Context Navigation

source: src/router/services/services/pppoeserver.c @ 17613

Last change on this file since 17613 was 17613, checked in by sash, 21 months ago
pppoes: typo
File size: 10.2 KB

Line
1	/*
2	* pppoeserver.c
3	*
4	* Copyright (C) 2007 Sebastian Gottschall <gottschall@dd-wrt.com>
5	*
6	* This program is free software; you can redistribute it and/or
7	* modify it under the terms of the GNU General Public License
8	* as published by the Free Software Foundation; either version 2
9	* of the License.
10	*
11	* This program is distributed in the hope that it will be useful,
12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14	* GNU General Public License for more details.
15	*
16	* You should have received a copy of the GNU General Public License
17	* along with this program; if not, write to the Free Software
18	* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
19	*
20	* $Id:
21	*/
22	#ifdef HAVE_PPPOESERVER
23	#include <stdio.h>
24	#include <signal.h>
25	#include <bcmnvram.h>
26	#include <shutils.h>
27	#include <utils.h>
28	#include <malloc.h>
29	#include <sys/stat.h>
30	#include <syslog.h>
31	#include <services.h>
32
33	static char *getifip(void)
34	{
35	if (nvram_match("pppoeserver_interface", "br0"))
36	return nvram_safe_get("lan_ipaddr");
37	else
38	return nvram_nget("%s_ipaddr",
39	nvram_safe_get("pppoeserver_interface"));
40	}
41
42	void add_pppoe_natrule(void)
43	{
44
45	if (nvram_match("wan_proto", "disabled")) {
46	char mask[128];
47
48	sprintf(mask, "%s/%s", nvram_safe_get("pppoeserver_remotenet"),
49	nvram_safe_get("pppoeserver_remotemask"));
50	eval("iptables", "-A", "INPUT", "-i", getifip(),
51	"-s", mask, "-j", "DROP");
52	eval("iptables", "-t", "nat", "-A", "POSTROUTING", "-s", mask,
53	"-j", "SNAT", "--to-source", getifip());
54	}
55	}
56
57	void del_pppoe_natrule(void)
58	{
59	if (nvram_match("wan_proto", "disabled")) {
60	char mask[128];
61
62	sprintf(mask, "%s/%s", nvram_safe_get("pppoeserver_remotenet"),
63	nvram_safe_get("pppoeserver_remotemask"));
64	eval("iptables", "-D", "INPUT", "-i", getifip(),
65	"-s", mask, "-j", "DROP");
66	eval("iptables", "-t", "nat", "-D", "POSTROUTING", "-s", mask,
67	"-j", "SNAT", "--to-source", getifip());
68	}
69	}
70
71	static void makeipup(void)
72	{
73	int mss;
74
75	if (nvram_match("mtu_enable", "1"))
76	mss = atoi(nvram_safe_get("wan_mtu")) - 40 - 108;
77	else
78	mss = 1500 - 40 - 108;
79
80	FILE *fp = fopen("/tmp/pppoeserver/ip-up", "w");
81
82	fprintf(fp, "#!/bin/sh\n" "startservice set_routes\n" // reinitialize
83	"echo \"$PPPD_PID $1 $5 $PEERNAME\" >> /tmp/pppoe_connected\n" //
84	//"echo \"$PPPD_PID $1 $5 $PEERNAME \'date +%s\'\n" >> /tmp/pppoe_connected\n" //
85	//->use something like $(( ($(date +%s) - $(date -d "$dates" +%s)) / (606024*31) )) for computing uptime in the gui
86	"iptables -I FORWARD -i $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu\n" //
