diff options
author | Jim P <jim@pingle.org> | 2012-09-05 05:20:48 -0700 |
---|---|---|
committer | Jim P <jim@pingle.org> | 2012-09-05 05:20:48 -0700 |
commit | 764bf83b5ad5e6c52e8f26ab4b980fc6fbd800b8 (patch) | |
tree | a1e77495447fbbf15e78a10d63605e90adc72c2b /config | |
parent | 3805bb193ee4af9afbd1c29a327021ef11dd31ed (diff) | |
parent | dd7f44bca1cab52627b02739c677d5d40b5c812d (diff) | |
download | pfsense-packages-764bf83b5ad5e6c52e8f26ab4b980fc6fbd800b8.tar.gz pfsense-packages-764bf83b5ad5e6c52e8f26ab4b980fc6fbd800b8.tar.bz2 pfsense-packages-764bf83b5ad5e6c52e8f26ab4b980fc6fbd800b8.zip |
Merge pull request #319 from apnar/master
Auto add and remove interface group for tinc VPN interfaces
Diffstat (limited to 'config')
-rw-r--r-- | config/tinc/pkg_tinc.inc | 11 | ||||
-rw-r--r-- | config/tinc/status_tinc.php | 56 | ||||
-rw-r--r-- | config/tinc/tinc.inc | 109 | ||||
-rw-r--r-- | config/tinc/tinc.xml | 10 | ||||
-rw-r--r-- | config/tinc/tinc_config.xml | 2 |
5 files changed, 120 insertions, 68 deletions
diff --git a/config/tinc/pkg_tinc.inc b/config/tinc/pkg_tinc.inc new file mode 100644 index 00000000..b5b223b0 --- /dev/null +++ b/config/tinc/pkg_tinc.inc @@ -0,0 +1,11 @@ +<?php + +global $shortcuts; + +$shortcuts['tinc'] = array(); +$shortcuts['tinc']['main'] = "pkg_edit.php?xml=tinc_config.xml"; +$shortcuts['tinc']['status'] = "status_tinc.php"; +$shortcuts['tinc']['log'] = "diag_pkglogs.php?pkg=tinc"; +$shortcuts['tinc']['service'] = "tinc"; + +?> diff --git a/config/tinc/status_tinc.php b/config/tinc/status_tinc.php index 17b8e48c..725ccce6 100644 --- a/config/tinc/status_tinc.php +++ b/config/tinc/status_tinc.php @@ -2,23 +2,69 @@ $pgtitle = array(gettext("Status"), "tinc"); require("guiconfig.inc"); -require_once("tinc.inc"); +function tinc_status_1() { + exec("/usr/local/sbin/tincd --config=/usr/local/etc/tinc -kUSR1"); + usleep(500000); + exec("/usr/sbin/clog /var/log/tinc.log | sed -e 's/.*tinc\[.*\]: //'",$result); + $i=0; + foreach($result as $line) + { + if(preg_match("/Connections:/",$line)) + $begin=$i; + if(preg_match("/End of connections./",$line)) + $end=$i; + $i++; + } + $output=""; + $i=0; + foreach($result as $line) + { + if($i >= $begin && $i<= $end) + $output .= $line . "\n"; + $i++; + } + return $output; +} + +function tinc_status_2() { + exec("/usr/local/sbin/tincd --config=/usr/local/etc/tinc -kUSR2"); + usleep(500000); + exec("/usr/sbin/clog /var/log/tinc.log | sed -e 's/.*tinc\[.*\]: //'",$result); + $i=0; + foreach($result as $line) + { + if(preg_match("/Statistics for Generic BSD tun device/",$line)) + $begin=$i; + if(preg_match("/End of subnet list./",$line)) + $end=$i; + $i++; + } + $output=""; + $i=0; + foreach($result as $line) + { + if($i >= $begin && $i<= $end) + $output .= $line . "\n"; + $i++; + } + return $output; +} + +$shortcut_section = "tinc"; include("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?=$jsevents["body"]["onload"];?>"> <?php include("fbegin.inc"); ?> - -1:<BR> +Connection list:<BR> <pre> <?php print tinc_status_1(); ?> </pre> <BR> -2:<BR> +Virtual network device statistics, all known nodes, edges and subnets:<BR> <pre> <?php print tinc_status_2(); ?> </pre> - <?php include("fend.inc"); ?