From: Michael Tremer Date: Tue, 13 Jan 2015 16:37:18 +0000 (+0100) Subject: Merge remote-tracking branch 'amarx/vpn-statistic1' into next X-Git-Tag: v2.17-core89~77 X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff_plain;h=3906cf7e852872556728191a234152acf213db05;hp=e62b6718b919e7b5072ebf11294ae7d3adc9560e Merge remote-tracking branch 'amarx/vpn-statistic1' into next --- diff --git a/config/cfgroot/graphs.pl b/config/cfgroot/graphs.pl index 487a4dd932..5e6fddbf6e 100644 --- a/config/cfgroot/graphs.pl +++ b/config/cfgroot/graphs.pl @@ -587,6 +587,118 @@ sub updateifgraph { print "Error in RRD::graph for ".$interface.": ".$ERROR."\n" if $ERROR; } +sub updatevpngraph { + my $interface = $_[0]; + my $period = $_[1]; + RRDs::graph( + "-", + "--start", + "-1".$period, + "-aPNG", + "-i", + "-z", + "-W www.ipfire.org", + "--alt-y-grid", + "-w 600", + "-h 125", + "-r", + "-t ".$Lang::tr{'traffic on'}." ".$interface." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, + "-v ".$Lang::tr{'bytes per second'}, + "--color=SHADEA".$color{"color19"}, + "--color=SHADEB".$color{"color19"}, + "--color=BACK".$color{"color21"}, + "DEF:incoming=".$mainsettings{'RRDLOG'}."/collectd/localhost/openvpn-$interface/if_octets_derive.rrd:rx:AVERAGE", + "DEF:outgoing=".$mainsettings{'RRDLOG'}."/collectd/localhost/openvpn-$interface/if_octets_derive.rrd:tx:AVERAGE", + "CDEF:outgoingn=outgoing,-1,*", + "COMMENT:".sprintf("%-20s",$Lang::tr{'caption'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'maximal'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'average'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'minimal'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'current'})."\\j", + "AREA:incoming#00dd00:".sprintf("%-20s",$Lang::tr{'incoming traffic in bytes per second'}), + "GPRINT:incoming:MAX:%8.1lf %sBps", + "GPRINT:incoming:AVERAGE:%8.1lf %sBps", + "GPRINT:incoming:MIN:%8.1lf %sBps", + "GPRINT:incoming:LAST:%8.1lf %sBps\\j", + "AREA:outgoingn#dd0000:".sprintf("%-20s",$Lang::tr{'outgoing traffic in bytes per second'}), + "GPRINT:outgoing:MAX:%8.1lf %sBps", + "GPRINT:outgoing:AVERAGE:%8.1lf %sBps", + "GPRINT:outgoing:MIN:%8.1lf %sBps", + "GPRINT:outgoing:LAST:%8.1lf %sBps\\j", + ); + $ERROR = RRDs::error; + print "Error in RRD::graph for ".$interface.": ".$ERROR."\n" if $ERROR; +} + +sub updatevpnn2ngraph { + my $interface = $_[0]; + my $period = $_[1]; + RRDs::graph( + "-", + "--start", + "-1".$period, + "-aPNG", + "-i", + "-z", + "-W www.ipfire.org", + "--alt-y-grid", + "-w 600", + "-h 125", + "-r", + "-t ".$Lang::tr{'traffic on'}." ".$interface." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, + "-v ".$Lang::tr{'bytes per second'}, + "--color=SHADEA".$color{"color19"}, + "--color=SHADEB".$color{"color19"}, + "--color=BACK".