-/* IPCop helper program - rebuildhosts\r
- *\r
- * This program is distributed under the terms of the GNU General Public\r
- * Licence. See the file COPYING for details.\r
- *\r
- * (c) Alan Hourihane, 2003\r
- * \r
- *\r
- * $Id: rebuildhosts.c,v 1.3.2.6 2005/07/11 10:56:47 franck78 Exp $\r
- *\r
- */\r
-\r
-#include "libsmooth.h"\r
-#include <stdio.h>\r
-#include <stdlib.h>\r
-#include <unistd.h>\r
-#include <fcntl.h>\r
-#include <string.h>\r
-#include <sys/types.h>\r
-#include <sys/stat.h>\r
-#include <signal.h>\r
-#include "setuid.h"\r
-\r
-FILE *fd = NULL;\r
-FILE *hosts = NULL;\r
-struct keyvalue *kv = NULL;\r
-\r
-void exithandler(void)\r
-{\r
- if (kv)\r
- freekeyvalues(kv);\r
- if (fd)\r
- fclose(fd);\r
- if (hosts)\r
- fclose(hosts);\r
-}\r
-\r
-int main(int argc, char *argv[])\r
-{\r
- int fdpid; \r
- char hostname[STRING_SIZE];\r
- char domainname[STRING_SIZE] = "";\r
- char buffer[STRING_SIZE];\r
- char address[STRING_SIZE];\r
- char *active, *ip, *host, *domain;\r
- int pid;\r
-\r
- if (!(initsetuid()))\r
- exit(1);\r
-\r
- atexit(exithandler);\r
-\r
- memset(buffer, 0, STRING_SIZE);\r
-\r
- kv = initkeyvalues();\r
- if (!(readkeyvalues(kv, CONFIG_ROOT "/ethernet/settings")))\r
- {\r
- fprintf(stderr, "Couldn't read ethernet settings\n");\r
- exit(1);\r
- }\r
- findkey(kv, "GREEN_ADDRESS", address);\r
- freekeyvalues(kv);\r
-\r
- kv = initkeyvalues();\r
- if (!(readkeyvalues(kv, CONFIG_ROOT "/main/settings")))\r
- {\r
- fprintf(stderr, "Couldn't read main settings\n");\r
- exit(1);\r
- }\r
- strcpy(hostname, SNAME ); \r
- findkey(kv, "HOSTNAME", hostname);\r
- findkey(kv, "DOMAINNAME", domainname);\r
- freekeyvalues(kv);\r
- kv = NULL;\r
-\r
- if (!(fd = fopen(CONFIG_ROOT "/main/hosts", "r")))\r
- {\r
- fprintf(stderr, "Couldn't open main hosts file\n");\r
- exit(1);\r
- }\r
- if (!(hosts = fopen("/etc/hosts", "w")))\r
- {\r
- fprintf(stderr, "Couldn't open /etc/hosts file\n");\r
- fclose(fd);\r
- fd = NULL;\r
- exit(1);\r
- }\r
- fprintf(hosts, "127.0.0.1\tlocalhost\n");\r
- if (strlen(domainname))\r
- fprintf(hosts, "%s\t%s.%s\t%s\n",address,hostname,domainname,hostname);\r
- else\r
- fprintf(hosts, "%s\t%s\n",address,hostname);\r
- while (fgets(buffer, STRING_SIZE, fd))\r
- {\r
- buffer[strlen(buffer) - 1] = 0;\r
- if (buffer[0]==',') continue; /* disabled if empty field */\r
- active = strtok(buffer, ",");\r
- if (strcmp(active, "off")==0) continue; /* or 'off' */\r
- \r
- ip = strtok(NULL, ",");\r
- host = strtok(NULL, ",");\r
- domain = strtok(NULL, ",");\r
-\r
- if (!(ip && host))\r
- continue; // bad line ? skip\r
-\r
- if (!VALID_IP(ip))\r
- {\r
- fprintf(stderr, "Bad IP: %s\n", ip);\r
- continue; /* bad ip, skip */\r
- }\r
-\r
- if (strspn(host, LETTERS_NUMBERS "-") != strlen(host))\r
- {\r
- fprintf(stderr, "Bad Host: %s\n", host);\r
- continue; /* bad name, skip */\r
- }\r
-\r
- if (domain)\r
- fprintf(hosts, "%s\t%s.%s\t%s\n",ip,host,domain,host);\r
- else\r
- fprintf(hosts, "%s\t%s\n",ip,host);\r
- }\r
- fclose(fd);\r
- fd = NULL;\r
- fclose(hosts);\r
- hosts = NULL;\r
-\r
- if ((fdpid = open("/var/run/dnsmasq.pid", O_RDONLY)) == -1)\r
- {\r
- fprintf(stderr, "Couldn't open pid file\n");\r
- exit(1);\r
- }\r
- if (read(fdpid, buffer, STRING_SIZE - 1) == -1)\r
- {\r
- fprintf(stderr, "Couldn't read from pid file\n");\r
- close(fdpid);\r
- exit(1);\r
- }\r
- close(fdpid);\r
- pid = atoi(buffer);\r
- if (pid <= 1)\r
- {\r
- fprintf(stderr, "Bad pid value\n");\r
- exit(1);\r
- }\r
- if (kill(pid, SIGHUP) == -1)\r
- {\r
- fprintf(stderr, "Unable to send SIGHUP\n");\r
- exit(1);\r
- }\r
-\r
- return 0;\r
-}\r
+/* IPCop helper program - rebuildhosts
+ *
+ * This program is distributed under the terms of the GNU General Public
+ * Licence. See the file COPYING for details.