> diff --git a/config/tinc/tinc.inc b/config/tinc/tinc.inc index c191de5a..697e2932 100644 --- a/config/tinc/tinc.inc +++ b/config/tinc/tinc.inc @@ -1,25 +1,6 @@ <?php -if(!isset($_GET['id']) and !isset($_POST['id'])) { - if($GLOBALS['config']['installedpackages']['tinchosts']['savemsg']) { - $savemsg=$GLOBALS['config']['installedpackages']['tinchosts']['savemsg']; - unset($GLOBALS['config']['installedpackages']['tinchosts']['savemsg']); - write_config(); - } - -} - -$hosts=$config['installedpackages']['tinchosts']['config']; -is_array($hosts) ? $num_hosts=count($hosts) : $num_hosts=0; -if(!isset($_GET['id']) and !isset($_POST['id']) and $num_hosts) { - for ($i=0;$i<$num_hosts;$i++) { - $host=$hosts[$i]; - } -} - - function tinc_save() { - $GLOBALS['config']['installedpackages']['tinchosts']['savemsg']=''; conf_mount_rw(); config_lock(); exec("/bin/mv -f /usr/local/etc/tinc /usr/local/etc/tinc.old"); @@ -68,6 +49,7 @@ function tinc_save() { else { $_output = "ifconfig \$INTERFACE " . $tincconf['localip'] . " netmask " . $tincconf['vpnnetmask'] . "\n"; + $_output .= "ifconfig \$INTERFACE group tinc\n"; } file_put_contents('/usr/local/etc/tinc/tinc-up',$_output); chmod("/usr/local/etc/tinc/tinc-up", 0744); @@ -102,58 +84,29 @@ function tinc_save() { config_unlock(); } -function tinc_status_1() { - list($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$sizeb,$atime,$mtimeb,$ctime,$blksize,$blocks)=stat("/var/log/tinc.log"); - exec("/usr/local/sbin/tincd --config=/usr/local/etc/tinc -kUSR1"); - exec("tail -c +" . $sizeb . " /var/log/tinc.log | sed -e 's/.*tinc\[.*\]: //'",$result); - $output=""; - foreach($result as $line) - { - $output .= $line . "\n"; - } - return $output; -} - -function tinc_status_2() { - list($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$sizeb,$atime,$mtimeb,$ctime,$blksize,$blocks)=stat("/var/log/tinc.log"); - exec("/usr/local/sbin/tincd --config=/usr/local/etc/tinc -kUSR2"); - exec("tail -c +" . $sizeb . " /var/log/tinc.log | sed -e 's/.*tinc\[.*\]: //'",$result); - $output=""; - foreach($result as $line) - { - $output .= $line . "\n"; - } - return $output; -} - function tinc_install() { safe_mkdir("/usr/local/etc/tinc"); safe_mkdir("/usr/local/etc/tinc/hosts"); -# make_dirs("/var/tmp/tinc/var/tmp/run/tinc"); -# system("/usr/sbin/chown -R tinc:tinc /var/tmp/tinc"); $_rcfile['file']='tinc.sh'; $_rcfile['start'].="/usr/local/sbin/tincd --config=/usr/local/etc/tinc\n\t"; $_rcfile['stop'].="/usr/local/sbin/tincd --kill \n\t"; write_rcfile($_rcfile); unlink_if_exists("/usr/local/etc/rc.d/tincd"); + clear_log_file("/var/log/tinc.log"); conf_mount_rw(); config_lock(); -/* - # find next free optional interface number - for ($i = 1; $i <= count($GLOBALS['config']['interfaces']); $i++) { - if (!$GLOBALS['config']['interfaces']["opt{$i}"]) - break; - } - $newifname = 'opt' . $i; - $descr = "TINC"; - $GLOBALS['config']['interfaces'][$newifname] = array(); - $GLOBALS['config']['interfaces'][$newifname]['descr'] = $descr; - - uksort($GLOBALS['config']['interfaces'], "compare_interface_friendly_names"); - - $GLOBALS['config']['interfaces'][$newifname]['if'] = "tun0"; -*/ + + /* Create Interface Group */ + if (!is_array($GLOBALS['config']['ifgroups']['ifgroupentry'])) + $GLOBALS['config']['ifgroups']['ifgroupentry'] = array(); + + $a_ifgroups = &$GLOBALS['config']['ifgroups']['ifgroupentry']; + $ifgroupentry = array(); + $ifgroupentry['members'] = ''; + $ifgroupentry['descr'] = 'tinc mesh VPN interface group'; + $ifgroupentry['ifname'] = 'tinc'; + $a_ifgroups[] = $ifgroupentry; /* XXX: Do not remove this. */ mwexec("/bin/rm -f /tmp/config.cache"); @@ -165,6 +118,42 @@ function tinc_install() { } function tinc_deinstall() { + /* Remove Interface Group */ + conf_mount_rw(); + config_lock(); + if (!is_array($GLOBALS['config']['ifgroups']['ifgroupentry'])) + $GLOBALS['config']['ifgroups']['ifgroupentry'] = array(); + + $a_ifgroups = &$GLOBALS['config']['ifgroups']['ifgroupentry']; + + $myid=-1; + $i = 0; + foreach ($a_ifgroups as $ifgroupentry) + { + if($ifgroupentry['ifname']=='tinc') + { + $myid=$i; + break; + } + $i++; + } + + if ($myid >= 0 && $a_ifgroups[$myid]) + { + $members = explode(" ", $a_ifgroups[$_GET['id']]['members']); + foreach ($members as $ifs) + { + $realif = get_real_interface($ifs); + if ($realif) + mwexec("/sbin/ifconfig {$realif} -group " . $a_ifgroups[$_GET['id']]['ifname']); + } + unset($a_ifgroups[$myid]); + mwexec("/bin/rm -f /tmp/config.cache"); + write_config(); + } + conf_mount_ro(); + config_unlock(); + rmdir_recursive("/var/tmp/tinc"); rmdir_recursive("/usr/local/etc/tinc*"); unlink_if_exists("/usr/local/etc/rc.d/tinc.sh"); diff --git a/config/tinc/tinc.xml b/config/tinc/tinc.xml index 7fb756f1..90581513 100644 --- a/config/tinc/tinc.xml +++ b/config/tinc/tinc.xml @@ -53,7 +53,7 @@ <url>/pkg_edit.php?xml=tinc_config.xml</url> </menu> <menu> - <name>tinc</name> + <name>tincd</name> <tooltiptext>Status of tinc VPN Daemon</tooltiptext> <section>Status</section> <url>/status_tinc.php</url> @@ -76,14 +76,20 @@ </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/</prefix> - <chmod>0644</chmod> + <chmod>0755</chmod> <item>http://www.pfsense.com/packages/config/tinc/status_tinc.php</item> </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/shortcuts/</prefix> + <chmod>0644</chmod> + <item>http://www.pfsense.com/packages/config/tinc/pkg_tinc.inc</item> + </additional_files_needed> <service> <name>tinc</name> <rcfile>tinc.sh</rcfile> <executable>tincd</executable> + <description>tinc mesh VPN</description> </service> <include_file>/usr/local/pkg/tinc.inc</include_file> diff --git a/config/tinc/tinc_config.xml b/config/tinc/tinc_config.xml index 6c3cce71..3878450f 100644 --- a/config/tinc/tinc_config.xml +++ b/config/tinc/tinc_config.xml @@ -144,7 +144,7 @@ <field> <fielddescr>Interface Up Script</fielddescr> <fieldname>tinc_up</fieldname> - <description>This script is executed right after the tinc daemon has connected to the virtual network device. By default a tinc-up file is created that brings up the tinc interface with the IP Address and Netmask specified above. Entering a value here complely replaces the default script so be sure to bring up the interface in this script.</description> + <description>This script is executed right after the tinc daemon has connected to the virtual network device. By default a tinc-up file is created that brings up the tinc interface with the IP Address and Netmask specified above and adds it to the tinc interface group. Entering a value here complely replaces the default script so be sure to bring up the interface in this script.</description> <type>textarea</type> <encoding>base64</encoding> <rows>8</rows> |