void init_ipv6(void)
{
int ipv6_type = get_ipv6_type();
control_if_ipv6_all((ipv6_type == IPV6_DISABLED) ? 0 : 1);
set_libc_gai((ipv6_type == IPV6_DISABLED) ? 1 : 0);
reset_lan6_vars();
}
static int
nvram_restore_defaults(void)
{
struct nvram_pair *np;
int restore_defaults;
/* Restore defaults if told to or OS has changed */
restore_defaults = !nvram_match("restore_defaults", "0");
/* check asus-wrt NVRAM content (sorry, but many params is incompatible) */
if (!restore_defaults) {
if (nvram_get("buildno") && nvram_get("buildinfo") && nvram_get("extendno"))
restore_defaults = 1;
}
if (restore_defaults)
nvram_clear();
/* Restore defaults */
for (np = router_defaults; np->name; np++) {
if (restore_defaults || !nvram_get(np->name)) {
nvram_set(np->name, np->value);
}
}
klogctl(8, NULL, nvram_get_int("console_loglevel"));
/* load static values */
nvram_modem_type = nvram_get_int("modem_type");
nvram_modem_rule = nvram_get_int("modem_rule");
nvram_nf_nat_type = nvram_get_int("nf_nat_type");
nvram_ipv6_type = get_ipv6_type();
return restore_defaults;
}
int dhcp6c_main(int argc, char **argv)
{
int ipv6_type, dns6_auto, lan6_auto, is_need_notify_radvd;
char *dns6_new, *lan_addr6_new;
char addr6s[INET6_ADDRSTRLEN];
// char *wan_ifname = safe_getenv("interface");
ipv6_type = get_ipv6_type();
if (ipv6_type != IPV6_NATIVE_DHCP6)
return 0;
is_need_notify_radvd = 0;
lan6_auto = nvram_get_int("ip6_lan_auto");
if (lan6_auto) {
lan_addr6_new = get_ifaddr6(IFNAME_BR, 0, addr6s);
if (store_lan_addr6(lan_addr6_new))
is_need_notify_radvd = 1;
}
dns6_auto = nvram_get_int("ip6_dns_auto");
if (dns6_auto) {
dns6_new = getenv("new_domain_name_servers");
if (store_wan_dns6(dns6_new)) {
update_resolvconf(0, 0);
is_need_notify_radvd = 1;
}
}
if (is_need_notify_radvd || !pids("radvd"))
reload_radvd();
return 0;
}
int get_lan_dhcp6s_mode(void)
{
if (get_ipv6_type() == IPV6_DISABLED)
return -1;
return nvram_get_int("ip6_lan_dhcp");
}
void wan6_up(char *wan_ifname)
{
int ipv6_type, start_radvd_now;
char *wan_addr6, *wan_gate6, *wan_addr4;
ipv6_type = get_ipv6_type();
if (ipv6_type == IPV6_DISABLED)
return;
stop_dhcp6c();
build_dns6_var();
control_if_ipv6_dad(IFNAME_BR, 1);
start_radvd_now = 1;
if (ipv6_type == IPV6_6IN4 || ipv6_type == IPV6_6TO4 || ipv6_type == IPV6_6RD)
{
wan_addr4 = nvram_safe_get("wan0_ipaddr");
wan_addr6 = nvram_safe_get("wan0_addr6");
start_sit_tunnel(ipv6_type, wan_addr4, wan_addr6);
}
else
{
control_if_ipv6_dad(wan_ifname, 1);
if (ipv6_type == IPV6_NATIVE_STATIC) {
wan_addr6 = nvram_safe_get("wan0_addr6");
wan_gate6 = nvram_safe_get("wan0_gate6");
control_if_ipv6_radv(wan_ifname, 0);
clear_if_addr6(wan_ifname);
if (*wan_addr6)
doSystem("ip -6 addr add %s dev %s", wan_addr6, wan_ifname);
if (*wan_gate6) {
doSystem("ip -6 route add %s dev %s", wan_gate6, wan_ifname);
doSystem("ip -6 route add default via %s metric %d", wan_gate6, 1);
}
}
else {
doSystem("ip -6 route add default dev %s metric %d", wan_ifname, 2048);
control_if_ipv6_autoconf(wan_ifname, nvram_invmatch("ip6_wan_dhcp", "1"));
control_if_ipv6_radv(wan_ifname, 1);
/* wait for interface ready */
sleep(2);
start_dhcp6c(wan_ifname);
if (nvram_match("ip6_lan_auto", "1"))
start_radvd_now = 0;
}
}
if (start_radvd_now)
reload_radvd();
}
int is_lan_radv_on(void)
{
int ipv6_type = get_ipv6_type();
if (ipv6_type == IPV6_DISABLED)
return -1;
if (nvram_invmatch("ip6_lan_radv", "0"))
return 1;
return 0;
}
int is_wan_ipv6_type_sit(void)
{
int ipv6_type = get_ipv6_type();
if (ipv6_type == IPV6_DISABLED)
return -1;
if (ipv6_type == IPV6_6IN4 ||
ipv6_type == IPV6_6TO4 ||
ipv6_type == IPV6_6RD)
return 1;
return 0;
}
int is_wan_dns6_static(void)
{
int ipv6_type = get_ipv6_type();
if (ipv6_type == IPV6_DISABLED)
