int reload_radvd(void)
{
FILE *fp;
int ipv6_type, i_dhcp6s_mode, i_adv_per;
char *adv_prefix, *adv_rdnss, *lan_addr6_prefix;
char addr6s[INET6_ADDRSTRLEN], rdns6s[INET6_ADDRSTRLEN], wan_ifname[16] = {0};
ipv6_type = get_ipv6_type();
if (ipv6_type == IPV6_DISABLED)
return 1;
if (is_lan_radv_on() != 1)
return 1;
i_dhcp6s_mode = get_lan_dhcp6s_mode();
i_adv_per = 60;
adv_prefix = "::/64";
adv_rdnss = get_lan_addr6_host(rdns6s);
if (!adv_rdnss)
adv_rdnss = nvram_safe_get("wan0_dns6");
if (ipv6_type == IPV6_6TO4) {
get_wan_ifname(wan_ifname);
sprintf(addr6s, "0:0:0:%d::/%d", 1, 64);
adv_prefix = addr6s;
} else {
lan_addr6_prefix = get_lan_addr6_prefix(addr6s);
if (lan_addr6_prefix)
adv_prefix = lan_addr6_prefix;
}
fp = fopen("/etc/radvd.conf", "w");
if (!fp)
return -1;
fprintf(fp,
"interface %s {\n"
" IgnoreIfMissing on;\n"
" AdvSendAdvert on;\n" // (RA=ON)
" AdvHomeAgentFlag off;\n"
" AdvManagedFlag %s;\n"
" AdvOtherConfigFlag %s;\n"
" AdvDefaultLifetime %d;\n"
" MaxRtrAdvInterval %d;\n",
IFNAME_BR,
(i_dhcp6s_mode > 1) ? "on" : "off", // (M=ON/OFF)
(i_dhcp6s_mode > 0) ? "on" : "off", // (O=ON/OFF)
1800,
i_adv_per
);
fprintf(fp,
" prefix %s {\n"
" AdvOnLink on;\n"
" AdvAutonomous %s;\n",
adv_prefix,
(i_dhcp6s_mode != 2) ? "on" : "off" // (Stateful only)
);
if (ipv6_type == IPV6_6TO4) {
fprintf(fp,
" AdvValidLifetime %d;\n"
" AdvPreferredLifetime %d;\n"
" Base6to4Interface %s;\n",
600,
240,
wan_ifname
);
}
fprintf(fp, " };\n");
if (*adv_rdnss)
fprintf(fp, " RDNSS %s {};\n", adv_rdnss);
fprintf(fp, "};\n");
fclose(fp);
if (pids("radvd"))
return doSystem("killall %s %s", "-SIGHUP", "radvd");
return eval("/usr/sbin/radvd");
}
int
ovpn_server_expcli_main(int argc, char **argv)
{
FILE *fp;
int i, i_prot, i_atls, rsa_bits, days_valid;
const char *p_prot, *wan_addr;
const char *tmp_ovpn_path = "/tmp/export_ovpn";
const char *tmp_ovpn_conf = "/tmp/client.ovpn";
#if defined (USE_IPV6)
char addr6s[INET6_ADDRSTRLEN] = {0};
#endif
if (argc < 2 || strlen(argv[1]) < 1) {
printf("Usage: %s common_name [rsa_bits] [days_valid]\n", argv[0]);
return 1;
}
rsa_bits = 1024;
if (argc > 2 && atoi(argv[2]) >= 1024)
rsa_bits = atoi(argv[2]);
days_valid = 365;
if (argc > 3 && atoi(argv[3]) > 0)
days_valid = atoi(argv[3]);
i_atls = nvram_get_int("vpns_ov_atls");
for (i=0; i<5; i++) {
if (!i_atls && (i == 4))
continue;
if (!openvpn_check_key(openvpn_server_keys[i], 1)) {
printf("Error: server file %s is not found\n", openvpn_server_keys[i]);
return 1;
}
}
/* Generate client cert and key */
doSystem("rm -rf %s", tmp_ovpn_path);
setenv("CRT_PATH_CLI", tmp_ovpn_path, 1);
doSystem("/usr/bin/openvpn-cert.sh %s -n '%s' -b %d -d %d", "client", argv[1], rsa_bits, days_valid);
unsetenv("CRT_PATH_CLI");
i_prot = nvram_get_int("vpns_ov_prot");
if (i_prot > 1 && get_ipv6_type() == IPV6_DISABLED)
i_prot &= 1;
#if defined (USE_IPV6)
if (i_prot == 3)
p_prot = "tcp6-client";
else if (i_prot == 2)
p_prot = "udp6";
else
#endif
if (i_prot == 1)
p_prot = "tcp-client";
else
p_prot = "udp";
wan_addr = get_ddns_fqdn();
if (!wan_addr) {
#if defined (USE_IPV6)
if (i_prot > 1) {
wan_addr = get_wan_addr6_host(addr6s);
if (!wan_addr)
wan_addr = get_lan_addr6_host(addr6s);
} else
#endif
{
wan_addr = get_wan_unit_value(0, "ipaddr");
if (!is_valid_ipv4(wan_addr))
wan_addr = NULL;
}
}
if (!wan_addr)
wan_addr = "{wan_address}";
fp = fopen(tmp_ovpn_conf, "w+");
if (!fp) {
doSystem("rm -rf %s", tmp_ovpn_path);
printf("Error: unable to create file %s\n", tmp_ovpn_conf);
return 1;
}
fprintf(fp, "client\n");
fprintf(fp, "dev %s\n", (nvram_get_int("vpns_ov_mode") == 1) ? "tun" : "tap");
fprintf(fp, "proto %s\n", p_prot);
fprintf(fp, "remote %s %d\n", wan_addr, nvram_safe_get_int("vpns_ov_port", 1194, 1, 65535));
fprintf(fp, "resolv-retry %s\n", "infinite");
fprintf(fp, ";float\n");
fprintf(fp, "nobind\n");
fprintf(fp, "persist-key\n");
fprintf(fp, "persist-tun\n");
openvpn_add_auth(fp, nvram_get_int("vpns_ov_mdig"));
openvpn_add_cipher(fp, nvram_get_int("vpns_ov_ciph"));
openvpn_add_lzo(fp, nvram_get_int("vpns_ov_clzo"), 0);
fprintf(fp, "nice %d\n", 0);
fprintf(fp, "verb %d\n", 3);
fprintf(fp, "mute %d\n", 10);
fprintf(fp, ";ns-cert-type %s\n", "server");
openvpn_add_key(fp, SERVER_CERT_DIR, openvpn_server_keys[0], "ca");
openvpn_add_key(fp, tmp_ovpn_path, openvpn_client_keys[1], "cert");
openvpn_add_key(fp, tmp_ovpn_path, openvpn_client_keys[2], "key");
if (i_atls) {
openvpn_add_key(fp, SERVER_CERT_DIR, openvpn_server_keys[4], "tls-auth");
fprintf(fp, "key-direction %d\n", 1);
}
fclose(fp);
doSystem("rm -rf %s", tmp_ovpn_path);
doSystem("unix2dos %s", tmp_ovpn_conf);
chmod(tmp_ovpn_conf, 0600);
return 0;
}
