/var/etc/pptpd/session"
|
||||
if fs.access(session_path) then
|
||||
for filename in fs.dir(session_path) do
|
||||
local session_file = session_path .. "/" .. filename
|
||||
local file = io.open(session_file, "r")
|
||||
local t = jsonc.parse(file:read("*a"))
|
||||
if t then
|
||||
e["%02i.%s" % {t, "online"}] = {
|
||||
['PID'] = a,
|
||||
['PPID'] = n,
|
||||
['SPEED'] = h,
|
||||
['GATEWAY'] = s,
|
||||
['VIP'] = o,
|
||||
['CIP'] = i,
|
||||
['BLACKLIST'] = 0
|
||||
}
|
||||
t.session_file = session_file
|
||||
sessions[#sessions + 1] = t
|
||||
end
|
||||
file:close()
|
||||
end
|
||||
end
|
||||
local a = luci.util.execi("sed = /etc/firewall.user | sed 'N;s/\\n/:/'")
|
||||
for t in a do
|
||||
local t, a = t:match("^ *(%d+)%:.+%#%# pptpd%-blacklist%-(.+)")
|
||||
local t = tonumber(t)
|
||||
if t then
|
||||
e["%02i.%s" % {t, "blacklist"}] =
|
||||
{
|
||||
['PID'] = "-1",
|
||||
['PPID'] = "-1",
|
||||
['SPEED'] = "-1",
|
||||
['GATEWAY'] = "-",
|
||||
['VIP'] = "-",
|
||||
['CIP'] = a,
|
||||
['BLACKLIST'] = 1
|
||||
}
|
||||
|
||||
local blacklist = {}
|
||||
local firewall_user_path = "/etc/firewall.user"
|
||||
if fs.access(firewall_user_path) then
|
||||
for line in io.lines(firewall_user_path) do
|
||||
local m = line:match('pptpd%-blacklist%-([^\n]+)')
|
||||
if m then
|
||||
local t = {}
|
||||
t.ip = m
|
||||
blacklist[#blacklist + 1] = t
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
f = SimpleForm("processes", translate("PPTP VPN Server"))
|
||||
f.reset = false
|
||||
f.submit = false
|
||||
f.description = translate("Simple, quick and convenient PPTP VPN, universal across the platform")
|
||||
t = f:section(Table, e, translate("Online Users"))
|
||||
t:option(DummyValue, "GATEWAY", translate("Server IP"))
|
||||
t:option(DummyValue, "VIP", translate("Client IP"))
|
||||
t:option(DummyValue, "CIP", translate("IP address"))
|
||||
blacklist = t:option(Button, "_blacklist", translate("Blacklist"))
|
||||
function blacklist.render(e, t, a)
|
||||
if e.map:get(t, "BLACKLIST") == 0 then
|
||||
|
||||
t = f:section(Table, sessions, translate("Online Users"))
|
||||
t:option(DummyValue, "username", translate("Username"))
|
||||
t:option(DummyValue, "interface", translate("Interface"))
|
||||
t:option(DummyValue, "ip", translate("Client IP"))
|
||||
t:option(DummyValue, "remote_ip", translate("IP address"))
|
||||
t:option(DummyValue, "login_time", translate("Login Time"))
|
||||
|
||||
_blacklist = t:option(Button, "_blacklist", translate("Blacklist"))
|
||||
function _blacklist.render(e, t, a)
|
||||
e.title = translate("Add to Blacklist")
|
||||
e.inputstyle = "remove"
|
||||
else
|
||||
e.title = translate("Remove from Blacklist")
|
||||
e.inputstyle = "apply"
|
||||
end
|
||||
Button.render(e, t, a)
|
||||
end
|
||||
function blacklist.write(t, a)
|
||||
local e = t.map:get(a, "CIP")
|
||||
