void restart_openvpn_server(void) { /* Note: SIGHUP is buggy with server drop privilegies */ stop_openvpn_server(); unlink(VPN_SERVER_LEASE_FILE); start_openvpn_server(); }
int start_vpn_server(void) { FILE *fp; int i, i_type, i_vuse, i_cli0, i_cli1; char *vpns_cfg, *vpns_sec, *lanip; struct in_addr pool_in; unsigned int laddr, lmask, lsnet; if (nvram_invmatch("vpns_enable", "1") || get_ap_mode()) return 0; unlink(VPN_SERVER_LEASE_FILE); i_type = nvram_get_int("vpns_type"); #if defined(APP_OPENVPN) if (i_type == 2) return start_openvpn_server(); #endif vpns_cfg = "/etc/pptpd.conf"; vpns_sec = "/tmp/ppp/chap-secrets"; mkdir("/tmp/ppp", 0777); symlink("/sbin/rc", VPNS_PPP_UP_SCRIPT); symlink("/sbin/rc", VPNS_PPP_DW_SCRIPT); i_vuse = nvram_get_int("vpns_vuse"); lanip = nvram_safe_get("lan_ipaddr"); if (i_vuse == 0) { laddr = ntohl(inet_addr(lanip)); lmask = ntohl(inet_addr(nvram_safe_get("lan_netmask"))); lsnet = (~lmask) - 1; i_cli0 = nvram_safe_get_int("vpns_cli0", 245, 1, 254); i_cli1 = nvram_safe_get_int("vpns_cli1", 254, 2, 254); if (i_cli0 >= (int)lsnet) i_cli0 = (int)(lsnet - 1); if (i_cli1 > (int)lsnet) i_cli1 = (int)lsnet; if (i_cli1 <= i_cli0) i_cli1 = i_cli0 + 1; laddr = (laddr & lmask) | (unsigned int)i_cli0; i_cli0 += 1; } else { laddr = ntohl(inet_addr(nvram_safe_get("vpns_vnet"))); lmask = ntohl(inet_addr(VPN_SERVER_SUBNET_MASK)); laddr = (laddr & lmask) | 1; i_cli0 = 2; i_cli1 = i_cli0 + MAX_CLIENTS_NUM - 1; } if (i_type != 1) { if (!(fp = fopen(vpns_cfg, "w"))) return -1; fprintf(fp, "option %s\n", VPN_SERVER_PPPD_OPTIONS); fprintf(fp, "connections %d\n", MAX_CLIENTS_NUM); pool_in.s_addr = htonl(laddr); fprintf(fp, "localip %s\n", inet_ntoa(pool_in)); pool_in.s_addr = htonl((laddr & lmask) | (unsigned int)i_cli0); fprintf(fp, "remoteip %s-%d\n", inet_ntoa(pool_in), i_cli1); fclose(fp); chmod(vpns_cfg, 0644); } create_vpns_pppd_options(i_type); /* create /tmp/ppp/chap-secrets */ fp = fopen(vpns_sec, "w+"); if (fp) { char *acl_user, *acl_pass; char acl_user_var[32], acl_pass_var[32], acl_addr_var[32]; int i_cli2; int i_max = nvram_get_int("vpns_num_x"); if (i_max > MAX_CLIENTS_NUM) i_max = MAX_CLIENTS_NUM; for (i = 0; i < i_max; i++) { sprintf(acl_user_var, "vpns_user_x%d", i); sprintf(acl_pass_var, "vpns_pass_x%d", i); acl_user = nvram_safe_get(acl_user_var); acl_pass = nvram_safe_get(acl_pass_var); if (*acl_user && *acl_pass) { sprintf(acl_addr_var, "vpns_addr_x%d", i); i_cli2 = nvram_get_int(acl_addr_var); if (i_cli2 >= i_cli0 && i_cli2 <= i_cli1 ) { pool_in.s_addr = htonl((laddr & lmask) | (unsigned int)i_cli2); strcpy(acl_addr_var, inet_ntoa(pool_in)); } else strcpy(acl_addr_var, "*"); fprintf(fp, "\"%s\" * \"%s\" %s\n", acl_user, acl_pass, acl_addr_var); } } fclose(fp); chmod(vpns_sec, 0600); } if (i_type == 1) { nvram_set_int_temp("l2tp_srv_t", 1); safe_start_xl2tpd(); } else { nvram_set_int_temp("l2tp_srv_t", 0); /* execute pptpd daemon */ return eval("/usr/sbin/pptpd", "-c", vpns_cfg); } return 0; }