return -1;
if (nvram_match("ip6_dns_auto", "0") ||
ipv6_type == IPV6_NATIVE_STATIC ||
ipv6_type == IPV6_6IN4 ||
ipv6_type == IPV6_6TO4 ||
ipv6_type == IPV6_6RD)
return 1;
return 0;
}
int is_wan_addr6_static(void)
{
int ipv6_type = get_ipv6_type();
if (ipv6_type == IPV6_DISABLED)
return -1;
if (ipv6_type == IPV6_NATIVE_DHCP6 ||
ipv6_type == IPV6_6TO4)
return 0;
if (ipv6_type == IPV6_NATIVE_STATIC ||
ipv6_type == IPV6_6IN4 ||
(ipv6_type == IPV6_6RD && nvram_match("ip6_6rd_dhcp", "0")))
return 1;
return 0;
}
void full_restart_ipv6(int ipv6_type_old)
{
int ipv6_type = get_ipv6_type();
int ipv6_toggled = ((ipv6_type == IPV6_DISABLED || ipv6_type_old == IPV6_DISABLED) && (ipv6_type != ipv6_type_old)) ? 1 : 0;
if (ipv6_toggled) {
stop_lltd();
stop_httpd();
}
stop_upnp();
stop_dhcp6c();
stop_dns_dhcpd();
if (ipv6_type == IPV6_DISABLED) {
clear_all_route6();
clear_all_addr6();
clear_if_neigh6(IFNAME_BR);
stop_sit_tunnel();
reset_lan6_vars();
reset_wan6_vars();
control_if_ipv6_all(0);
set_libc_gai(1);
update_resolvconf(0, 1);
reload_nat_modules();
restart_firewall();
start_dns_dhcpd(0);
} else {
set_libc_gai(0);
control_if_ipv6_all(1);
clear_all_addr6();
reset_lan6_vars();
reload_lan_addr6();
full_restart_wan();
if (!is_dns_dhcpd_run())
start_dns_dhcpd(0);
}
if (ipv6_toggled) {
start_httpd(0);
start_lltd();
}
}
void wan6_down(char *wan_ifname)
{
int ipv6_type;
char *wan6_ifname;
ipv6_type = get_ipv6_type();
if (ipv6_type == IPV6_DISABLED)
return;
stop_radvd();
stop_dhcp6c();
control_if_ipv6_radv(wan_ifname, 0);
control_if_ipv6_autoconf(wan_ifname, 0);
if (ipv6_type == IPV6_6IN4 || ipv6_type == IPV6_6TO4 || ipv6_type == IPV6_6RD)
{
wan6_ifname = IFNAME_SIT;
if (is_interface_exist(IFNAME_SIT))
doSystem("ip link set dev %s down", IFNAME_SIT);
}
else
{
wan6_ifname = wan_ifname;
}
// clear WAN routes6
clear_if_route6(wan6_ifname);
// clear WAN addr6
clear_if_addr6(wan6_ifname);
// delete SIT tunnel
stop_sit_tunnel();
// clear DNS6 for resolv.conf
nvram_set("wan0_dns6", "");
}
static int
openvpn_create_server_conf(const char *conf_file, int is_tun)
{
FILE *fp;
int i, i_prot, i_prot_ori, i_atls, i_rdgw, i_dhcp, i_items;
unsigned int laddr, lmask;
char *lanip, *lannm, *wins, *dns1, *dns2;
const char *p_prot;
struct in_addr pool_in;
i_atls = nvram_get_int("vpns_ov_atls");
for (i=0; i<5; i++) {
if (!i_atls && (i == 4))
continue;
if (!openvpn_check_key(openvpn_server_keys[i], 1))
return 1;
}
i_prot = nvram_get_int("vpns_ov_prot");
i_rdgw = nvram_get_int("vpns_ov_rdgw");
i_dhcp = is_dhcpd_enabled(0);
lanip = nvram_safe_get("lan_ipaddr");
lannm = nvram_safe_get("lan_netmask");
laddr = ntohl(inet_addr(lanip));
lmask = ntohl(inet_addr(lannm));
i_prot_ori = i_prot;
if (i_prot > 1 && get_ipv6_type() == IPV6_DISABLED)
i_prot &= 1;
/* note: upcoming openvpn 2.4 will need direct set udp4/tcp4-server for ipv4 only */
#if defined (USE_IPV6)
if (i_prot == 3)
p_prot = "tcp6-server";
else if (i_prot == 2)
p_prot = "udp6";
else
#endif
if (i_prot == 1)
p_prot = "tcp-server";
else
p_prot = "udp";
/* fixup ipv4/ipv6 mismatch */
if (i_prot != i_prot_ori)
nvram_set_int("vpns_ov_prot", i_prot);
fp = fopen(conf_file, "w+");
if (!fp)
return 1;
fprintf(fp, "proto %s\n", p_prot);
fprintf(fp, "port %d\n", nvram_safe_get_int("vpns_ov_port", 1194, 1, 65535));
if (is_tun) {
unsigned int vnet, vmsk;
vnet = ntohl(inet_addr(nvram_safe_get("vpns_vnet")));
vmsk = ntohl(inet_addr(VPN_SERVER_SUBNET_MASK));
pool_in.s_addr = htonl(vnet & vmsk);
fprintf(fp, "dev %s\n", IFNAME_SERVER_TUN);
fprintf(fp, "topology %s\n", "subnet");
fprintf(fp, "server %s %s\n", inet_ntoa(pool_in), VPN_SERVER_SUBNET_MASK);
fprintf(fp, "client-config-dir %s\n", "ccd");
openvpn_create_server_acl(fp, "ccd", vnet, vmsk);