if t.map:get(a, "BLACKLIST") == 0 then
|
||||
luci.util.execi(
|
||||
"echo 'iptables -A input_rule -s %s -p tcp --dport 1723 -j DROP ## pptpd-blacklist-%s' >> /etc/firewall.user" %
|
||||
{e, e})
|
||||
luci.util.execi(
|
||||
"iptables -A input_rule -s %s -p tcp --dport 1723 -j DROP" % {e})
|
||||
null, t.tag_error[a] = luci.sys.process.signal(t.map:get(a, "PID"), 9)
|
||||
else
|
||||
luci.util.execi(
|
||||
"sed -i -e '/## pptpd-blacklist-%s/d' /etc/firewall.user" % {e})
|
||||
luci.util.execi(
|
||||
"iptables -D input_rule -s %s -p tcp --dport 1723 -j DROP" % {e})
|
||||
end
|
||||
function _blacklist.write(t, s)
|
||||
local e = t.map:get(s, "remote_ip")
|
||||
luci.util.execi("echo 'iptables -I INPUT -s %s -p tcp --dport 1723 -j DROP ## pptpd-blacklist-%s' >> /etc/firewall.user" % {e, e})
|
||||
luci.util.execi("iptables -I INPUT -s %s -p tcp --dport 1723 -j DROP" % {e})
|
||||
luci.util.execi("rm -f " .. t.map:get(s, "session_file"))
|
||||
null, t.tag_error[s] = luci.sys.process.signal(t.map:get(s, "pid"), 9)
|
||||
luci.http.redirect(o.build_url("admin/vpn/pptpd/online"))
|
||||
end
|
||||
kill = t:option(Button, "_kill", translate("Forced offline"))
|
||||
kill.inputstyle = "reset"
|
||||
function kill.write(e, t)
|
||||
null, e.tag_error[t] = luci.sys.process.signal(e.map:get(t, "PID"), 9)
|
||||
|
||||
_kill = t:option(Button, "_kill", translate("Forced offline"))
|
||||
_kill.inputstyle = "reset"
|
||||
function _kill.write(t, s)
|
||||
luci.util.execi("rm -f " .. t.map:get(s, "session_file"))
|
||||
null, t.tag_error[t] = luci.sys.process.signal(t.map:get(s, "pid"), 9)
|
||||
luci.http.redirect(o.build_url("admin/vpn/pptpd/online"))
|
||||
end
|
||||
|
||||
t = f:section(Table, blacklist, translate("Blacklist"))
|
||||
t:option(DummyValue, "ip", translate("IP address"))
|
||||
|
||||
_blacklist2 = t:option(Button, "_blacklist2", translate("Blacklist"))
|
||||
function _blacklist2.render(e, t, a)
|
||||
e.title = translate("Remove from Blacklist")
|
||||
e.inputstyle = "apply"
|
||||
Button.render(e, t, a)
|
||||
end
|
||||
function _blacklist2.write(t, s)
|
||||
local e = t.map:get(s, "ip")
|
||||
luci.util.execi("sed -i -e '/## pptpd-blacklist-%s/d' /etc/firewall.user" % {e})
|
||||
luci.util.execi("iptables -D INPUT -s %s -p tcp --dport 1723 -j DROP" % {e})
|
||||
luci.http.redirect(o.build_url("admin/vpn/pptpd/online"))
|
||||
end
|
||||
|
||||
return f
|
||||
|
@ -13,7 +13,7 @@ o = s:option(DummyValue, "pptpd_status", translate("Current Condition"))
|
||||
o.template = "pptpd/status"
|
||||
o.value = translate("Collecting data...")
|
||||
|
||||
o = s:option(Flag, "enabled", translate("Enable VPN Server"))
|
||||
o = s:option(Flag, "enabled", translate("Enabled"))
|
||||
o.rmempty = false
|
||||
|
||||
o = s:option(Value, "localip", translate("Server IP"), translate("VPN Server IP address, it not required."))