$color{"color21"}, + "DEF:incoming=".$mainsettings{'RRDLOG'}."/collectd/localhost/openvpn-$interface/if_octets_derive-traffic.rrd:rx:AVERAGE", + "DEF:outgoing=".$mainsettings{'RRDLOG'}."/collectd/localhost/openvpn-$interface/if_octets_derive-traffic.rrd:tx:AVERAGE", + "DEF:overhead_in=".$mainsettings{'RRDLOG'}."/collectd/localhost/openvpn-$interface/if_octets_derive-overhead.rrd:rx:AVERAGE", + "DEF:overhead_out=".$mainsettings{'RRDLOG'}."/collectd/localhost/openvpn-$interface/if_octets_derive-overhead.rrd:tx:AVERAGE", + "DEF:compression_in=".$mainsettings{'RRDLOG'}."/collectd/localhost/openvpn-$interface/compression_derive-data_in.rrd:uncompressed:AVERAGE", + "DEF:compression_out=".$mainsettings{'RRDLOG'}."/collectd/localhost/openvpn-$interface/compression_derive-data_out.rrd:uncompressed:AVERAGE", + "CDEF:outgoingn=outgoing,-1,*", + "CDEF:overhead_outn=overhead_out,-1,*", + "CDEF:compression_outn=compression_out,-1,*", + "COMMENT:".sprintf("%-20s",$Lang::tr{'caption'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'maximal'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'average'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'minimal'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'current'})."\\j", + "AREA:incoming#00dd00:".sprintf("%-20s",$Lang::tr{'incoming traffic in bytes per second'}), + "GPRINT:incoming:MAX:%8.1lf %sBps", + "GPRINT:incoming:AVERAGE:%8.1lf %sBps", + "GPRINT:incoming:MIN:%8.1lf %sBps", + "GPRINT:incoming:LAST:%8.1lf %sBps\\j", + "STACK:overhead_in#116B11:".sprintf("%-20s",$Lang::tr{'incoming overhead in bytes per second'}), + "GPRINT:overhead_in:MAX:%8.1lf %sBps", + "GPRINT:overhead_in:AVERAGE:%8.1lf %sBps", + "GPRINT:overhead_in:MIN:%8.1lf %sBps", + "GPRINT:overhead_in:LAST:%8.1lf %sBps\\j", + "LINE1:compression_in#ff00ff:".sprintf("%-20s",$Lang::tr{'incoming compression in bytes per second'}), + "GPRINT:compression_in:MAX:%8.1lf %sBps", + "GPRINT:compression_in:AVERAGE:%8.1lf %sBps", + "GPRINT:compression_in:MIN:%8.1lf %sBps", + "GPRINT:compression_in:LAST:%8.1lf %sBps\\j", + "AREA:outgoingn#dd0000:".sprintf("%-20s",$Lang::tr{'outgoing traffic in bytes per second'}), + "GPRINT:outgoing:MAX:%8.1lf %sBps", + "GPRINT:outgoing:AVERAGE:%8.1lf %sBps", + "GPRINT:outgoing:MIN:%8.1lf %sBps", + "GPRINT:outgoing:LAST:%8.1lf %sBps\\j", + "STACK:overhead_outn#870C0C:".sprintf("%-20s",$Lang::tr{'outgoing overhead in bytes per second'}), + "GPRINT:overhead_out:MAX:%8.1lf %sBps", + "GPRINT:overhead_out:AVERAGE:%8.1lf %sBps", + "GPRINT:overhead_out:MIN:%8.1lf %sBps", + "GPRINT:overhead_out:LAST:%8.1lf %sBps\\j", + "LINE1:compression_outn#000000:".sprintf("%-20s",$Lang::tr{'outgoing compression in bytes per second'}), + "GPRINT:compression_out:MAX:%8.1lf %sBps", + "GPRINT:compression_out:AVERAGE:%8.1lf %sBps", + "GPRINT:compression_out:MIN:%8.1lf %sBps", + "GPRINT:compression_out:LAST:%8.1lf %sBps\\j", + ); + $ERROR = RRDs::error; + print "Error in RRD::graph for ".