+ *
+ * (c) Alan Hourihane, 2003
+ *
+ *
+ * $Id: rebuildhosts.c,v 1.3.2.6 2005/07/11 10:56:47 franck78 Exp $
+ *
+ */
+
+#include "libsmooth.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <signal.h>
+#include "setuid.h"
+
+FILE *fd = NULL;
+FILE *hosts = NULL;
+FILE *gw = NULL;
+struct keyvalue *kv = NULL;
+
+void exithandler(void)
+{
+ if (kv)
+ freekeyvalues(kv);
+ if (fd)
+ fclose(fd);
+ if (hosts)
+ fclose(hosts);
+ if (gw)
+ fclose(gw);
+}
+
+int main(int argc, char *argv[])
+{
+ int fdpid;
+ char hostname[STRING_SIZE];
+ char domainname[STRING_SIZE] = "";
+ char gateway[STRING_SIZE] = "";
+ char buffer[STRING_SIZE];
+ char address[STRING_SIZE];
+ char *active, *ip, *host, *domain;
+ int pid;
+
+ if (!(initsetuid()))
+ exit(1);
+
+ atexit(exithandler);
+
+ memset(buffer, 0, STRING_SIZE);
+
+ kv = initkeyvalues();
+ if (!(readkeyvalues(kv, CONFIG_ROOT "/ethernet/settings")))
+ {
+ fprintf(stderr, "Couldn't read ethernet settings\n");
+ exit(1);
+ }
+ findkey(kv, "GREEN_ADDRESS", address);
+ freekeyvalues(kv);
+
+ kv = initkeyvalues();
+ if (!(readkeyvalues(kv, CONFIG_ROOT "/main/settings")))
+ {
+ fprintf(stderr, "Couldn't read main settings\n");
+ exit(1);
+ }
+ strcpy(hostname, SNAME );
+ findkey(kv, "HOSTNAME", hostname);
+ findkey(kv, "DOMAINNAME", domainname);
+ freekeyvalues(kv);
+ kv = NULL;
+
+ if (!(gw = fopen(CONFIG_ROOT "/red/remote-ipaddress", "r")))
+ {
+ fprintf(stderr, "Couldn't open remote-ipaddress file\n");
+ fclose(gw);
+ gw = NULL;
+ exit(1);
+ }
+
+ if (fgets(gateway, STRING_SIZE, gw) == NULL)
+ {
+ fprintf(stderr, "Couldn't read remote-ipaddress\n");
+ exit(1);
+ }
+
+ if (!(fd = fopen(CONFIG_ROOT "/main/hosts", "r")))
+ {
+ fprintf(stderr, "Couldn't open main hosts file\n");
+ exit(1);
+ }
+
+ if (!(hosts = fopen("/etc/hosts", "w")))
+ {
+ fprintf(stderr, "Couldn't open /etc/hosts file\n");
+ fclose(fd);
+ fd = NULL;
+ exit(1);
+ }
+ fprintf(hosts, "127.0.0.1\tlocalhost\n");
+ if (strlen(domainname))
+ fprintf(hosts, "%s\t%s.%s\t%s\n",address,hostname,domainname,hostname);
+ else
+ fprintf(hosts, "%s\t%s\n",address,hostname);
+
+ fprintf(hosts, "%s\tgateway\n",gateway);
+
+ while (fgets(buffer, STRING_SIZE, fd))
+ {
+ buffer[strlen(buffer) - 1] = 0;
+ if (buffer[0]==',') continue; /* disabled if empty field */
+ active = strtok(buffer, ",");
+ if (strcmp(active, "off")==0) continue; /* or 'off' */
+
+ ip = strtok(NULL, ",");
+ host = strtok(NULL, ",");
+ domain = strtok(NULL, ",");
+
+ if (!(ip && host))
+ continue; // bad line ? skip
+
+ if (!VALID_IP(ip))
+ {
+ fprintf(stderr, "Bad IP: %s\n", ip);
+ continue; /* bad ip, skip */
+ }
+
+ if (strspn(host, LETTERS_NUMBERS "-") != strlen(host))
+ {
+ fprintf(stderr, "Bad Host: %s\n", host);