|
||||
|
32
luci-app-pptpserver/luasrc/model/cbi/pptpd/user.lua
Normal file
32
luci-app-pptpserver/luasrc/model/cbi/pptpd/user.lua
Normal file
@ -0,0 +1,32 @@
|
||||
local d = require "luci.dispatcher"
|
||||
|
||||
m = Map("luci-app-pptpserver", translate("Users Manager"))
|
||||
m.redirect = d.build_url("admin", "vpn", "pptpd", "users")
|
||||
|
||||
s = m:section(NamedSection, arg[1], "users", "")
|
||||
s.addremove = false
|
||||
s.anonymous = true
|
||||
|
||||
o = s:option(Flag, "enabled", translate("Enabled"))
|
||||
o.default = 1
|
||||
o.rmempty = false
|
||||
|
||||
o = s:option(Value, "username", translate("Username"))
|
||||
o.placeholder = translate("Username")
|
||||
o.rmempty = false
|
||||
|
||||
o = s:option(Value, "password", translate("Password"))
|
||||
o.placeholder = translate("Password")
|
||||
o.rmempty = false
|
||||
|
||||
o = s:option(Value, "ipaddress", translate("IP address"))
|
||||
o.placeholder = translate("Automatically")
|
||||
o.datatype = "ip4addr"
|
||||
o.rmempty = true
|
||||
|
||||
o = s:option(DynamicList, "routes", translate("Static Routes"))
|
||||
o.placeholder = "192.168.10.0/24"
|
||||
o.datatype = "ipmask4"
|
||||
o.rmempty = true
|
||||
|
||||
return m
|
@ -1,3 +1,4 @@
|
||||
local d = require "luci.dispatcher"
|
||||
m = Map("luci-app-pptpserver", translate("PPTP VPN Server"))
|
||||
m.description = translate("Simple, quick and convenient PPTP VPN, universal across the platform")
|
||||
|
||||
@ -5,20 +6,27 @@ s = m:section(TypedSection, "users", translate("Users Manager"))
|
||||
s.addremove = true
|
||||
s.anonymous = true
|
||||
s.template = "cbi/tblsection"
|
||||
s.extedit = d.build_url("admin", "vpn", "pptpd", "user", "%s")
|
||||
function s.create(e, t)
|
||||
t = TypedSection.create(e, t)
|
||||
luci.http.redirect(e.extedit:format(t))
|
||||
end
|
||||
|
||||
o = s:option(Flag, "enabled", translate("Enabled"))
|
||||
o.default = 1
|
||||
o.rmempty = false
|
||||
|
||||
o = s:option(Value, "username", translate("Username"))
|
||||
o.placeholder = translate("Username")
|
||||
o.rmempty = true
|
||||
o.rmempty = false
|
||||
|
||||
o = s:option(Value, "password", translate("Password"))
|
||||
o.rmempty = true
|
||||
o.placeholder = translate("Password")
|
||||
o.rmempty = false
|
||||
|
||||
o = s:option(Value, "ipaddress", translate("IP address"))
|
||||
o.placeholder = translate("Automatically")
|
||||
o.datatype = "ipaddr"
|
||||
o.datatype = "ip4addr"
|
||||
o.rmempty = true
|
||||
|
||||
return m
|
||||
|
@ -4,17 +4,14 @@ msgstr "PPTP VPN 服务器"
|
||||
msgid "Simple, quick and convenient PPTP VPN, universal across the platform"
|
||||
msgstr "简单快捷方便的PPTP VPN,全平台通用。"
|
||||
|
||||
msgid "PPTP VPN Server status"
|
||||
msgstr "PPTP VPN 服务器运行状态"
|
||||
|
||||
msgid "Current Condition"
|
||||
msgstr "当前状态"
|
||||
|
||||
msgid "General settings"
|
||||
msgstr "基本设置"
|
||||
|
||||
msgid "Enable VPN Server"
|
||||
msgstr "启用 VPN 服务器"
|
||||
msgid "Enabled"
|
||||
msgstr "启用"
|
||||
|
||||
msgid "Server IP"
|
||||
msgstr "服务器 IP 地址"
|
||||
@ -28,33 +25,15 @@ msgstr "客户端 IP 地址"
|
||||
msgid "VPN Client IP address, it not required."
|
||||
msgstr "分配给客户端的 IP 地址范围,留空将自动设置。"
|
||||
|
||||
msgid "DNS IP address"
|
||||
msgstr "DNS IP 地址"
|
||||
|
||||
msgid "This will be sent to the client, it not required."
|
||||
msgstr "设置 VPN 服务器默认 DNS 服务器,该设置非必须。"
|
||||
|
||||
msgid "Enable MPPE Encryption"
|
||||
msgstr "启用MPPE 加密"
|
||||
|
||||
msgid "Allows 128-bit encrypted connection."