pool_in.s_addr = htonl(laddr & lmask);
fprintf(fp, "push \"route %s %s\"\n", inet_ntoa(pool_in), lannm);
} else {
char sp_b[INET_ADDRSTRLEN], sp_e[INET_ADDRSTRLEN];
unsigned int vp_b, vp_e, lnet;
lnet = ~(lmask) - 1;
vp_b = (unsigned int)nvram_safe_get_int("vpns_cli0", 245, 1, 254);
vp_e = (unsigned int)nvram_safe_get_int("vpns_cli1", 254, 2, 254);
if (vp_b > lnet)
vp_b = lnet;
if (vp_e > lnet)
vp_e = lnet;
if (vp_e < vp_b)
vp_e = vp_b;
pool_in.s_addr = htonl((laddr & lmask) | vp_b);
strcpy(sp_b, inet_ntoa(pool_in));
pool_in.s_addr = htonl((laddr & lmask) | vp_e);
strcpy(sp_e, inet_ntoa(pool_in));
fprintf(fp, "dev %s\n", IFNAME_SERVER_TAP);
fprintf(fp, "server-bridge %s %s %s %s\n", lanip, lannm, sp_b, sp_e);
}
openvpn_add_auth(fp, nvram_get_int("vpns_ov_mdig"));
openvpn_add_cipher(fp, nvram_get_int("vpns_ov_ciph"));
openvpn_add_lzo(fp, nvram_get_int("vpns_ov_clzo"), 1);
i_items = 0;
if (i_rdgw) {
fprintf(fp, "push \"redirect-gateway def1 %s\"\n", "bypass-dhcp");
if (i_dhcp) {
dns1 = nvram_safe_get("dhcp_dns1_x");
dns2 = nvram_safe_get("dhcp_dns2_x");
if (is_valid_ipv4(dns1)) {
i_items++;
fprintf(fp, "push \"dhcp-option %s %s\"\n", "DNS", dns1);
}
if (is_valid_ipv4(dns2) && strcmp(dns2, dns1)) {
i_items++;
fprintf(fp, "push \"dhcp-option %s %s\"\n", "DNS", dns2);
}
}
if (i_items < 1)
fprintf(fp, "push \"dhcp-option %s %s\"\n", "DNS", lanip);
}
i_items = 0;
if (i_dhcp) {
wins = nvram_safe_get("dhcp_wins_x");
if (is_valid_ipv4(wins)) {
i_items++;
fprintf(fp, "push \"dhcp-option %s %s\"\n", "WINS", wins);
}
}
#if defined(APP_SMBD) || defined(APP_NMBD)
if ((i_items < 1) && nvram_get_int("wins_enable"))
fprintf(fp, "push \"dhcp-option %s %s\"\n", "WINS", lanip);
#endif
fprintf(fp, "ca %s/%s\n", SERVER_CERT_DIR, openvpn_server_keys[0]);
fprintf(fp, "dh %s/%s\n", SERVER_CERT_DIR, openvpn_server_keys[1]);
fprintf(fp, "cert %s/%s\n", SERVER_CERT_DIR, openvpn_server_keys[2]);
fprintf(fp, "key %s/%s\n", SERVER_CERT_DIR, openvpn_server_keys[3]);
if (i_atls)
fprintf(fp, "tls-auth %s/%s %d\n", SERVER_CERT_DIR, openvpn_server_keys[4], 0);
fprintf(fp, "persist-key\n");
fprintf(fp, "persist-tun\n");
fprintf(fp, "user %s\n", SYS_USER_NOBODY);
fprintf(fp, "group %s\n", SYS_GROUP_NOGROUP);
fprintf(fp, "script-security %d\n", 2);
fprintf(fp, "tmp-dir %s\n", COMMON_TEMP_DIR);
fprintf(fp, "writepid %s\n", SERVER_PID_FILE);
fprintf(fp, "client-connect %s\n", SCRIPT_OVPN_SERVER);
fprintf(fp, "client-disconnect %s\n", SCRIPT_OVPN_SERVER);
fprintf(fp, "\n### User params:\n");
load_user_config(fp, SERVER_CERT_DIR, "server.conf", forbidden_list);
fclose(fp);
chmod(conf_file, 0644);
return 0;
}
int
ovpn_server_expcli_main(int argc, char **argv)
{
FILE *fp;
int i, i_prot, i_atls, rsa_bits, days_valid;
const char *p_prot, *wan_addr;
const char *tmp_ovpn_path = "/tmp/export_ovpn";
const char *tmp_ovpn_conf = "/tmp/client.ovpn";
#if defined (USE_IPV6)
char addr6s[INET6_ADDRSTRLEN] = {0};
#endif
if (argc < 2 || strlen(argv[1]) < 1) {
printf("Usage: %s common_name [rsa_bits] [days_valid]\n", argv[0]);
return 1;
}
rsa_bits = 1024;
if (argc > 2 && atoi(argv[2]) >= 1024)
rsa_bits = atoi(argv[2]);
days_valid = 365;
if (argc > 3 && atoi(argv[3]) > 0)
days_valid = atoi(argv[3]);
i_atls = nvram_get_int("vpns_ov_atls");
for (i=0; i<5; i++) {
if (!i_atls && (i == 4))
continue;
if (!openvpn_check_key(openvpn_server_keys[i], 1)) {
printf("Error: server file %s is not found\n", openvpn_server_keys[i]);
return 1;
}
}
/* Generate client cert and key */
doSystem("rm -rf %s", tmp_ovpn_path);
setenv("CRT_PATH_CLI", tmp_ovpn_path, 1);
doSystem("/usr/bin/openvpn-cert.sh %s -n '%s' -b %d -d %d", "client", argv[1], rsa_bits, days_valid);
unsetenv("CRT_PATH_CLI");
