Esempio n. 1
0
void restart_lfp()
{
	char v[32];
	char tmp[32];

	tcapi_get("Lan_Entry0", "IP", tmp);
	// if(nvram_get_int("lfp_disable")==0) {
	if(tcapi_get_int("GUITemp_Entry1", "lfp_disable")==0) {
		// sprintf(v, "%x", inet_addr(nvram_safe_get("lan_ipaddr")));
		sprintf(v, "%x", inet_addr(tmp));
		f_write_string("/proc/net/lfpctrl", v, 0, 0);
	}
	else {
		f_write_string("/proc/net/lfpctrl", "", 0, 0);
	}
}
Esempio n. 2
0
void start_pptpd(void)
{
	int ret = 0, manual_dns = 0, pptpd_opt = 0;
	FILE *fp;
	char buf[MAXLEN_TCAPI_MSG];
	char lan_ipaddr[16] = {0};

	int pid = getpid();
	_dprintf("start_pptpd: getpid= %d\n", pid);

	//if(getpid() != 1) {
		//notify_rc("start_pptpd");
		//return;
	//}

	if (!tcapi_match(VPN_DATA, "pptpd_enable", "1")) {
		return;
	}
	// cprintf("stop vpn modules\n");
	// stop_vpn_modules ();

	// Create directory for use by pptpd daemon and its supporting files
	mkdir("/tmp/pptpd", 0744);
	cprintf("open options file\n");
	// Create options file that will be unique to pptpd to avoid interference
	// with pppoe and pptp
	fp = fopen("/tmp/pptpd/options.pptpd", "w");
	fprintf(fp, "logfile /var/log/pptpd-pppd.log\n");
	//fprintf(fp, "debug dump logfd 2 nodetach\n");
	if (tcapi_match(VPN_DATA, "pptpd_radius", "1"))
		fprintf(fp, "plugin radius.so\nplugin radattr.so\n"
			"radius-config-file /tmp/pptpd/radius/radiusclient.conf\n");

	//cprintf("check if wan_wins = zero\n");
	//int nowins = 0;

	//if (nvram_match("wan_wins", "0.0.0.0")) {
		//nvram_set("wan_wins", "");
		//nowins = 1;
	//}
	//if (strlen(nvram_safe_get("wan_wins")) == 0)
		//nowins = 1;

	cprintf("write config\n");
	fprintf(fp, "lock\n"
		"name *\n"
		"proxyarp\n"
//		"ipcp-accept-local\n"
//		"ipcp-accept-remote\n"
		"lcp-echo-failure 10\n"
		"lcp-echo-interval 6\n"
		"deflate 0\n" "auth\n" "-chap\n"
		"nomppe-stateful\n");

	pptpd_opt = tcapi_get_int(VPN_DATA, "pptpd_chap");
	fprintf(fp, "%smschap\n", (pptpd_opt == 0 || pptpd_opt & 1) ? "+" : "-");
	fprintf(fp, "%smschap-v2\n", (pptpd_opt == 0 || pptpd_opt & 2) ? "+" : "-");

	pptpd_opt = tcapi_get_int(VPN_DATA, "pptpd_mppe");
	if (pptpd_opt == 0)
		pptpd_opt = 1 | 4 | 8;
	if (pptpd_opt & (1 | 2 | 4)) {
		fprintf(fp, "%s", (pptpd_opt & 8) ? "" : "require-mppe\n");
  		fprintf(fp, "%smppe-128\n", (pptpd_opt & 1) ? "require-" : "no");
  		//fprintf(fp, "%smppe-56\n", (pptpd_opt & 2) ? "require-" : "no");
  		fprintf(fp, "%smppe-40\n", (pptpd_opt & 4) ? "require-" : "no");
	} else
  		fprintf(fp, "nomppe nomppc\n");

	fprintf(fp, "ms-ignore-domain\n"
		"chap-secrets /tmp/pptpd/chap-secrets\n"
		"ip-up-script /tmp/pptpd/ip-up\n"
		"ip-down-script /tmp/pptpd/ip-down\n"
		"mtu %d\n" "mru %d\n",
		tcapi_get_int(VPN_DATA, "pptpd_mtu"),
		tcapi_get_int(VPN_DATA, "pptpd_mru"));

	//WINS Server
	//if (!nowins) {
		//fprintf(fp, "ms-wins %s\n", nvram_safe_get("wan_wins"));
	//}
	memset(buf, 0, sizeof(buf));
	tcapi_get(VPN_DATA, "pptpd_wins1", buf);
	if(strlen(buf)) {
		fprintf(fp, "ms-wins %s\n", buf);
	}
	memset(buf, 0, sizeof(buf));
	tcapi_get(VPN_DATA, "pptpd_wins2", buf);
	if(strlen(buf)) {
		fprintf(fp, "ms-wins %s\n", buf);
	}
	//DNS Server
	memset(buf, 0, sizeof(buf));
	tcapi_get(VPN_DATA, "pptpd_dns1", buf);
	if(strlen(buf)) {
		fprintf(fp, "ms-dns %s\n", buf);
		manual_dns=1;
	}
	memset(buf, 0, sizeof(buf));
	tcapi_get(VPN_DATA, "pptpd_dns2", buf);
	if(strlen(buf)) {
		fprintf(fp, "ms-dns %s\n", buf);
		manual_dns=1;
	}
	tcapi_get("Lan_Entry0", "IP", lan_ipaddr);
	if(!manual_dns && strcmp(lan_ipaddr, ""))
		fprintf(fp, "ms-dns %s\n", lan_ipaddr);

	// force ppp interface starting from 20
	fprintf(fp, "minunit 20\n");