|
||||
msgstr "允许使用 128 位加密连接。"
|
||||
|
||||
msgid "is_nat"
|
||||
msgstr "NAT转发"
|
||||
|
||||
msgid "Interface"
|
||||
msgstr "接口"
|
||||
|
||||
msgid "Specify interface forwarding traffic."
|
||||
msgstr "指定接口转发流量。"
|
||||
|
||||
msgid "Users Manager"
|
||||
msgstr "用户管理"
|
||||
|
||||
msgid "Enabled"
|
||||
msgstr "启用"
|
||||
|
||||
msgid "Username"
|
||||
msgstr "用户名"
|
||||
|
||||
@ -67,9 +46,12 @@ msgstr "IP 地址"
|
||||
msgid "Automatically"
|
||||
msgstr "自动分配"
|
||||
|
||||
msgid "Online Users""
|
||||
msgid "Online Users"
|
||||
msgstr "在线用户"
|
||||
|
||||
msgid "Login Time"
|
||||
msgstr "登录时间"
|
||||
|
||||
msgid "Blacklist"
|
||||
msgstr "黑名单"
|
||||
|
||||
|
@ -5,8 +5,3 @@ config service 'pptpd'
|
||||
option remoteip '192.168.2.10-20'
|
||||
option enabled '0'
|
||||
|
||||
config users
|
||||
option enabled '1'
|
||||
option username 'guest'
|
||||
option password '123456'
|
||||
|
||||
|
@ -1,59 +1,51 @@
|
||||
#!/bin/sh /etc/rc.common
|
||||
|
||||
START=99
|
||||
CONFIG=luci-app-pptpserver
|
||||
CONFIG_FILE=/var/etc/$CONFIG.conf
|
||||
RUN_D=/var/run
|
||||
CHAP_SECRETS=/var/etc/chap-secrets
|
||||
SERVER_NAME="pptp-server"
|
||||
TEMP=/tmp/pptpd.tmp
|
||||
CONFIG="luci-app-pptpserver"
|
||||
PPTP_PATH=/var/etc/pptpd
|
||||
PPTP_CONFIG_FILE=${PPTP_PATH}/pptpd.conf
|
||||
PPTP_OPTIONS_FILE=${PPTP_PATH}/options.pptpd
|
||||
CHAP_SECRETS=/etc/ppp/chap-secrets
|
||||
|
||||
add_rule() {
|
||||
iptables -t nat -I POSTROUTING -s ${localip%.*}.0/24 -m comment --comment "PPTP VPN Server" -j MASQUERADE
|
||||
iptables -I forwarding_rule -s ${localip%.*}.0/24 -m comment --comment "PPTP VPN Server" -j ACCEPT
|
||||
iptables -I INPUT -p tcp --dport 1723 -m comment --comment "PPTP VPN Server" -j ACCEPT 2>/dev/null
|
||||
localip=$(uci -q get ${CONFIG}.@service[0].localip)
|
||||
[ -z "${localip}" ] && localip="172.16.100.1"
|
||||
|
||||
ipt_flag="PPTP VPN Server"
|
||||
|
||||
get_enabled_anonymous_secs() {
|
||||
uci -q show "${CONFIG}" | grep "${1}\[.*\.enabled='1'" | cut -d '.' -sf2
|
||||
}
|
||||
|
||||
del_rule() {
|
||||
iptables -D INPUT -p tcp --dport 1723 -m comment --comment "PPTP VPN Server" -j ACCEPT 2> /dev/null
|
||||
pptp_nums=$(iptables -t nat -n -L POSTROUTING 2>/dev/null | grep -c "PPTP VPN Server")
|
||||
if [ -n "$pptp_nums" ]; then
|
||||
until [ "$pptp_nums" = 0 ]
|
||||
do
|
||||
pptp_rules=$(iptables -t nat -n -L POSTROUTING --line-num 2>/dev/null | grep "PPTP VPN Server" | awk '{print $1}')
|
||||
for pptp_rule in $pptp_rules
|
||||
do
|
||||
iptables -t nat -D POSTROUTING $pptp_rule 2> /dev/null
|
||||
break
|