+ continue; /* bad name, skip */
+ }
+
+ if (domain)
+ fprintf(hosts, "%s\t%s.%s\t%s\n",ip,host,domain,host);
+ else
+ fprintf(hosts, "%s\t%s\n",ip,host);
+ }
+ fclose(fd);
+ fd = NULL;
+ fclose(hosts);
+ hosts = NULL;
+
+ if ((fdpid = open("/var/run/dnsmasq.pid", O_RDONLY)) == -1)
+ {
+ fprintf(stderr, "Couldn't open pid file\n");
+ exit(1);
+ }
+ if (read(fdpid, buffer, STRING_SIZE - 1) == -1)
+ {
+ fprintf(stderr, "Couldn't read from pid file\n");
+ close(fdpid);
+ exit(1);
+ }
+ close(fdpid);
+ pid = atoi(buffer);
+ if (pid <= 1)
+ {
+ fprintf(stderr, "Bad pid value\n");
+ exit(1);
+ }
+ if (kill(pid, SIGHUP) == -1)
+ {
+ fprintf(stderr, "Unable to send SIGHUP\n");
+ exit(1);
+ }
+
+ return 0;
+}
#!/usr/bin/perl
##################################################
-##### VPN-Watch.pl Version 0.4c #####
+##### VPN-Watch.pl Version 0.5 #####
##################################################
# #
# VPN-Watch is part of the IPFire Firewall #
}
system("echo $$ > $file");
-
+my $round=0;
while ( $i == 0){
if ($debug){logger("We will wait 60 seconds before next action.");}
sleep(60);
-
- if (open(FILE, "<${General::swroot}/vpn/config")) {
- @vpnsettings = <FILE>;
+
+ $round++;
+
+ # Reset roundcounter after 10 min. To do established check.
+ if ($round > 9) { $round=0 }
+
+ if (open(FILE, "<${General::swroot}/vpn/config")) { @vpnsettings = <FILE>;
close(FILE);
unless(@vpnsettings) {exit 1;}
}
my $remoteip = `/usr/bin/ping -c 1 $remotehostname 2>/dev/null | head -n1 | awk '{print \$3}' | tr -d '()' | tr -d ':'`;chomp($remoteip);
if ($remoteip eq ""){next;if ($debug){logger("Unable to resolve $remotehostname.");}}
- my $ipmatch= `echo "$status" | grep $remoteip | grep $settings[2]`;
+ my $ipmatch= `echo "$status" | grep '$remoteip' | grep '$settings[2]'`;
+ my $established= `echo "$status" | grep '$settings[2]' | grep 'erouted;'`;
if ( $ipmatch eq '' ){
- logger("Remote IP for host $remotehostname-$remoteip has changed, restarting ipsec.");
- system("/usr/local/bin/ipsecctrl S");
+ logger("Remote IP for host $remotehostname($remoteip) has changed, restarting ipsec.");
+ system("/usr/local/bin/ipsecctrl S $settings[0]");
last; #all connections will reloaded
+ #remove this if ipsecctrl can restart single con again
+ }
+ if ( ($round = 0) && ($established eq '')) {
+ logger("Connection to $remotehostname($remoteip) not erouted, restarting ipsec.");
+ system("/usr/local/bin/ipsecctrl S $settings[0]");
+ last; #all connections will reloaded
+ #remove this if ipsecctrl can restart single con again
+
}
}
if ($debug){logger("All connections may be fine nothing was done.");}
my $log = shift;
system("logger -t vpnwatch \"$log\"");
}
-
projects / people / teissler / ipfire-2.x.git / commitdiff