$interface.": ".$ERROR."\n" if $ERROR; +} + # Generate the Firewall Graph for the current period of time for values given by collecd sub updatefwhitsgraph { diff --git a/config/collectd/collectd.conf b/config/collectd/collectd.conf index 61327bf6c0..384c943600 100644 --- a/config/collectd/collectd.conf +++ b/config/collectd/collectd.conf @@ -92,3 +92,4 @@ include "/etc/collectd.precache" #include "/etc/collectd.thermal" include "/etc/collectd.custom" +include "/etc/collectd.vpn" diff --git a/config/collectd/collectd.vpn b/config/collectd/collectd.vpn new file mode 100644 index 0000000000..ca92947f80 --- /dev/null +++ b/config/collectd/collectd.vpn @@ -0,0 +1,5 @@ +LoadPlugin openvpn + + +StatusFile "/var/run/ovpnserver.log" + diff --git a/config/menu/20-status.menu b/config/menu/20-status.menu index b159ed6109..802885ee3a 100644 --- a/config/menu/20-status.menu +++ b/config/menu/20-status.menu @@ -40,6 +40,18 @@ 'title' => "$Lang::tr{'network other'}", 'enabled' => 1, }; + $substatus->{'53.networkovpn'} = { + 'caption' => "$Lang::tr{'openvpn client'}", + 'uri' => '/cgi-bin/netovpnrw.cgi', + 'title' => "$Lang::tr{'openvpn client'}", + 'enabled' => 1, + }; + $substatus->{'54.networkovpnsrv'} = { + 'caption' => "$Lang::tr{'openvpn server'}", + 'uri' => '/cgi-bin/netovpnsrv.cgi', + 'title' => "$Lang::tr{'openvpn server'}", + 'enabled' => 1, + }; $substatus->{'60.hardwaregraphs'} = { 'caption' => "$Lang::tr{'hardware graphs'}", 'uri' => '/cgi-bin/hardwaregraphs.cgi', diff --git a/config/rootfiles/common/apache2 b/config/rootfiles/common/apache2 index 474e7a7dc1..3eabe9f769 100644 --- a/config/rootfiles/common/apache2 +++ b/config/rootfiles/common/apache2 @@ -1419,6 +1419,8 @@ srv/web/ipfire/cgi-bin/modem-status.cgi srv/web/ipfire/cgi-bin/netexternal.cgi srv/web/ipfire/cgi-bin/netinternal.cgi srv/web/ipfire/cgi-bin/netother.cgi +srv/web/ipfire/cgi-bin/netovpnrw.cgi +srv/web/ipfire/cgi-bin/netovpnsrv.cgi srv/web/ipfire/cgi-bin/optionsfw.cgi srv/web/ipfire/cgi-bin/ovpnmain.cgi srv/web/ipfire/cgi-bin/p2p-block.cgi diff --git a/config/rootfiles/common/collectd b/config/rootfiles/common/collectd index 2b9fa285c7..5c2064dbdc 100644 --- a/config/rootfiles/common/collectd +++ b/config/rootfiles/common/collectd @@ -2,6 +2,7 @@ etc/collectd.conf etc/collectd.custom etc/collectd.precache etc/collectd.thermal +etc/collectd.vpn etc/rc.d/init.d/collectd etc/rc.d/rc0.d/K50collectd etc/rc.d/rc3.d/S29collectd diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi index badee6b3c0..d2227a421e 100644 --- a/html/cgi-bin/firewall.cgi +++ b/html/cgi-bin/firewall.cgi @@ -865,7 +865,7 @@ sub checkrule $errormessage.=$Lang::tr{'fwdfw err remark'}."
