void restart_lfp()
{
char v[32];
char tmp[32];
tcapi_get("Lan_Entry0", "IP", tmp);
// if(nvram_get_int("lfp_disable")==0) {
if(tcapi_get_int("GUITemp_Entry1", "lfp_disable")==0) {
// sprintf(v, "%x", inet_addr(nvram_safe_get("lan_ipaddr")));
sprintf(v, "%x", inet_addr(tmp));
f_write_string("/proc/net/lfpctrl", v, 0, 0);
}
else {
f_write_string("/proc/net/lfpctrl", "", 0, 0);
}
}
void start_pptpd(void)
{
int ret = 0, manual_dns = 0, pptpd_opt = 0;
FILE *fp;
char buf[MAXLEN_TCAPI_MSG];
char lan_ipaddr[16] = {0};
int pid = getpid();
_dprintf("start_pptpd: getpid= %d\n", pid);
//if(getpid() != 1) {
//notify_rc("start_pptpd");
//return;
//}
if (!tcapi_match(VPN_DATA, "pptpd_enable", "1")) {
return;
}
// cprintf("stop vpn modules\n");
// stop_vpn_modules ();
// Create directory for use by pptpd daemon and its supporting files
mkdir("/tmp/pptpd", 0744);
cprintf("open options file\n");
// Create options file that will be unique to pptpd to avoid interference
// with pppoe and pptp
fp = fopen("/tmp/pptpd/options.pptpd", "w");
fprintf(fp, "logfile /var/log/pptpd-pppd.log\n");
//fprintf(fp, "debug dump logfd 2 nodetach\n");
if (tcapi_match(VPN_DATA, "pptpd_radius", "1"))
fprintf(fp, "plugin radius.so\nplugin radattr.so\n"
"radius-config-file /tmp/pptpd/radius/radiusclient.conf\n");
//cprintf("check if wan_wins = zero\n");
//int nowins = 0;
//if (nvram_match("wan_wins", "0.0.0.0")) {
//nvram_set("wan_wins", "");
//nowins = 1;
//}
//if (strlen(nvram_safe_get("wan_wins")) == 0)
//nowins = 1;
cprintf("write config\n");
fprintf(fp, "lock\n"
"name *\n"
"proxyarp\n"
// "ipcp-accept-local\n"
// "ipcp-accept-remote\n"
"lcp-echo-failure 10\n"
"lcp-echo-interval 6\n"
"deflate 0\n" "auth\n" "-chap\n"
"nomppe-stateful\n");
pptpd_opt = tcapi_get_int(VPN_DATA, "pptpd_chap");
fprintf(fp, "%smschap\n", (pptpd_opt == 0 || pptpd_opt & 1) ? "+" : "-");
fprintf(fp, "%smschap-v2\n", (pptpd_opt == 0 || pptpd_opt & 2) ? "+" : "-");
pptpd_opt = tcapi_get_int(VPN_DATA, "pptpd_mppe");
if (pptpd_opt == 0)
pptpd_opt = 1 | 4 | 8;
if (pptpd_opt & (1 | 2 | 4)) {
fprintf(fp, "%s", (pptpd_opt & 8) ? "" : "require-mppe\n");
fprintf(fp, "%smppe-128\n", (pptpd_opt & 1) ? "require-" : "no");
//fprintf(fp, "%smppe-56\n", (pptpd_opt & 2) ? "require-" : "no");
fprintf(fp, "%smppe-40\n", (pptpd_opt & 4) ? "require-" : "no");
} else
fprintf(fp, "nomppe nomppc\n");
fprintf(fp, "ms-ignore-domain\n"
"chap-secrets /tmp/pptpd/chap-secrets\n"
"ip-up-script /tmp/pptpd/ip-up\n"
"ip-down-script /tmp/pptpd/ip-down\n"
"mtu %d\n" "mru %d\n",
tcapi_get_int(VPN_DATA, "pptpd_mtu"),
tcapi_get_int(VPN_DATA, "pptpd_mru"));
//WINS Server
//if (!nowins) {
//fprintf(fp, "ms-wins %s\n", nvram_safe_get("wan_wins"));
//}
memset(buf, 0, sizeof(buf));
tcapi_get(VPN_DATA, "pptpd_wins1", buf);
if(strlen(buf)) {
fprintf(fp, "ms-wins %s\n", buf);
}
memset(buf, 0, sizeof(buf));
tcapi_get(VPN_DATA, "pptpd_wins2", buf);
if(strlen(buf)) {
fprintf(fp, "ms-wins %s\n", buf);
}
//DNS Server
memset(buf, 0, sizeof(buf));
tcapi_get(VPN_DATA, "pptpd_dns1", buf);
if(strlen(buf)) {
fprintf(fp, "ms-dns %s\n", buf);
manual_dns=1;
}
memset(buf, 0, sizeof(buf));
tcapi_get(VPN_DATA, "pptpd_dns2", buf);
if(strlen(buf)) {
fprintf(fp, "ms-dns %s\n", buf);
manual_dns=1;
}
tcapi_get("Lan_Entry0", "IP", lan_ipaddr);
if(!manual_dns && strcmp(lan_ipaddr, ""))
fprintf(fp, "ms-dns %s\n", lan_ipaddr);
// force ppp interface starting from 20
fprintf(fp, "minunit 20\n");
// Following is all crude and need to be revisited once testing confirms
// that it does work
// Should be enough for testing..