	// Following is all crude and need to be revisited once testing confirms
	// that it does work
	// Should be enough for testing..
	if (tcapi_match(VPN_DATA, "pptpd_radius", "1")) {
		char pptpd_radserver[128] = {0};
		char pptpd_radpass[128] = {0};
		char pptpd_radport[128] = {0};
		char pptpd_acctport[128] = {0};

		if (tcapi_get(VPN_DATA, "pptpd_radserver", pptpd_radserver) == TCAPI_PROCESS_OK
			&& tcapi_get(VPN_DATA, "pptpd_radpass", pptpd_radpass) == TCAPI_PROCESS_OK) {

			fclose(fp);

			mkdir("/tmp/pptpd/radius", 0744);

			if (tcapi_get(VPN_DATA, "pptpd_radport", pptpd_radport) != TCAPI_PROCESS_OK)
				strcpy(pptpd_radport, "radius");

			fp = fopen("/tmp/pptpd/radius/radiusclient.conf", "w");
			fprintf(fp, "auth_order radius\n"
				"login_tries 4\n"
				"login_timeout 60\n"
				"radius_timeout 10\n"
				"nologin /etc/nologin\n"
				"servers /tmp/pptpd/radius/servers\n"
				"dictionary /etc/dictionary\n"
				"seqfile /var/run/radius.seq\n"
				"mapfile /etc/port-id-map\n"
				"radius_retries 3\n"
				"authserver %s:%s\n",
				pptpd_radserver, pptpd_radport);

			if (tcapi_get(VPN_DATA, "pptpd_acctport", pptpd_acctport) != TCAPI_PROCESS_OK)
				strcpy(pptpd_acctport, "radacct");

			fprintf(fp, "acctserver %s:%s\n", pptpd_radserver, pptpd_acctport);
			fclose(fp);

			fp = fopen("/tmp/pptpd/radius/servers", "w");
			fprintf(fp, "%s\t%s\n", pptpd_radserver, pptpd_radpass);
			fclose(fp);

		} else
			fclose(fp);
	} else
		fclose(fp);

	// Create pptpd.conf options file for pptpd daemon
	fp = fopen("/tmp/pptpd/pptpd.conf", "w");
	memset(buf, 0, sizeof(buf));
	fprintf(fp, "bcrelay %s\n", tcapi_get_string(VPN_DATA, "pptpd_broadcast", buf));
	memset(buf, 0, sizeof(buf));
	fprintf(fp, "localip %s\n"
		"remoteip %s\n", lan_ipaddr,
		tcapi_get_string(VPN_DATA, "pptpd_clients", buf));
	fclose(fp);

	// Create ip-up and ip-down scripts that are unique to pptpd to avoid
	// interference with pppoe and pptp
	/*
	 * adjust for tunneling overhead (mtu - 40 byte IP - 108 byte tunnel
	 * overhead)
	 */
	//if (nvram_match("mtu_enable", "1"))
		//mss = atoi(nvram_safe_get("wan_mtu")) - 40 - 108;
	//else
		//mss = 1500 - 40 - 108;
	char bcast[32];

	strcpy(bcast, lan_ipaddr);
	memset(buf, 0, sizeof(buf));
	get_broadcast(bcast, tcapi_get_string("Lan_Entry0", "netmask", buf));

	memset(buf, 0, sizeof(buf));
	tcapi_get(VPN_DATA, "pptpd_ipup_script", buf);
	fp = fopen("/tmp/pptpd/ip-up", "w");
	fprintf(fp, "#!/bin/sh\n" "startservice set_routes\n"	// reinitialize
		"echo $PPPD_PID $1 $5 $6 $PEERNAME >> /tmp/pptp_connected\n"
		"iptables -I FORWARD -i $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu\n"
		"iptables -I INPUT -i $1 -j ACCEPT\n" "iptables -I FORWARD -i $1 -j ACCEPT\n"
		"iptables -t nat -I PREROUTING -i $1 -p udp -m udp --sport 9 -j DNAT --to-destination %s "	// rule for wake on lan over pptp tunnel
		"%s\n", bcast, buf);
	fclose(fp);
	memset(buf, 0, sizeof(buf));
	tcapi_get(VPN_DATA, "pptpd_ipdown_script", buf);
	fp = fopen("/tmp/pptpd/ip-down", "w");
	fprintf(fp, "#!/bin/sh\n" "grep -v $1  /tmp/pptp_connected > /tmp/pptp_connected.new\n"
		"mv /tmp/pptp_connected.new /tmp/pptp_connected\n"
		"iptables -D FORWARD -i $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu\n"
		"iptables -D INPUT -i $1 -j ACCEPT\n"
		"iptables -D FORWARD -i $1 -j ACCEPT\n"
		"iptables -t nat -D PREROUTING -i $1 -p udp -m udp --sport 9 -j DNAT --to-destination %s "	// rule for wake on lan over pptp tunnel
		"%s\n", bcast, buf);
	fclose(fp);
	chmod("/tmp/pptpd/ip-up", 0744);
	chmod("/tmp/pptpd/ip-down", 0744);

	// Exctract chap-secrets from nvram
	write_chap_secret("/tmp/pptpd/chap-secrets");

	chmod("/tmp/pptpd/chap-secrets", 0600);

	// Execute pptpd daemon
	ret =
	    eval("pptpd", "-c", "/tmp/pptpd/pptpd.conf", "-o",
		 "/tmp/pptpd/options.pptpd");

	_dprintf("start_pptpd: ret= %d\n", ret);
	//dd_syslog(LOG_INFO, "pptpd : pptp daemon successfully started\n");
	return;
}