suricata: Fix amount of listened nfqueues

[ipfire-2.x.git] / src / misc-progs / openvpnctrl.c
diff --git a/src/misc-progs/openvpnctrl.c b/src/misc-progs/openvpnctrl.c

index da5ee2356e8b7fcf448c225bb585b628f71eea29..20967e471c4085bcb30cf375882c9ed71d8aff44 100644 (file)
--- a/src/misc-progs/openvpnctrl.c
+++ b/src/misc-progs/openvpnctrl.c
@@ -1,3 +1,4 @@
+#define _XOPEN_SOURCE 500
  #include <signal.h>
  #include <stdio.h>
  #include <string.h>
@@ -7,6 +8,7 @@
  #include <arpa/inet.h>
  #include <netinet/in.h>
  #include <fcntl.h>
+#include <ftw.h>
  #include "setuid.h"
  #include "netutil.h"
  #include "libsmooth.h"
@@ -44,6 +46,18 @@ struct connection_struct {
  
  typedef struct connection_struct connection;
  
+static int recursive_remove_callback(const char* fpath, const struct stat* sb, int typeflag, struct FTW* ftwbuf) {
+       int rv = remove(fpath);
+       if (rv)
+               perror(fpath);
+
+       return rv;
+}
+
+static int recursive_remove(const char* path) {
+       return nftw(path, recursive_remove_callback, 64, FTW_DEPTH | FTW_PHYS);
+}
+
  void exithandler(void)
  {
         if(kv)
@@ -469,6 +483,10 @@ void startDaemon(void) {
                 executeCommand(command);
                 snprintf(command, STRING_SIZE-1, "/usr/sbin/openvpn --config /var/ipfire/ovpn/server.conf");
                 executeCommand(command);
+               snprintf(command, STRING_SIZE-1, "/bin/chown root.nobody /var/run/ovpnserver.log");
+               executeCommand(command);
+               snprintf(command, STRING_SIZE-1, "/bin/chmod 644 /var/run/ovpnserver.log");
+               executeCommand(command);
         }
  }
  
@@ -533,6 +551,7 @@ int startNet2Net(char *name) {
  int killNet2Net(char *name) {
         connection *conn = NULL;
         connection *conn_iter;
+       int rc = 0;
  
         conn_iter = getConnections();
  
@@ -565,26 +584,40 @@ int killNet2Net(char *name) {
         snprintf(command, STRING_SIZE - 1, "/bin/rm -f %s", pidfile);
         executeCommand(command);
  
+       char runfile[STRING_SIZE];
+       snprintf(runfile, STRING_SIZE - 1, "/var/run/openvpn/%s-n2n", conn->name);
+       rc = recursive_remove(runfile);
+       if (rc)
+               perror(runfile);
+
         return 0;
  }
  
  int deleterrd(char *name) {
+       char rrd_dir[STRING_SIZE];
+
         connection *conn = getConnections();
+       while(conn) {
+               if (strcmp(conn->name, name) != 0) {
+                       conn = conn->next;
+                       continue;
+               }
  
-       char rrd_file[STRING_SIZE];
-       snprintf(rrd_file, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s/if_octets.rrd", name);
+               // Handle RW connections
+               if (strcmp(conn->type, "host") == 0) {
+                       snprintf(rrd_dir, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s/", name);
  
-       char rrd_dir[STRING_SIZE];
-       snprintf(rrd_dir, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s", name);
+               // Handle N2N connections
+               } else if (strcmp(conn->type, "net") == 0) {
+                       snprintf(rrd_dir, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s-n2n/", name);
  
-       while(conn) {
-               /* Find only RW-Connections with the given name. */
-               if (((strcmp(conn->type, "host") == 0) && (strcmp(conn->name, name) == 0))) {
-                       remove(rrd_file);
-                       remove(rrd_dir);
-                       return 0;
+               // Unhandled connection type
+               } else {
+                       conn = conn->next;
+                       continue;
                 }
-               conn = conn->next;
+
+               return recursive_remove(rrd_dir);
         }
  
         return 1;