||||
done
|
||||
pptp_nums=$(expr $pptp_nums - 1)
|
||||
done
|
||||
fi
|
||||
nums=$(iptables -n -L forwarding_rule 2>/dev/null | grep -c "PPTP VPN Server")
|
||||
if [ -n "$nums" ]; then
|
||||
until [ "$nums" = 0 ]
|
||||
do
|
||||
rules=$(iptables -n -L forwarding_rule --line-num 2>/dev/null | grep "PPTP VPN Server" | awk '{print $1}')
|
||||
for rule in $rules
|
||||
do
|
||||
iptables -D forwarding_rule $rule 2> /dev/null
|
||||
break
|
||||
done
|
||||
nums=$(expr $nums - 1)
|
||||
ipt_rule() {
|
||||
if [ "$1" = "add" ]; then
|
||||
iptables -t nat -I POSTROUTING -s ${localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j MASQUERADE 2>/dev/null
|
||||
iptables -I forwarding_rule -s ${localip%.*}.0/24 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null
|
||||
iptables -I INPUT -p tcp --dport 1723 -m comment --comment "${ipt_flag}" -j ACCEPT 2>/dev/null
|
||||
iptables -t mangle -I OUTPUT -p tcp --sport 1723 -m comment --comment "${ipt_flag}" -j RETURN 2>/dev/null
|
||||
else
|
||||
ipt_del() {
|
||||
for i in $(seq 1 $($1 -nL $2 | grep -c "${ipt_flag}")); do
|
||||
local index=$($1 --line-number -nL $2 | grep "${ipt_flag}" | head -1 | awk '{print $1}')
|
||||
$1 -w -D $2 $index 2>/dev/null
|
||||
done
|
||||
}
|
||||
ipt_del "iptables" "forwarding_rule"
|
||||
ipt_del "iptables" "INPUT"
|
||||
ipt_del "iptables -t nat" "POSTROUTING"
|
||||
ipt_del "iptables -t mangle" "OUTPUT"
|
||||
fi
|
||||
}
|
||||
|
||||
gen_include() {
|
||||
echo '#!/bin/sh' > /var/etc/$CONFIG.include
|
||||
echo '#!/bin/sh' > /var/etc/${CONFIG}.include
|
||||
extract_rules() {
|
||||
echo "*$1"
|
||||
iptables-save -t $1 | grep "PPTP VPN Server" | \
|
||||
iptables-save -t $1 | grep "${ipt_flag}" | \
|
||||
sed -e "s/^-A \(INPUT\)/-I \1 1/"
|
||||
echo 'COMMIT'
|
||||
}
|
||||
cat <<-EOF >> /var/etc/$CONFIG.include
|
||||
iptables-save -c | grep -v "PPTP VPN Server" | iptables-restore -c
|
||||
cat <<-EOF >> /var/etc/${CONFIG}.include
|
||||
iptables-save -c | grep -v "${ipt_flag}" | iptables-restore -c
|
||||
iptables-restore -n <<-EOT
|
||||
$(extract_rules filter)
|
||||
$(extract_rules nat)
|
||||
@ -62,76 +54,72 @@ gen_include() {
|
||||
return 0
|
||||
}
|
||||
|
||||
setup_login() {
|
||||
config_get enabled $1 enabled
|
||||
[ "$enabled" -eq 0 ] && return 0
|
||||
config_get ipaddress $1 ipaddress
|
||||
[ -n "$ipaddress" ] || local ipaddress="*"
|
||||
config_get username $1 username
|
||||
config_get password $1 password
|
||||
[ -n "$username" ] || return 0
|
||||
[ -n "$password" ] || return 0
|
||||
echo "$username $SERVER_NAME $password $ipaddress" >> $CHAP_SECRETS