"; } #check if source and target identical - if ($fwdfwsettings{$fwdfwsettings{'grp1'}} eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $fwdfwsettings{$fwdfwsettings{'grp1'}} ne 'ALL'){ + if ($fwdfwsettings{$fwdfwsettings{'grp1'}} eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $fwdfwsettings{$fwdfwsettings{'grp1'}} ne 'ALL' && $fwdfwsettings{'grp2'} ne 'ipfire'){ $errormessage=$Lang::tr{'fwdfw err same'}; return $errormessage; } diff --git a/html/cgi-bin/netovpnrw.cgi b/html/cgi-bin/netovpnrw.cgi new file mode 100755 index 0000000000..f775b23dcc --- /dev/null +++ b/html/cgi-bin/netovpnrw.cgi @@ -0,0 +1,72 @@ +#!/usr/bin/perl +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2014 Alexander Marx # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +use strict; + +# enable only the following on debugging purpose +#use warnings; +#use CGI::Carp 'fatalsToBrowser'; + +require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/lang.pl"; +require "${General::swroot}/header.pl"; +require "${General::swroot}/graphs.pl"; + +my %color = (); +my %mainsettings = (); +&General::readhash("${General::swroot}/main/settings", \%mainsettings); +&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color); + +my @vpns=(); + +my @querry = split(/\?/,$ENV{'QUERY_STRING'}); +$querry[0] = '' unless defined $querry[0]; +$querry[1] = 'week' unless defined $querry[1]; + +if ( $querry[0] ne "" && $querry[0] ne "UNDEF"){ + print "Content-type: image/png\n\n"; + binmode(STDOUT); + &Graphs::updatevpngraph($querry[0],$querry[1]); +}else{ + &Header::showhttpheaders(); + &Header::openpage($Lang::tr{'host to net vpn'}, 1, ''); + &Header::openbigbox('100%', 'left'); + + my @vpngraphs = `find /var/log/rrd/collectd/localhost/openvpn-*/ -not -path *openvpn-UNDEF* -not -path *openvpn-*n2n* -name *.rrd|sort`; + foreach (@vpngraphs){ + if($_ =~ /(.*)\/openvpn-(.*)\/if_octets_derive.rrd/){ + push(@vpns,$2); + } + } + if(@vpns){ + foreach (@vpns) { + &Header::openbox('100%', 'center', "$_ $Lang::tr{'graph'}"); + &Graphs::makegraphbox("netovpnrw.cgi",$_,"week"); + &Header::closebox(); + } + }else{ + print "
".$Lang::tr{'no data'}."
"; + } + my $output = ''; + + &Header::closebigbox(); + &Header::closepage(); +} diff --git a/html/cgi-bin/netovpnsrv.cgi b/html/cgi-bin/netovpnsrv.cgi new file mode 100755 index 0000000000..0ec9c679d5 --- /dev/null +++ b/html/cgi-bin/netovpnsrv.cgi @@ -0,0 +1,72 @@ +#!/usr/bin/perl +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2014 Alexnder Marx # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +use strict; + +# enable only the following on debugging purpose +#use warnings; +#use CGI::Carp 'fatalsToBrowser'; + +require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/lang.pl"; +require "${General::swroot}/header.pl"; +require "${General::swroot}/graphs.pl"; + +my %color = (); +my %mainsettings = (); +&General::readhash("${General::swroot}/main/settings", \%mainsettings); +&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color); + +my @vpns=(); + +my @querry = split(/\?/,$ENV{'QUERY_STRING'}); +$querry[0] = '' unless defined $querry[0]; +$querry[1] = 'week' unless defined $querry[1]; + +if ( $querry[0] ne ""){ + print "Content-type: image/png\n\n"; + binmode(STDOUT); + &Graphs::updatevpnn2ngraph($querry[0],$querry[1]); +}else{ + &Header::showhttpheaders(); + &Header::openpage($Lang::tr{'openvpn server'}, 1, ''); + &Header::openbigbox('100%', 'left'); + + my @vpngraphs = `find /var/log/rrd/collectd/localhost/openvpn-*-n2n/ -not -path *openvpn-UNDEF* -name *traffic.rrd|sort`; + foreach (@vpngraphs){ + if($_ =~ /(.*)\/openvpn-(.*)\/if_octets_derive-traffic.rrd/){ + push(@vpns,$2); + } + } + if (@vpns){ + foreach (@vpns) { + &Header::openbox('100%', 'center', "$_ $Lang::tr{'graph'}"); + &Graphs::makegraphbox("netovpnsrv.cgi",$_,"week"); + &Header::closebox(); + } + }else{ + print "
".$Lang::tr{'no data'}."