if (tcapi_match(VPN_DATA, "pptpd_radius", "1")) {
char pptpd_radserver[128] = {0};
char pptpd_radpass[128] = {0};
char pptpd_radport[128] = {0};
char pptpd_acctport[128] = {0};
if (tcapi_get(VPN_DATA, "pptpd_radserver", pptpd_radserver) == TCAPI_PROCESS_OK
&& tcapi_get(VPN_DATA, "pptpd_radpass", pptpd_radpass) == TCAPI_PROCESS_OK) {
fclose(fp);
mkdir("/tmp/pptpd/radius", 0744);
if (tcapi_get(VPN_DATA, "pptpd_radport", pptpd_radport) != TCAPI_PROCESS_OK)
strcpy(pptpd_radport, "radius");
fp = fopen("/tmp/pptpd/radius/radiusclient.conf", "w");
fprintf(fp, "auth_order radius\n"
"login_tries 4\n"
"login_timeout 60\n"
"radius_timeout 10\n"
"nologin /etc/nologin\n"
"servers /tmp/pptpd/radius/servers\n"
"dictionary /etc/dictionary\n"
"seqfile /var/run/radius.seq\n"
"mapfile /etc/port-id-map\n"
"radius_retries 3\n"
"authserver %s:%s\n",
pptpd_radserver, pptpd_radport);
if (tcapi_get(VPN_DATA, "pptpd_acctport", pptpd_acctport) != TCAPI_PROCESS_OK)
strcpy(pptpd_acctport, "radacct");
fprintf(fp, "acctserver %s:%s\n", pptpd_radserver, pptpd_acctport);
fclose(fp);
fp = fopen("/tmp/pptpd/radius/servers", "w");
fprintf(fp, "%s\t%s\n", pptpd_radserver, pptpd_radpass);
fclose(fp);
} else
fclose(fp);
} else
fclose(fp);
// Create pptpd.conf options file for pptpd daemon
fp = fopen("/tmp/pptpd/pptpd.conf", "w");
memset(buf, 0, sizeof(buf));
fprintf(fp, "bcrelay %s\n", tcapi_get_string(VPN_DATA, "pptpd_broadcast", buf));
memset(buf, 0, sizeof(buf));
fprintf(fp, "localip %s\n"
"remoteip %s\n", lan_ipaddr,
tcapi_get_string(VPN_DATA, "pptpd_clients", buf));
fclose(fp);
// Create ip-up and ip-down scripts that are unique to pptpd to avoid
// interference with pppoe and pptp
/*
* adjust for tunneling overhead (mtu - 40 byte IP - 108 byte tunnel
* overhead)
*/
//if (nvram_match("mtu_enable", "1"))
//mss = atoi(nvram_safe_get("wan_mtu")) - 40 - 108;
//else
//mss = 1500 - 40 - 108;
char bcast[32];
strcpy(bcast, lan_ipaddr);
memset(buf, 0, sizeof(buf));
get_broadcast(bcast, tcapi_get_string("Lan_Entry0", "netmask", buf));
memset(buf, 0, sizeof(buf));
tcapi_get(VPN_DATA, "pptpd_ipup_script", buf);
fp = fopen("/tmp/pptpd/ip-up", "w");
fprintf(fp, "#!/bin/sh\n" "startservice set_routes\n" // reinitialize
"echo $PPPD_PID $1 $5 $6 $PEERNAME >> /tmp/pptp_connected\n"
"iptables -I FORWARD -i $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu\n"
"iptables -I INPUT -i $1 -j ACCEPT\n" "iptables -I FORWARD -i $1 -j ACCEPT\n"
"iptables -t nat -I PREROUTING -i $1 -p udp -m udp --sport 9 -j DNAT --to-destination %s " // rule for wake on lan over pptp tunnel
"%s\n", bcast, buf);
fclose(fp);
memset(buf, 0, sizeof(buf));
tcapi_get(VPN_DATA, "pptpd_ipdown_script", buf);
fp = fopen("/tmp/pptpd/ip-down", "w");
fprintf(fp, "#!/bin/sh\n" "grep -v $1 /tmp/pptp_connected > /tmp/pptp_connected.new\n"
"mv /tmp/pptp_connected.new /tmp/pptp_connected\n"
"iptables -D FORWARD -i $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu\n"
"iptables -D INPUT -i $1 -j ACCEPT\n"
"iptables -D FORWARD -i $1 -j ACCEPT\n"
"iptables -t nat -D PREROUTING -i $1 -p udp -m udp --sport 9 -j DNAT --to-destination %s " // rule for wake on lan over pptp tunnel
"%s\n", bcast, buf);
fclose(fp);
chmod("/tmp/pptpd/ip-up", 0744);
chmod("/tmp/pptpd/ip-down", 0744);
// Exctract chap-secrets from nvram
write_chap_secret("/tmp/pptpd/chap-secrets");
chmod("/tmp/pptpd/chap-secrets", 0600);
// Execute pptpd daemon
ret =
eval("pptpd", "-c", "/tmp/pptpd/pptpd.conf", "-o",
"/tmp/pptpd/options.pptpd");
_dprintf("start_pptpd: ret= %d\n", ret);
//dd_syslog(LOG_INFO, "pptpd : pptp daemon successfully started\n");
return;
}