|
||||
}
|
||||
|
||||
setup_config() {
|
||||
config_get enabled $1 enabled
|
||||
[ "$enabled" -eq 0 ] && return 1
|
||||
|
||||
mkdir -p /var/etc
|
||||
cp /etc/pptpd.conf $CONFIG_FILE
|
||||
|
||||
config_get localip $1 localip
|
||||
config_get remoteip $1 remoteip
|
||||
[ -z "$localip" ] && localip="172.16.100.1"
|
||||
[ -z "$remoteip" ] && remoteip="172.16.100.10-20"
|
||||
[ -n "$localip" ] && echo "localip $localip" >> $CONFIG_FILE
|
||||
[ -n "$remoteip" ] && echo "remoteip $remoteip" >> $CONFIG_FILE
|
||||
echo "option /etc/ppp/options.pptpd" >> $CONFIG_FILE
|
||||
|
||||
sed -i '/mppe/d' /etc/ppp/options.pptpd
|
||||
config_get mppe $1 mppe
|
||||
[ -n "$mppe" ] && [ "$mppe" -eq 1 ] && echo "mppe required,no40,no56,stateless" >> /etc/ppp/options.pptpd
|
||||
|
||||
sed -i '/ms-dns/d' /etc/ppp/options.pptpd
|
||||
config_get dns $1 dns
|
||||
[ -z "$dns" ] && dns="8.8.4.4"
|
||||
echo "ms-dns $dns">>/etc/ppp/options.pptpd
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
start_pptpd() {
|
||||
mkdir -p $RUN_D
|
||||
for m in arc4 sha1_generic slhc crc-ccitt ppp_generic ppp_async ppp_mppe; do
|
||||
insmod $m >/dev/null 2>&1
|
||||
done
|
||||
ln -sfn $CHAP_SECRETS /etc/ppp/chap-secrets
|
||||
chmod 600 /etc/ppp/*-secrets
|
||||
/usr/sbin/pptpd -c $CONFIG_FILE
|
||||
}
|
||||
|
||||
del_user()
|
||||
{
|
||||
cat $CHAP_SECRETS | grep -v $SERVER_NAME > $TEMP
|
||||
cat $TEMP > $CHAP_SECRETS
|
||||
rm -rf $TEMP
|
||||
}
|
||||
|
||||
start() {
|
||||
config_load $CONFIG
|
||||
setup_config "pptpd" || return
|
||||
del_user
|
||||
add_rule
|
||||
config_foreach setup_login users
|
||||
start_pptpd
|
||||
local enabled=$(uci -q get ${CONFIG}.@service[0].enabled)
|
||||
[ "${enabled}" -eq 1 ] || return 1
|
||||
touch ${CHAP_SECRETS}
|
||||
mkdir -p ${PPTP_PATH}
|
||||
|
||||
cp /etc/ppp/options.pptpd ${PPTP_OPTIONS_FILE}
|
||||
sed -i '/mppe/d' ${PPTP_OPTIONS_FILE} 2>/dev/null
|
||||
sed -i '/ms-dns/d' ${PPTP_OPTIONS_FILE} 2>/dev/null
|
||||
sed -i '/name/d' ${PPTP_OPTIONS_FILE} 2>/dev/null
|
||||
echo "name pptp-server">> ${PPTP_OPTIONS_FILE}
|
||||
|
||||
local mppe=$(uci -q get ${CONFIG}.@service[0].mppe)
|
||||
[ -n "${mppe}" ] && [ "${mppe}" -eq 1 ] && echo "mppe required,no40,no56,stateless" >> ${PPTP_OPTIONS_FILE}
|
||||
|
||||
echo "ms-dns ${localip}">> ${PPTP_OPTIONS_FILE}
|
||||
|
||||
cp /etc/pptpd.conf ${PPTP_CONFIG_FILE}
|
||||
sed -i '/localip/d' ${PPTP_CONFIG_FILE} 2>/dev/null
|
||||
sed -i '/remoteip/d' ${PPTP_CONFIG_FILE} 2>/dev/null
|
||||
sed -i '/option/d' ${PPTP_CONFIG_FILE} 2>/dev/null