i_prot = nvram_get_int("vpns_ov_prot");
if (i_prot > 1 && get_ipv6_type() == IPV6_DISABLED)
i_prot &= 1;
#if defined (USE_IPV6)
if (i_prot == 3)
p_prot = "tcp6-client";
else if (i_prot == 2)
p_prot = "udp6";
else
#endif
if (i_prot == 1)
p_prot = "tcp-client";
else
p_prot = "udp";
wan_addr = get_ddns_fqdn();
if (!wan_addr) {
#if defined (USE_IPV6)
if (i_prot > 1) {
wan_addr = get_wan_addr6_host(addr6s);
if (!wan_addr)
wan_addr = get_lan_addr6_host(addr6s);
} else
#endif
{
wan_addr = get_wan_unit_value(0, "ipaddr");
if (!is_valid_ipv4(wan_addr))
wan_addr = NULL;
}
}
if (!wan_addr)
wan_addr = "{wan_address}";
fp = fopen(tmp_ovpn_conf, "w+");
if (!fp) {
doSystem("rm -rf %s", tmp_ovpn_path);
printf("Error: unable to create file %s\n", tmp_ovpn_conf);
return 1;
}
fprintf(fp, "client\n");
fprintf(fp, "dev %s\n", (nvram_get_int("vpns_ov_mode") == 1) ? "tun" : "tap");
fprintf(fp, "proto %s\n", p_prot);
fprintf(fp, "remote %s %d\n", wan_addr, nvram_safe_get_int("vpns_ov_port", 1194, 1, 65535));
fprintf(fp, "resolv-retry %s\n", "infinite");
fprintf(fp, ";float\n");
fprintf(fp, "nobind\n");
fprintf(fp, "persist-key\n");
fprintf(fp, "persist-tun\n");
openvpn_add_auth(fp, nvram_get_int("vpns_ov_mdig"));
openvpn_add_cipher(fp, nvram_get_int("vpns_ov_ciph"));
openvpn_add_lzo(fp, nvram_get_int("vpns_ov_clzo"), 0);
fprintf(fp, "nice %d\n", 0);
fprintf(fp, "verb %d\n", 3);
fprintf(fp, "mute %d\n", 10);
fprintf(fp, ";ns-cert-type %s\n", "server");
openvpn_add_key(fp, SERVER_CERT_DIR, openvpn_server_keys[0], "ca");
openvpn_add_key(fp, tmp_ovpn_path, openvpn_client_keys[1], "cert");
openvpn_add_key(fp, tmp_ovpn_path, openvpn_client_keys[2], "key");
if (i_atls) {
openvpn_add_key(fp, SERVER_CERT_DIR, openvpn_server_keys[4], "tls-auth");
fprintf(fp, "key-direction %d\n", 1);
}
fclose(fp);
doSystem("rm -rf %s", tmp_ovpn_path);
doSystem("unix2dos %s", tmp_ovpn_conf);
chmod(tmp_ovpn_conf, 0600);
return 0;
}
int reload_radvd(void)
{
FILE *fp;
int ipv6_type, i_dhcp6s_mode, i_adv_per;
char *adv_prefix, *adv_rdnss, *lan_addr6_prefix;
char addr6s[INET6_ADDRSTRLEN], rdns6s[INET6_ADDRSTRLEN], wan_ifname[16] = {0};
ipv6_type = get_ipv6_type();
if (ipv6_type == IPV6_DISABLED)
return 1;
if (is_lan_radv_on() != 1)
return 1;
i_dhcp6s_mode = get_lan_dhcp6s_mode();
i_adv_per = 60;
adv_prefix = "::/64";
adv_rdnss = get_lan_addr6_host(rdns6s);
if (!adv_rdnss)
adv_rdnss = nvram_safe_get("wan0_dns6");
if (ipv6_type == IPV6_6TO4) {
get_wan_ifname(wan_ifname);
sprintf(addr6s, "0:0:0:%d::/%d", 1, 64);
adv_prefix = addr6s;
} else {
lan_addr6_prefix = get_lan_addr6_prefix(addr6s);
if (lan_addr6_prefix)
adv_prefix = lan_addr6_prefix;
}
fp = fopen("/etc/radvd.conf", "w");
if (!fp)
return -1;
fprintf(fp,
"interface %s {\n"
" IgnoreIfMissing on;\n"
" AdvSendAdvert on;\n" // (RA=ON)
" AdvHomeAgentFlag off;\n"
" AdvManagedFlag %s;\n"
" AdvOtherConfigFlag %s;\n"
" AdvDefaultLifetime %d;\n"
" MaxRtrAdvInterval %d;\n",
IFNAME_BR,
(i_dhcp6s_mode > 1) ? "on" : "off", // (M=ON/OFF)
(i_dhcp6s_mode > 0) ? "on" : "off", // (O=ON/OFF)
1800,
i_adv_per
);
fprintf(fp,
" prefix %s {\n"
" AdvOnLink on;\n"
" AdvAutonomous %s;\n",
adv_prefix,
(i_dhcp6s_mode != 2) ? "on" : "off" // (Stateful only)
);
if (ipv6_type == IPV6_6TO4) {
fprintf(fp,
" AdvValidLifetime %d;\n"
" AdvPreferredLifetime %d;\n"
" Base6to4Interface %s;\n",
600,
240,
wan_ifname
);
}
fprintf(fp, " };\n");
if (*adv_rdnss)
fprintf(fp, " RDNSS %s {};\n", adv_rdnss);
fprintf(fp, "};\n");
fclose(fp);
if (pids("radvd"))
return doSystem("killall %s %s", "-SIGHUP", "radvd");
return eval("/usr/sbin/radvd");
}
void
write_vsftpd_conf(void)
{
FILE *fp;
int i_maxuser, i_ftp_mode;
fp=fopen("/etc/vsftpd.conf", "w");
if (!fp) return;
fprintf(fp, "listen%s=YES\n",