"; + } + my $output = ''; + + &Header::closebigbox(); + &Header::closepage(); +} diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 235ece5f8b..1e074928f2 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -288,7 +288,7 @@ sub writeserverconf { print CONF "keepalive $sovpnsettings{'KEEPALIVE_1'} $sovpnsettings{'KEEPALIVE_2'}\n"; } print CONF "status-version 1\n"; - print CONF "status /var/log/ovpnserver.log 30\n"; + print CONF "status /var/run/ovpnserver.log 30\n"; print CONF "cipher $sovpnsettings{DCIPHER}\n"; if ($sovpnsettings{'DAUTH'} eq '') { print CONF ""; @@ -354,7 +354,7 @@ sub writeserverconf { } sub emptyserverlog{ - if (open(FILE, ">/var/log/ovpnserver.log")) { + if (open(FILE, ">/var/run/ovpnserver.log")) { flock FILE, 2; print FILE ""; close FILE; @@ -905,9 +905,12 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print SERVERCONF "route $remsubnet[0] $remsubnet[1]\n"; print SERVERCONF "# tun Device\n"; print SERVERCONF "dev tun\n"; + print SERVERCONF "#Logfile for statistics\n"; + print SERVERCONF "status-version 1\n"; + print SERVERCONF "status /var/run/openvpn/$cgiparams{'NAME'}-n2n 10\n"; print SERVERCONF "# Port and Protokol\n"; print SERVERCONF "port $cgiparams{'DEST_PORT'}\n"; - + if ($cgiparams{'PROTOCOL'} eq 'tcp') { print SERVERCONF "proto tcp-server\n"; print SERVERCONF "# Packet size\n"; @@ -1193,6 +1196,14 @@ SETTINGS_ERROR: while ($file = glob("${General::swroot}/ovpn/ccd/*")) { unlink $file } +# Delete all RRD files for Roadwarrior connections + chdir('/var/ipfire/ovpn/ccd'); + while ($file = glob("*")) { + system ("/usr/local/bin/openvpnctrl -drrd $file"); + } + while ($file = glob("${General::swroot}/ovpn/ccd/*")) { + unlink $file + } if (open(FILE, ">${General::swroot}/ovpn/ovpn-leases.db")) { print FILE ""; close FILE; @@ -2359,7 +2370,10 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') { # CCD end - +### +### Delete all RRD's for client +### + system ("/usr/local/bin/openvpnctrl -drrd $confighash{$cgiparams{'KEY'}}[1]"); delete $confighash{$cgiparams{'KEY'}}; my $temp2 = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`; &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash); @@ -2897,7 +2911,7 @@ END END ; - my $filename = "/var/log/ovpnserver.log"; + my $filename = "/var/run/ovpnserver.log"; open(FILE, $filename) or die 'Unable to open config file.'; my @current = ; close(FILE); @@ -4897,7 +4911,7 @@ END &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash); &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash); - my @status = `/bin/cat /var/log/ovpnserver.log`; + my @status = `/bin/cat /var/run/ovpnserver.log`; if ($cgiparams{'VPN_IP'} eq '' && -e "${General::swroot}/red/active") { if (open(IPADDR, "${General::swroot}/red/local-ipaddress")) { diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 3f96a60f1c..bf0165129c 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1243,6 +1243,8 @@ 'incoming' => 'eingehend', 'incoming firewall access' => 'Eingehender Firewallzugang', 'incoming traffic in bytes per second' => 'Eingehender Verkehr', +'incoming overhead in bytes per second' => 'Eingehender Overhead', +'incoming compression in bytes per second' => 'Eingehende Kompression', 'incorrect password' => 'Fehlerhaftes Passwort', 'info' => 'Info', 'init string' => 'Initialisierung:', @@ -1688,6 +1690,8 @@ 'outgoing firewall view group' => 'Gruppe anzeigen', 'outgoing firewall warning' => 'Nur die Auswahl Quell IP / MAC