#!/bin/bash ############################################################################### # # # IPFire.org - A linux based firewall # # Copyright (C) 2010 Michael Tremer & Christian Schmidt # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation, either version 3 of the License, or # # (at your option) any later version. # # # # This program is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # # along with this program. If not, see . # # # ############################################################################### PPP_SUPPORTED_AUTH_METHODS="chap pap" function pppd_start() { local interface=${1} assert isset interface service_start "pppd@${interface}" } function pppd_stop() { local interface=${1} assert isset interface service_stop "pppd@${interface}" } function pppd_status() { local interface=${1} assert isset interface service_status "pppd@${interface}" } function ppp_common_ip_pre_up() { local zone=${1} shift if ! zone_exists ${zone}; then error "Zone '${zone}' does not exist." return ${EXIT_ERROR} fi routing_db_from_ppp ${zone} ipv4 # Request firewall reload event_emit firewall-reload return ${EXIT_OK} } function ppp_common_ip_up() { local zone=${1} shift if ! zone_exists ${zone}; then error "Zone '${zone}' does not exist." return ${EXIT_ERROR} fi routing_db_set ${zone} ipv4 active 1 routing_update ${zone} ipv4 # Emit interface-up event event_interface_up ${zone} return ${EXIT_OK} } function ppp_common_ip_down() { local zone=${1} shift if ! zone_exists ${zone}; then error "Zone '${zone}' does not exist." return ${EXIT_ERROR} fi # Remove the information about this zone from the routing database # and update the routing table. routing_db_remove ${zone} ipv4 routing_update ${zone} ipv4 # Save accounting information ppp_accounting ${zone} # Emit interface-up event event_interface_down ${zone} return ${EXIT_OK} } function ppp_common_ipv6_up() { local zone=${1} shift if ! zone_exists ${zone}; then error "Zone '${zone}' does not exist." return ${EXIT_ERROR} fi # Add information about this zone to the routing database. routing_db_from_ppp ${zone} ipv6 routing_db_set ${zone} ipv6 active 1 routing_update ${zone} ipv6 # Emit interface-up event event_interface_up ${zone} return ${EXIT_OK} } function ppp_common_ipv6_down() { local zone=${1} shift if ! zone_exists ${zone}; then error "Zone '${zone}' does not exist." return ${EXIT_ERROR} fi # Remove the information about this zone from the routing database # and update the routing table. routing_db_remove ${zone} ipv6 routing_update ${zone} ipv6 # Save accounting information ppp_accounting ${zone} # Emit interface-up event event_interface_down ${zone} return ${EXIT_OK} } function ppp_secret() { local USER=${1} local SECRET=${2} local a local secret local user # Updateing secret file > ${PPP_SECRETS}.tmp while read user a secret; do if [ "'${USER}'" != "${user}" ]; then echo "${user} ${a} ${secret}" >> ${PPP_SECRETS}.tmp fi done < ${PPP_SECRETS} echo "'${USER}' * '${SECRET}'" >> ${PPP_SECRETS}.tmp cat ${PPP_SECRETS}.tmp > ${PPP_SECRETS} rm -f ${PPP_SECRETS}.tmp } function ppp_accounting() { local zone=${1} shift db_ppp_update ${zone} --duration="${CONNECT_TIME}" \ --rcvd="${BYTES_RCVD}" --sent="${BYTES_SENT}" } function pppd_exec() { log DEBUG "Running pppd with parameters '$@'." pppd $@ > /dev/null } function pppd_write_config() { local file=${1}; shift assert isset file local auth local interface local linkname local mtu mru local plugin plugin_options local user while [ $# -gt 0 ]; do case "${1}" in --auth=*) auth=$(cli_get_val ${1}) ;; # The name of the created ppp interface. --interface=*) interface=$(cli_get_val ${1}) ;; # Maximum Transmission Unit --mtu=*) mtu=$(cli_get_val ${1}) ;; # Maximum Receive Unit --mru=*) mru=$(cli_get_val ${1}) ;; --plugin=*) plugin=$(cli_get_val ${1}) ;; --plugin-options=*) plugin_options=$(cli_get_val ${1}) ;; --user=*) user=$(cli_get_val ${1}) ;; *) log WARNING "Unhandled argument: ${1}" ;; esac shift done if [ -z "${interface}" ]; then log ERROR "You need to set the interface name: ${interface}" return ${EXIT_ERROR} fi linkname=${interface} if isset auth; then if ! isoneof ${auth} ${PPP_SUPPORTED_AUTH_METHODS}; then log ERROR "Unsupported auth method: ${auth}" return ${EXIT_ERROR} fi fi # Write the configuration header. mkdir -p $(dirname ${file}) 2>/dev/null config_header "PPP daemon configuration file" > ${file} # At first, set the name of the link. print "name ${linkname}\nlinkname ${linkname}\n" >> ${file} # Configure the interface name. print "# Interface name\nifname ${interface}\n" >> ${file} # Plugin settings if isset plugin; then ( print "# Plugin settings" print "plugin ${plugin} ${plugin_options}" print ) >> ${file} fi # User authentication if isset user; then ( print "# User authentication" print "user ${user}" print "noauth" if isset auth; then print "require-${auth}" fi print ) >> ${file} fi # MTU/MRU settings if isset mtu; then isset mru || mru=${mtu} ( print "# MTU/MRU settings" print "mtu ${mtu}" print "mru ${mru}" print ) >> ${file} fi # Add the default settings. ( print "# Disable the compression" print "noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe" print "noipdefault nodetach debug" ) >> ${file} return ${EXIT_OK} }