#if defined (USE_IPV6)
(get_ipv6_type() != IPV6_DISABLED) ? "_ipv6" :
#endif
"");
fprintf(fp, "background=YES\n");
fprintf(fp, "connect_from_port_20=NO\n");
fprintf(fp, "pasv_enable=YES\n");
fprintf(fp, "pasv_min_port=%d\n", 50000);
fprintf(fp, "pasv_max_port=%d\n", 50100);
fprintf(fp, "ssl_enable=NO\n");
fprintf(fp, "tcp_wrappers=NO\n");
fprintf(fp, "isolate=NO\n");
fprintf(fp, "isolate_network=NO\n");
fprintf(fp, "use_sendfile=YES\n");
i_ftp_mode = nvram_get_int("st_ftp_mode");
if (i_ftp_mode == 1 || i_ftp_mode == 3) {
fprintf(fp, "local_enable=%s\n", "NO");
fprintf(fp, "anonymous_enable=%s\n", "YES");
if (i_ftp_mode == 1){
fprintf(fp, "anon_upload_enable=YES\n");
fprintf(fp, "anon_mkdir_write_enable=YES\n");
fprintf(fp, "anon_other_write_enable=YES\n");
fprintf(fp, "anon_umask=000\n");
}
}
else {
fprintf(fp, "local_enable=%s\n", "YES");
fprintf(fp, "local_umask=000\n");
fprintf(fp, "anonymous_enable=%s\n", (i_ftp_mode == 2) ? "NO" : "YES");
}
fprintf(fp, "nopriv_user=root\n");
fprintf(fp, "write_enable=YES\n");
fprintf(fp, "chroot_local_user=YES\n");
fprintf(fp, "allow_writable_root=YES\n");
fprintf(fp, "check_shell=NO\n");
fprintf(fp, "xferlog_enable=NO\n");
fprintf(fp, "syslog_enable=%s\n", (nvram_get_int("st_ftp_log") == 0) ? "NO" : "YES");
fprintf(fp, "force_dot_files=YES\n");
fprintf(fp, "dirmessage_enable=YES\n");
fprintf(fp, "hide_ids=YES\n");
fprintf(fp, "utf8=YES\n");
fprintf(fp, "idle_session_timeout=%d\n", 600);
i_maxuser = nvram_get_int("st_max_user");
if (i_maxuser < 1) i_maxuser = 1;
if (i_maxuser > MAX_CLIENTS_NUM) i_maxuser = MAX_CLIENTS_NUM;
fprintf(fp, "max_clients=%d\n", i_maxuser);
fprintf(fp, "max_per_ip=%d\n", i_maxuser);
fprintf(fp, "ftpd_banner=Welcome to ASUS %s FTP service.\n", nvram_safe_get("productid"));
fclose(fp);
}
void
handle_notifications(void)
{
int i, stop_handle = 0;
char notify_name[256];
DIR *directory = opendir(DIR_RC_NOTIFY);
if (!directory)
return;
// handle max 10 requests at once (prevent deadlock)
for (i=0; i < 10; i++)
{
struct dirent *entry;
FILE *test_fp;
entry = readdir(directory);
if (!entry)
break;
if (strcmp(entry->d_name, ".") == 0)
continue;
if (strcmp(entry->d_name, "..") == 0)
continue;
/* Remove the marker file. */
snprintf(notify_name, sizeof(notify_name), "%s/%s", DIR_RC_NOTIFY, entry->d_name);
remove(notify_name);
printf("rc notification: %s\n", entry->d_name);
/* Take the appropriate action. */
if (!strcmp(entry->d_name, RCN_RESTART_REBOOT))
{
stop_handle = 1;
sys_exit();
}
else if (!strcmp(entry->d_name, "flash_firmware"))
{
stop_handle = 1;
flash_firmware();
}
#if defined (USE_IPV6)
else if (!strcmp(entry->d_name, RCN_RESTART_IPV6))
{
if (!get_ap_mode()) {
full_restart_ipv6(nvram_ipv6_type);
nvram_ipv6_type = get_ipv6_type();
}
}
else if (strcmp(entry->d_name, RCN_RESTART_RADVD) == 0)
{
restart_dhcpd();
restart_radvd();
}
#endif
else if (!strcmp(entry->d_name, RCN_RESTART_WAN))
{
full_restart_wan();
}
else if (!strcmp(entry->d_name, RCN_RESTART_LAN))
{
full_restart_lan();
}
else if (!strcmp(entry->d_name, "stop_whole_wan"))
{
stop_wan();
}
else if (!strcmp(entry->d_name, RCN_RESTART_IPTV))
{
int is_ap_mode = get_ap_mode();
restart_iptv(is_ap_mode);
if (!is_ap_mode)
restart_firewall();
}
else if(!strcmp(entry->d_name, "deferred_wan_connect"))
{
deferred_wan_connect();
}
else if(!strcmp(entry->d_name, "auto_wan_reconnect"))
{
auto_wan_reconnect();
}
else if(!strcmp(entry->d_name, "auto_wan_reconnect_pause"))
{
auto_wan_reconnect_pause();
}
else if(!strcmp(entry->d_name, "manual_wan_reconnect"))
{
manual_wan_reconnect();
}
else if(!strcmp(entry->d_name, "manual_wan_disconnect"))
{
manual_wan_disconnect();
}
else if(!strcmp(entry->d_name, "manual_ddns_hostname_check"))
{