aktiviert diese', 'outgoing traffic in bytes per second' => 'Abgehender Verkehr', +'outgoing overhead in bytes per second' => 'Abgehender Overhead', +'outgoing compression in bytes per second' => 'Abgehende Kompression', 'override mtu' => 'Überschreibe Standard MTU', 'ovpn' => 'OpenVPN', 'ovpn add conf' => 'Erweiterte Konfiguration', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index ad331b20e2..3ae4797764 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1272,6 +1272,8 @@ 'incoming' => 'incoming', 'incoming firewall access' => 'Incoming Firewall Access', 'incoming traffic in bytes per second' => 'Incoming Traffic', +'incoming overhead in bytes per second' => 'Incoming Overhead', +'incoming compression in bytes per second' => 'Incoming Compression', 'incorrect password' => 'Incorrect password', 'info' => 'Info', 'init string' => 'Init:', @@ -1719,6 +1721,8 @@ 'outgoing firewall view group' => 'View group', 'outgoing firewall warning' => 'Not selecting source ip or mac ignores them', 'outgoing traffic in bytes per second' => 'Outgoing Traffic', +'outgoing overhead in bytes per second' => 'Outgoing Overhead', +'outgoing compression in bytes per second' => 'Outgoing compression', 'override mtu' => 'Override default MTU', 'ovpn' => 'OpenVPN', 'ovpn add conf' => 'Additional configuration', diff --git a/lfs/openvpn b/lfs/openvpn index 44a8b46978..487b6cab42 100644 --- a/lfs/openvpn +++ b/lfs/openvpn @@ -83,6 +83,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && make install cd $(DIR_APP) && cp -Rvf $(DIR_SRC)/config/ovpn /var/ipfire -mkdir -vp /usr/lib/openvpn/plugins + -mkdir -vp /var/log/openvpn -mkdir -vp /var/ipfire/ovpn/ca -mkdir -vp /var/ipfire/ovpn/ccd -mkdir -vp /var/ipfire/ovpn/crls diff --git a/src/misc-progs/openvpnctrl.c b/src/misc-progs/openvpnctrl.c index 462ce77cce..da5ee2356e 100644 --- a/src/misc-progs/openvpnctrl.c +++ b/src/misc-progs/openvpnctrl.c @@ -73,6 +73,9 @@ void usage(void) printf(" -kn2n --kill-net-2-net\n"); printf(" kills all net2net connections\n"); printf(" you may pass a connection name to the switch to only start a specific one\n"); + printf(" -drrd --delete-rrd\n"); + printf(" Deletes the RRD data for a specific client\n"); + printf(" you need to pass a connection name (RW) to the switch to delete the directory (case sensitive)\n"); printf(" -d --display\n"); printf(" displays OpenVPN status to syslog\n"); printf(" -fwr --firewall-rules\n"); @@ -565,6 +568,28 @@ int killNet2Net(char *name) { return 0; } +int deleterrd(char *name) { + connection *conn = getConnections(); + + char rrd_file[STRING_SIZE]; + snprintf(rrd_file, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s/if_octets.rrd", name); + + char rrd_dir[STRING_SIZE]; + snprintf(rrd_dir, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s", name); + + while(conn) { + /* Find only RW-Connections with the given name. */ + if (((strcmp(conn->type, "host") == 0) && (strcmp(conn->name, name) == 0))) { + remove(rrd_file); + remove(rrd_dir); + return 0; + } + conn = conn->next; + } + + return 1; +} + void startAllNet2Net() { int exitcode = 0, _exitcode = 0; @@ -634,6 +659,10 @@ int main(int argc, char *argv[]) { else if( (strcmp(argv[1], "-kn2n") == 0) || (strcmp(argv[1], "--kill-net-2-net") == 0) ) { killNet2Net(argv[2]); return 0; + } + else if( (strcmp(argv[1], "-drrd") == 0) || (strcmp(argv[1], "--delete-rrd") == 0) ) { + deleterrd(argv[2]); + return 0; } else { usage(); return 1;