|
||||
sed -i '/name/d' ${PPTP_CONFIG_FILE} 2>/dev/null
|
||||
echo "name pptp-server">> ${PPTP_CONFIG_FILE}
|
||||
|
||||
local remoteip=$(uci -q get ${CONFIG}.@service[0].remoteip)
|
||||
[ -z "${remoteip}" ] && remoteip="172.16.100.10-20"
|
||||
|
||||
echo "localip ${localip}" >> ${PPTP_CONFIG_FILE}
|
||||
echo "remoteip ${remoteip}" >> ${PPTP_CONFIG_FILE}
|
||||
echo "option ${PPTP_OPTIONS_FILE}" >> ${PPTP_CONFIG_FILE}
|
||||
|
||||
local _users=$(get_enabled_anonymous_secs "@users")
|
||||
[ -n "${_users}" ] && {
|
||||
for _user in ${_users}; do
|
||||
local u_enabled=$(uci -q get ${CONFIG}.${_user}.enabled)
|
||||
[ "${u_enabled}" -eq 1 ] || continue
|
||||
|
||||
local u_username=$(uci -q get ${CONFIG}.${_user}.username)
|
||||
[ -n "${u_username}" ] || continue
|
||||
|
||||
local u_password=$(uci -q get ${CONFIG}.${_user}.password)
|
||||
[ -n "${u_password}" ] || continue
|
||||
|
||||
local u_ipaddress=$(uci -q get ${CONFIG}.${_user}.ipaddress)
|
||||
[ -n "${u_ipaddress}" ] || u_ipaddress="*"
|
||||
|
||||
echo "${u_username} pptp-server ${u_password} ${u_ipaddress}" >> ${CHAP_SECRETS}
|
||||
done
|
||||
}
|
||||
|
||||
echo "ip-up-script /usr/share/pptpd/ip-up" >> ${PPTP_OPTIONS_FILE}
|
||||
echo "ip-down-script /usr/share/pptpd/ip-down" >> ${PPTP_OPTIONS_FILE}
|
||||
|
||||
for m in arc4 sha1_generic slhc crc-ccitt ppp_generic ppp_async ppp_mppe; do
|
||||
insmod ${m} >/dev/null 2>&1
|
||||
done
|
||||
/usr/sbin/pptpd -c ${PPTP_CONFIG_FILE}
|
||||
|
||||
ipt_rule add
|
||||
gen_include
|
||||
}
|
||||
|
||||
stop() {
|
||||
ps -w | grep "$CONFIG_FILE" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
|
||||
ps -w | grep "pppd local" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
|
||||
del_user
|
||||
del_rule
|
||||
rm -rf /var/etc/$CONFIG.include
|
||||
sed -i '/pptp-server/d' ${CHAP_SECRETS} 2>/dev/null
|
||||
top -bn1 | grep "${PPTP_PATH}" | grep -v "grep" | awk '{print $1}' | xargs kill -9 >/dev/null 2>&1
|
||||
ipt_rule del
|
||||
rm -rf /var/etc/${CONFIG}.include
|
||||
rm -rf ${PPTP_PATH}
|
||||
}
|
||||
|
@ -15,5 +15,7 @@ uci -q batch <<-EOF >/dev/null
|
||||
commit ucitrack
|
||||
EOF
|
||||
|
||||
/etc/init.d/pptpd disable 2>/dev/null
|
||||
/etc/init.d/pptpd stop 2>/dev/null
|
||||
rm -rf /tmp/luci-*cache
|
||||
exit 0
|
||||
|
27
luci-app-pptpserver/root/usr/share/pptpd/ip-down
Normal file
27
luci-app-pptpserver/root/usr/share/pptpd/ip-down
Normal file
@ -0,0 +1,27 @@
|
||||
#!/bin/sh
|
||||
|
||||
_LOGOUT_TIME="$(date "+%Y-%m-%d %H:%M:%S")"
|
||||
CONFIG="luci-app-pptpserver"
|
||||
PPTP_PATH=/var/etc/pptpd
