int reload_radvd(void) { FILE *fp; int ipv6_type, i_dhcp6s_mode, i_adv_per; char *adv_prefix, *adv_rdnss, *lan_addr6_prefix; char addr6s[INET6_ADDRSTRLEN], rdns6s[INET6_ADDRSTRLEN], wan_ifname[16] = {0}; ipv6_type = get_ipv6_type(); if (ipv6_type == IPV6_DISABLED) return 1; if (is_lan_radv_on() != 1) return 1; i_dhcp6s_mode = get_lan_dhcp6s_mode(); i_adv_per = 60; adv_prefix = "::/64"; adv_rdnss = get_lan_addr6_host(rdns6s); if (!adv_rdnss) adv_rdnss = nvram_safe_get("wan0_dns6"); if (ipv6_type == IPV6_6TO4) { get_wan_ifname(wan_ifname); sprintf(addr6s, "0:0:0:%d::/%d", 1, 64); adv_prefix = addr6s; } else { lan_addr6_prefix = get_lan_addr6_prefix(addr6s); if (lan_addr6_prefix) adv_prefix = lan_addr6_prefix; } fp = fopen("/etc/radvd.conf", "w"); if (!fp) return -1; fprintf(fp, "interface %s {\n" " IgnoreIfMissing on;\n" " AdvSendAdvert on;\n" // (RA=ON) " AdvHomeAgentFlag off;\n" " AdvManagedFlag %s;\n" " AdvOtherConfigFlag %s;\n" " AdvDefaultLifetime %d;\n" " MaxRtrAdvInterval %d;\n", IFNAME_BR, (i_dhcp6s_mode > 1) ? "on" : "off", // (M=ON/OFF) (i_dhcp6s_mode > 0) ? "on" : "off", // (O=ON/OFF) 1800, i_adv_per ); fprintf(fp, " prefix %s {\n" " AdvOnLink on;\n" " AdvAutonomous %s;\n", adv_prefix, (i_dhcp6s_mode != 2) ? "on" : "off" // (Stateful only) ); if (ipv6_type == IPV6_6TO4) { fprintf(fp, " AdvValidLifetime %d;\n" " AdvPreferredLifetime %d;\n" " Base6to4Interface %s;\n", 600, 240, wan_ifname ); } fprintf(fp, " };\n"); if (*adv_rdnss) fprintf(fp, " RDNSS %s {};\n", adv_rdnss); fprintf(fp, "};\n"); fclose(fp); if (pids("radvd")) return doSystem("killall %s %s", "-SIGHUP", "radvd"); return eval("/usr/sbin/radvd"); }
int ovpn_server_expcli_main(int argc, char **argv) { FILE *fp; int i, i_prot, i_atls, rsa_bits, days_valid; const char *p_prot, *wan_addr; const char *tmp_ovpn_path = "/tmp/export_ovpn"; const char *tmp_ovpn_conf = "/tmp/client.ovpn"; #if defined (USE_IPV6) char addr6s[INET6_ADDRSTRLEN] = {0}; #endif if (argc < 2 || strlen(argv[1]) < 1) { printf("Usage: %s common_name [rsa_bits] [days_valid]\n", argv[0]); return 1; } rsa_bits = 1024; if (argc > 2 && atoi(argv[2]) >= 1024) rsa_bits = atoi(argv[2]); days_valid = 365; if (argc > 3 && atoi(argv[3]) > 0) days_valid = atoi(argv[3]); i_atls = nvram_get_int("vpns_ov_atls"); for (i=0; i<5; i++) { if (!i_atls && (i == 4)) continue; if (!openvpn_check_key(openvpn_server_keys[i], 1)) { printf("Error: server file %s is not found\n", openvpn_server_keys[i]); return 1; } } /* Generate client cert and key */ doSystem("rm -rf %s", tmp_ovpn_path); setenv("CRT_PATH_CLI", tmp_ovpn_path, 1); doSystem("/usr/bin/openvpn-cert.sh %s -n '%s' -b %d -d %d", "client", argv[1], rsa_bits, days_valid); unsetenv("CRT_PATH_CLI"); i_prot = nvram_get_int("vpns_ov_prot"); if (i_prot > 1 && get_ipv6_type() == IPV6_DISABLED) i_prot &= 1; #if defined (USE_IPV6) if (i_prot == 3) p_prot = "tcp6-client"; else if (i_prot == 2) p_prot = "udp6"; else #endif if (i_prot == 1) p_prot = "tcp-client"; else p_prot = "udp"; wan_addr = get_ddns_fqdn(); if (!wan_addr) { #if defined (USE_IPV6) if (i_prot > 1) { wan_addr = get_wan_addr6_host(addr6s); if (!wan_addr) wan_addr = get_lan_addr6_host(addr6s); } else #endif { wan_addr = get_wan_unit_value(0, "ipaddr"); if (!is_valid_ipv4(wan_addr)) wan_addr = NULL; } } if (!wan_addr) wan_addr = "{wan_address}"; fp = fopen(tmp_ovpn_conf, "w+"); if (!fp) { doSystem("rm -rf %s", tmp_ovpn_path); printf("Error: unable to create file %s\n", tmp_ovpn_conf); return 1; } fprintf(fp, "client\n"); fprintf(fp, "dev %s\n", (nvram_get_int("vpns_ov_mode") == 1) ? "tun" : "tap"); fprintf(fp, "proto %s\n", p_prot); fprintf(fp, "remote %s %d\n", wan_addr, nvram_safe_get_int("vpns_ov_port", 1194, 1, 65535)); fprintf(fp, "resolv-retry %s\n", "infinite"); fprintf(fp, ";float\n"); fprintf(fp, "nobind\n"); fprintf(fp, "persist-key\n"); fprintf(fp, "persist-tun\n"); openvpn_add_auth(fp, nvram_get_int("vpns_ov_mdig")); openvpn_add_cipher(fp, nvram_get_int("vpns_ov_ciph")); openvpn_add_lzo(fp, nvram_get_int("vpns_ov_clzo"), 0); fprintf(fp, "nice %d\n", 0); fprintf(fp, "verb %d\n", 3); fprintf(fp, "mute %d\n", 10); fprintf(fp, ";ns-cert-type %s\n", "server"); openvpn_add_key(fp, SERVER_CERT_DIR, openvpn_server_keys[0], "ca"); openvpn_add_key(fp, tmp_ovpn_path, openvpn_client_keys[1], "cert"); openvpn_add_key(fp, tmp_ovpn_path, openvpn_client_keys[2], "key"); if (i_atls) { openvpn_add_key(fp, SERVER_CERT_DIR, openvpn_server_keys[4], "tls-auth"); fprintf(fp, "key-direction %d\n", 1); } fclose(fp); doSystem("rm -rf %s", tmp_ovpn_path); doSystem("unix2dos %s", tmp_ovpn_conf); chmod(tmp_ovpn_conf, 0600); return 0; }