manual_ddns_hostname_check();
}
#if (BOARD_NUM_USB_PORTS > 0)
else if (!strcmp(entry->d_name, RCN_RESTART_MODEM))
{
int wan_stopped = 0;
int modules_reloaded = 0;
int need_restart_wan = get_usb_modem_wan(0);
int modem_rule = nvram_get_int("modem_rule");
int modem_type = nvram_get_int("modem_type");
if (nvram_modem_rule != modem_rule)
{
nvram_modem_rule = modem_rule;
if (need_restart_wan) {
wan_stopped = 1;
stop_wan();
}
if (modem_rule > 0) {
modules_reloaded = 1;
reload_modem_modules(modem_type, 1);
} else {
unload_modem_modules();
}
}
if (nvram_modem_type != modem_type)
{
if (nvram_modem_type == 3 || modem_type == 3) {
if (modem_rule > 0 && !modules_reloaded) {
if (need_restart_wan && !wan_stopped)
stop_wan();
reload_modem_modules(modem_type, 1);
}
}
nvram_modem_type = modem_type;
}
if (need_restart_wan)
full_restart_wan();
}
else if (strcmp(entry->d_name, RCN_RESTART_SPOOLER) == 0)
{
restart_usb_printer_spoolers();
}
else if (strcmp(entry->d_name, RCN_RESTART_HDDTUNE) == 0)
{
system("/sbin/hddtune.sh");
set_pagecache_reclaim();
}
#if defined(APP_FTPD)
else if (strcmp(entry->d_name, RCN_RESTART_FTPD) == 0)
{
restart_ftpd();
}
#endif
#if defined(APP_SMBD)
else if (strcmp(entry->d_name, RCN_RESTART_SMBD) == 0)
{
restart_smbd();
}
#endif
#if defined(APP_NFSD)
else if (strcmp(entry->d_name, RCN_RESTART_NFSD) == 0)
{
restart_nfsd();
}
#endif
#if defined(APP_MINIDLNA)
else if (strcmp(entry->d_name, "restart_dms_rescan") == 0)
{
restart_dms(1);
}
else if (strcmp(entry->d_name, RCN_RESTART_DMS) == 0)
{
restart_dms(0);
}
#endif
#if defined(APP_FIREFLY)
else if (strcmp(entry->d_name, RCN_RESTART_ITUNES) == 0)
{
restart_itunes();
}
#endif
#if defined(APP_TRMD)
else if (strcmp(entry->d_name, RCN_RESTART_TRMD) == 0)
{
restart_torrent();
}
#endif
#if defined(APP_ARIA)
else if (strcmp(entry->d_name, RCN_RESTART_ARIA) == 0)
{
restart_aria();
}
#endif
else if (!strcmp(entry->d_name, "on_hotplug_usb_storage"))
{
// deferred run usb apps
nvram_set_int_temp("usb_hotplug_ms", 1);
alarm(5);
}
else if (!strcmp(entry->d_name, "on_unplug_usb_storage"))
{
umount_ejected();
}
else if (!strcmp(entry->d_name, "on_hotplug_usb_printer"))
{
// deferred run usb printer daemons
nvram_set_int_temp("usb_hotplug_lp", 1);
alarm(5);
}
else if (!strcmp(entry->d_name, "on_unplug_usb_printer"))
{
// deferred stop usb printer daemons
nvram_set_int_temp("usb_unplug_lp", 1);
alarm(5);
}
else if (!strcmp(entry->d_name, "on_hotplug_usb_modem"))
{
// deferred run usb modem to wan
nvram_set_int_temp("usb_hotplug_md", 1);
alarm(5);
}
else if (!strcmp(entry->d_name, "on_unplug_usb_modem"))
{
// deferred restart wan
nvram_set_int_temp("usb_unplug_md", 1);
alarm(5);
}
#endif
else if (strcmp(entry->d_name, RCN_RESTART_HTTPD) == 0)
{
restart_httpd();
}
else if (strcmp(entry->d_name, RCN_RESTART_TELNETD) == 0)
{
stop_telnetd();
start_telnetd();
}
#if defined(APP_SSHD)
else if (strcmp(entry->d_name, RCN_RESTART_SSHD) == 0)
{
restart_sshd();
}
#endif
#if defined(APP_SMBD) || defined(APP_NMBD)
else if (strcmp(entry->d_name, RCN_RESTART_NMBD) == 0)
{
restart_nmbd();
}
else if (strcmp(entry->d_name, RCN_RESTART_WINS) == 0)
{
restart_nmbd();
restart_dhcpd();
reload_vpn_server();
}
#endif
else if (strcmp(entry->d_name, RCN_RESTART_LLTD) == 0)
{
restart_lltd();
}
else if (strcmp(entry->d_name, RCN_RESTART_ADSC) == 0)
{
restart_infosvr();
}
else if (strcmp(entry->d_name, RCN_RESTART_VPNSVR) == 0)
{
restart_vpn_server();
}
else if (strcmp(entry->d_name, RCN_RESTART_VPNCLI) == 0)
{
restart_vpn_client();
}
else if (strcmp(entry->d_name, "start_vpn_client") == 0)
{
start_vpn_client();
}
else if (strcmp(entry->d_name, "stop_vpn_client") == 0)
{
stop_vpn_client();
}
else if (strcmp(entry->d_name, RCN_RESTART_DDNS) == 0)