|
||||
PPTP_SESSION_PATH=${PPTP_PATH}/session
|
||||
|
||||
_USERNAME=${PEERNAME}
|
||||
_IFACE=${1}
|
||||
_TTY=${2}
|
||||
_SPEED=${3}
|
||||
_LOCALIP=${4}
|
||||
_PEERIP=${5}
|
||||
_REMOTEIP=${6}
|
||||
_BYTES_SENT=${BYTES_SENT}
|
||||
_BYTES_RCVD=${BYTES_RCVD}
|
||||
_CONNECT_TIME=${CONNECT_TIME}
|
||||
|
||||
rm -f ${PPTP_SESSION_PATH}/${_USERNAME}.${_IFACE}
|
||||
rm -f /var/run/${_IFACE}.pid
|
||||
|
||||
#可根据退出的账号自定义脚本,如静态路由表,组网等。
|
||||
SCRIPT="/usr/share/pptpd/ip-down.d/${_USERNAME}"
|
||||
[ -s "$SCRIPT" ] && {
|
||||
[ ! -x "$SCRIPT" ] && chmod 0755 "$SCRIPT"
|
||||
"$SCRIPT" "$@"
|
||||
}
|
58
luci-app-pptpserver/root/usr/share/pptpd/ip-up
Normal file
58
luci-app-pptpserver/root/usr/share/pptpd/ip-up
Normal file
@ -0,0 +1,58 @@
|
||||
#!/bin/sh
|
||||
|
||||
_LOGIN_TIME="$(date "+%Y-%m-%d %H:%M:%S")"
|
||||
CONFIG="luci-app-pptpserver"
|
||||
PPTP_PATH=/var/etc/pptpd
|
||||
PPTP_SESSION_PATH=${PPTP_PATH}/session
|
||||
|
||||
_USERNAME=${PEERNAME}
|
||||
_IFACE=${1}
|
||||
_TTY=${2}
|
||||
_SPEED=${3}
|
||||
_LOCALIP=${4}
|
||||
_PEERIP=${5}
|
||||
_REMOTEIP=${6}
|
||||
|
||||
_PID="$(cat /var/run/${_IFACE}.pid 2>/dev/null)"
|
||||
|
||||
mkdir -p ${PPTP_SESSION_PATH}
|
||||
|
||||
cat <<-EOF > ${PPTP_SESSION_PATH}/${_USERNAME}.${_IFACE}
|
||||
{
|
||||
"username": "${_USERNAME}",
|
||||
"interface": "${_IFACE}",
|
||||
"tty": "${_TTY}",
|
||||
"speed": "${_SPEED}",
|
||||
"ip": "${_PEERIP}",
|
||||
"remote_ip": "${_REMOTEIP}",
|
||||
"pid": "${_PID}",
|
||||
"login_time": "${_LOGIN_TIME}"
|
||||
}
|
||||
EOF
|
||||
|
||||
#只能单用户使用
|
||||
cfgid=$(uci show ${CONFIG} | grep "@users" | grep "\.username='${_USERNAME}'" | cut -d '.' -sf 2)
|
||||
[ -n "$cfgid" ] && {
|
||||
HAS_LOGIN=$(ls ${PPTP_SESSION_PATH} | grep "^${_USERNAME}\.ppp" | grep -v "${_IFACE}")
|
||||
[ -n "$HAS_LOGIN" ] && {
|
||||
#踢出之前的用户
|
||||
KO_IFACE=$(echo $HAS_LOGIN | awk -F '.' '{print $2}')
|
||||
KO_PID=$(cat /var/run/${KO_IFACE}.pid 2>/dev/null)
|
||||
[ -n "$KO_PID" ] && kill -9 ${KO_PID} >/dev/null 2>&1
|
||||
rm -f ${PPTP_SESSION_PATH}/${HAS_LOGIN}
|
||||
rm -f /var/run/${KO_IFACE}.pid
|
||||
}
|
||||
routes=$(uci -q get ${CONFIG}.${cfgid}.routes)
|
||||
[ -n "$routes" ] && {
|
||||
for router in ${routes}; do
|
||||
route add -net ${router} dev ${_IFACE} >/dev/null 2>&1
|
||||
done
|
||||
}
|
||||
}
|
||||
|
||||
#可根据登录的账号自定义脚本,如组网、日志、限速、权限等特殊待遇。
|
||||
SCRIPT="/usr/share/pptpd/ip-up.d/${_USERNAME}"
|
||||
[ -s "$SCRIPT" ] && {
|
||||
[ ! -x "$SCRIPT" ] && chmod 0755 "$SCRIPT"
|
||||
"$SCRIPT" "$@"
|
||||
}
|
Loading…
Reference in New Issue
Block a user