lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 08:34:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

vpn: more progress on logs, l2tp localip fixup

Browse Source
This commit is contained in:
Franco Fichtner 2016-03-21 23:12:41 +01:00
parent c91b35ac77
commit f7b3e9e31f
4 changed files with 26 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/sbin/vpn-linkdown
View File

@ -1,6 +1,6 @@
#!/bin/sh
# record logout
/usr/bin/logger -p local3.info "logout,$1,$4,$5"
/usr/bin/logger -p local3.info "logout,$1,$4,$5,$3"
/sbin/pfctl -i $1 -Fs
/sbin/pfctl -K $4/32

15
src/sbin/vpn-linkup
View File

@ -1,16 +1,3 @@
#!/bin/sh
# record login
/usr/bin/logger -p local3.info "login,$1,$4,$5"
case `/bin/echo $1 | /usr/bin/cut -c1-4` in
pptp)
/sbin/ifconfig $1 group pptp
;;
poes)
/sbin/ifconfig $1 group pppoe
;;
l2tp)
/sbin/ifconfig $1 group l2tp
;;
esac
/usr/bin/logger -p local3.info "login,$1,$4,$5,$3"

29
src/www/diag_logs_vpn.inc
View File

@ -47,19 +47,36 @@ function dump_clog_vpn($logfile, $tail, $logtype)
{
global $config;
$sor = isset($config['syslog']['reverse']) ? "-r" : "";
$sort = isset($config['syslog']['reverse']) ? '-r' : '';
$servers = array();
switch ($logtype) {
case 'pptp':
if (isset($config['pptpd']['localip'])) {
$servers[] = $config['pptpd']['localip'];
}
break;
case 'l2tp':
if (isset($config['l2tp']['localip'])) {
$servers[] = $config['l2tp']['localip'];
}
break;
default:
break;
}
$logarr = "";
exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . " | tail {$sor} -n " . $tail, $logarr);
exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . " | tail {$sort} -n " . $tail, $logarr);
foreach ($logarr as $logent) {
$logent = preg_split("/\s+/", $logent, 6);
$llent = explode(",", $logent[5]);
$iftype = substr($llent[1], 0, 4);
if ($iftype != $logtype) {
$srv = explode('/', $llent[4]);
if (!is_array($srv) || !in_array($srv[0], $servers)) {
continue;
}
echo "<tr>\n";
echo "<td class=\"listlr nowrap\">" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) . "</td>\n";
@ -104,7 +121,7 @@ include("head.inc");
<td class="listhdrr"><?=gettext("User");?></td>
<td class="listhdrr"><?=gettext("IP address");?></td>
</tr>
<?php dump_clog_vpn($logfile, $nentries, $logname); ?>
<?php dump_clog_vpn($logfile, $nentries, $logtype); ?>
<?php else:
dump_clog($logfile, $nentries);
endif; ?>

11
src/www/vpn_l2tp.php
View File

@ -78,9 +78,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if ($_POST['localip'] && !is_ipaddr($_POST['localip'])) {
$input_errors[] = gettext("A valid server address must be specified.");
}
if (is_ipaddr_configured($_POST['localip'])) {
$input_errors[] = gettext("'Server address' parameter should NOT be set to any IP address currently in use on this firewall.");
}
if ($_POST['localip'] && !is_ipaddr($_POST['remoteip'])) {
$input_errors[] = gettext("A valid remote start address must be specified.");
}
@ -96,9 +93,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
(ip2ulong($_POST['localip']) <= $subnet_end)) {
$input_errors[] = gettext("The specified server address lies in the remote subnet.");
}
if ($_POST['localip'] == get_interface_ip("lan")) {
$input_errors[] = gettext("The specified server address is equal to the LAN interface address.");
}
}
}
@ -222,11 +216,6 @@ include("head.inc");
<input name="localip" type="text" id="localip" value="<?=$pconfig['localip'];?>" />
<div class="hidden" for="help_for_localip">
<?=gettext("Enter the IP address the L2TP server should give to clients for use as their \"gateway\"."); ?>
<br />
<?=gettext("Typically this is set to an unused IP just outside of the client range."); ?>
<br />
<br />
<?=gettext("NOTE: This should NOT be set to any IP address currently in use on this firewall."); ?></small>
</div>
</td>
</tr>