{
stop_ddns();
start_ddns(1);
}
else if (strcmp(entry->d_name, RCN_RESTART_DI) == 0)
{
if (get_ap_mode() || has_wan_ip4(0))
notify_run_detect_internet(2);
}
else if (strcmp(entry->d_name, RCN_RESTART_DHCPD) == 0)
{
if (get_ap_mode())
update_hosts_ap();
restart_dhcpd();
}
else if (strcmp(entry->d_name, RCN_RESTART_UPNP) == 0)
{
restart_upnp();
}
else if (strcmp(entry->d_name, RCN_RESTART_SWITCH_CFG) == 0)
{
config_bridge(get_ap_mode());
switch_config_base();
switch_config_storm();
switch_config_link();
}
else if (strcmp(entry->d_name, RCN_RESTART_SWITCH_VLAN) == 0)
{
notify_reset_detect_link();
switch_config_vlan(0);
}
else if (strcmp(entry->d_name, RCN_RESTART_SYSLOG) == 0)
{
stop_logger();
start_logger(0);
}
else if (strcmp(entry->d_name, RCN_RESTART_WDG) == 0)
{
restart_watchdog_cpu();
}
else if (strcmp(entry->d_name, RCN_RESTART_TWEAKS) == 0)
{
notify_leds_detect_link();
}
else if (strcmp(entry->d_name, "restart_firewall_wan") == 0)
{
restart_firewall();
}
else if (strcmp(entry->d_name, RCN_RESTART_FIREWALL) == 0)
{
reload_nat_modules();
restart_firewall();
}
else if (strcmp(entry->d_name, RCN_RESTART_NTPC) == 0)
{
notify_watchdog_time();
}
else if (strcmp(entry->d_name, RCN_RESTART_TIME) == 0)
{
stop_logger();
set_timezone();
notify_watchdog_time();
notify_rstats_time();
start_logger(0);
}
else if (strcmp(entry->d_name, RCN_RESTART_SYSCTL) == 0)
{
int nf_nat_type = nvram_get_int("nf_nat_type");
restart_all_sysctl();
/* flush conntrack after NAT model changing */
if (nvram_nf_nat_type != nf_nat_type)
{
nvram_nf_nat_type = nf_nat_type;
flush_conntrack_table(NULL);
}
}
else if (!strcmp(entry->d_name, RCN_RESTART_WIFI5))
{
int radio_on = get_enabled_radio_wl();
if (radio_on)
radio_on = is_radio_allowed_wl();
restart_wifi_wl(radio_on, 1);
}
else if (!strcmp(entry->d_name, RCN_RESTART_WIFI2))
{
int radio_on = get_enabled_radio_rt();
if (radio_on)
radio_on = is_radio_allowed_rt();
restart_wifi_rt(radio_on, 1);
}
else if (!strcmp(entry->d_name, "control_wifi_guest_wl"))
{
int guest_on = is_guest_allowed_wl();
control_guest_wl(guest_on, 1);
}
else if (!strcmp(entry->d_name, "control_wifi_guest_rt"))
{
int guest_on = is_guest_allowed_rt();
control_guest_rt(guest_on, 1);
}
else if (!strcmp(entry->d_name, "control_wifi_guest_wl_on"))
{
control_guest_wl(1, 0);
}
else if (!strcmp(entry->d_name, "control_wifi_guest_wl_off"))
{
control_guest_wl(0, 0);
}
else if (!strcmp(entry->d_name, "control_wifi_guest_rt_on"))
{
control_guest_rt(1, 0);
}
else if (!strcmp(entry->d_name, "control_wifi_guest_rt_off"))
{
control_guest_rt(0, 0);
}
else if (!strcmp(entry->d_name, "control_wifi_radio_wl"))
{
int radio_on = get_enabled_radio_wl();
if (radio_on)
radio_on = is_radio_allowed_wl();
control_radio_wl(radio_on, 1);
}
else if (!strcmp(entry->d_name, "control_wifi_radio_rt"))
{
int radio_on = get_enabled_radio_rt();
if (radio_on)
radio_on = is_radio_allowed_rt();
control_radio_rt(radio_on, 1);
}
else if (!strcmp(entry->d_name, "control_wifi_radio_wl_on"))
{
control_radio_wl(1, 0);
}
else if (!strcmp(entry->d_name, "control_wifi_radio_wl_off"))
{
control_radio_wl(0, 0);
}
else if (!strcmp(entry->d_name, "control_wifi_radio_rt_on"))
{
control_radio_rt(1, 0);
}
else if (!strcmp(entry->d_name, "control_wifi_radio_rt_off"))
{
control_radio_rt(0, 0);
}
else if (!strcmp(entry->d_name, "control_wifi_config_wl"))
{
gen_ralink_config_5g(0);
}
else if (!strcmp(entry->d_name, "control_wifi_config_rt"))
{
gen_ralink_config_2g(0);
}
else
{
dbg("WARNING: rc notified of unrecognized event `%s'.\n", entry->d_name);
}
/*
* If there hasn't been another request for the same event made since
* we started, we can safely remove the ``action incomplete'' marker.
* Otherwise, we leave the marker because we'll go through here again
* for this even and mark it complete only after we've completed it
* without getting another request for the same event while handling
* it.
*/
test_fp = fopen(notify_name, "r");
if (test_fp != NULL)
{
fclose(test_fp);
}
else
{
/* Remove the marker file. */
snprintf(notify_name, sizeof(notify_name), "%s/%s", DIR_RC_INCOMPLETE, entry->d_name);
remove(notify_name);
}
if (stop_handle)
break;
}
closedir(directory);
}
static int
openvpn_create_client_conf(const char *conf_file, int is_tun)
{
FILE *fp;
int i, i_prot, i_prot_ori, i_auth, i_atls;
const char *p_peer, *p_prot;
i_auth = nvram_get_int("vpnc_ov_auth");
i_atls = nvram_get_int("vpnc_ov_atls");
for (i=0; i<4; i++) {
if (i_auth == 1 && (i == 1 || i == 2))
continue;
if (!i_atls && (i == 3))
continue;
if (!openvpn_check_key(openvpn_client_keys[i], 0))
return 1;
}
i_prot = nvram_get_int("vpnc_ov_prot");
i_prot_ori = i_prot;
if (i_prot > 1 && get_ipv6_type() == IPV6_DISABLED)
i_prot &= 1;
p_peer = nvram_safe_get("vpnc_peer");
/* note: upcoming openvpn 2.4 will need direct set udp4/tcp4-client for ipv4 only */
#if defined (USE_IPV6)
/* check peer address is direct ipv4/ipv6 */
if (i_prot > 1 && is_valid_ipv4(p_peer))
i_prot &= 1;
else if (i_prot < 2 && is_valid_ipv6(p_peer))
i_prot += 2;
if (i_prot == 3)
p_prot = "tcp6-client";
else if (i_prot == 2)
p_prot = "udp6";
else
#endif
if (i_prot == 1)
p_prot = "tcp-client";
else
p_prot = "udp";
/* fixup ipv4/ipv6 mismatch */
if (i_prot != i_prot_ori)
nvram_set_int("vpnc_ov_prot", i_prot);
fp = fopen(conf_file, "w+");
if (!fp)
return 1;
fprintf(fp, "client\n");
fprintf(fp, "proto %s\n", p_prot);
fprintf(fp, "remote %s %d\n", p_peer, nvram_safe_get_int("vpnc_ov_port", 1194, 1, 65535));
fprintf(fp, "resolv-retry %s\n", "infinite");
fprintf(fp, "nobind\n");
fprintf(fp, "dev %s\n", (is_tun) ? IFNAME_CLIENT_TUN : IFNAME_CLIENT_TAP);
fprintf(fp, "ca %s/%s\n", CLIENT_CERT_DIR, openvpn_client_keys[0]);
if (i_auth == 0) {
fprintf(fp, "cert %s/%s\n", CLIENT_CERT_DIR, openvpn_client_keys[1]);
fprintf(fp, "key %s/%s\n", CLIENT_CERT_DIR, openvpn_client_keys[2]);
}
if (i_atls)
fprintf(fp, "tls-auth %s/%s %d\n", CLIENT_CERT_DIR, openvpn_client_keys[3], 1);
openvpn_add_auth(fp, nvram_get_int("vpnc_ov_mdig"));
openvpn_add_cipher(fp, nvram_get_int("vpnc_ov_ciph"));
openvpn_add_lzo(fp, nvram_get_int("vpnc_ov_clzo"), 0);
if (i_auth == 1) {
fprintf(fp, "auth-user-pass %s\n", "secret");
openvpn_create_client_secret("secret");
}
if (nvram_match("vpnc_dgw", "1"))
fprintf(fp, "redirect-gateway def1 bypass-dhcp\n");
fprintf(fp, "persist-key\n");
fprintf(fp, "script-security %d\n", 2);
fprintf(fp, "writepid %s\n", CLIENT_PID_FILE);
fprintf(fp, "up %s\n", SCRIPT_OVPN_CLIENT);
fprintf(fp, "down %s\n", SCRIPT_OVPN_CLIENT);
fprintf(fp, "\n### User params:\n");
load_user_config(fp, CLIENT_CERT_DIR, "client.conf", forbidden_list);
fclose(fp);
chmod(conf_file, 0644);
return 0;
}