87	"iptables -I INPUT -i $1 -j ACCEPT\n" //
88	"iptables -I FORWARD -i $1 -j ACCEPT\n" //
89	"IN=`cat /var/run/radattr.$1 \| grep -i RP-Upstream-Speed-Limit \| awk '{print $2}'`\n" //
90	"OUT=`cat /var/run/radattr.$1 \| grep -i RP-Downstream-Speed-Limit \| awk '{print $2}'`\n" //
91	"if [ ! -z $IN ] && [ ! -z $OUT ] && [ $IN -gt 0 ] && [ $OUT -gt 0 ]\n" //only if Speed limit !=0 and !empty
92	"then tc qdisc del root dev $1\n" //
93	" tc qdisc del dev $1 ingress\n" //
94	" tc qdisc add dev $1 root tbf rate \"$OUT\"kbit latency 50ms burst \"$OUT\"kbit\n" //
95	" tc qdisc add dev $1 handle ffff: ingress\n" //
96	" tc filter add dev $1 parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate \"$IN\"kbit burst \"$IN\"kbit drop flowid :1\n"
97	"fi\n");
98	fclose(fp);
99	fp = fopen("/tmp/pppoeserver/ip-down", "w");
100	fprintf(fp, "#!/bin/sh\n" "grep -v $PPPD_PID /tmp/pppoe_connected > /tmp/pppoe_connected.tmp\n" //
101	"mv /tmp/pppoe_connected.tmp /tmp/pppoe_connected\n" //
102	"CONTIME=`grep $PEERNAME /tmp/pppoe_data \| awk '{print $2}'`\n"
103	"SENT=`grep $PEERNAME /tmp/pppoe_data \| awk '{print $3}'`\n"
104	"RCVD=`grep $PEERNAME /tmp/pppoe_data \| awk '{print $4}'`\n"
105	"CONTIME=$(($CONTIME+$CONNECT_TIME))\n"
106	"SENT=$(($SENT+$BYTES_SENT))\n"
107	"RCVD=$(($RCVD+$BYTES_RCVD))\n"
108	"grep -v $PEERNAME /tmp/pppoe_data > /tmp/pppoe_data.tmp\n"
109	"mv /tmp/pppoe_data.tmp /tmp/pppoe_data\n"
110	"echo \"$PEERNAME $CONTIME $SENT $RCVD\" >> /tmp/pppoe_data\n"
111	"iptables -D FORWARD -i $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu\n" //
112	"iptables -D INPUT -i $1 -j ACCEPT\n" //
113	"iptables -D FORWARD -i $1 -j ACCEPT\n" //
114	"tc qdisc del root dev $1\n" //
115	"tc qdisc del dev $1 ingress\n");
116	fclose(fp);
117
118	chmod("/tmp/pppoeserver/ip-up", 0744);
119	chmod("/tmp/pppoeserver/ip-down", 0744);
120
121	}
122
123	static void do_pppoeconfig(FILE * fp)
124	{
125	int nowins = 0;
126
127	if (nvram_match("wan_wins", "0.0.0.0")) {
128	nvram_set("wan_wins", "");
129	nowins = 1;
130	}
131	if (strlen(nvram_safe_get("wan_wins")) == 0)
132	nowins = 1;
133	// fprintf (fp, "crtscts\n");
134	if (nvram_default_match("pppoeserver_bsdcomp", "0", "0"))
135	fprintf(fp, "nobsdcomp\n");
136	else
137	fprintf(fp, "bsdcomp 12\n");
138	if (nvram_default_match("pppoeserver_deflate", "0", "0"))
139	fprintf(fp, "nodeflate\n");
140	else
141	fprintf(fp, "deflate 12\n");
142	if (nvram_default_match("pppoeserver_lzs", "0", "0"))
143	fprintf(fp, "nolzs\n");
144	else
145	fprintf(fp, "lzs\n");
146	if (nvram_default_match("pppoeserver_mppc", "0", "0"))
147	fprintf(fp, "nomppc\n");
148	else
149	fprintf(fp, "mppc\n");
150	if (nvram_default_match("pppoeserver_encryption", "1", "0")) {
151	fprintf(fp, "mppe required,no56,no40,stateless\n");
152	} else
153	fprintf(fp, "nomppe\n");
154	fprintf(fp, "auth\n"
155	"refuse-eap\n" // be sure using best auth methode
156	"refuse-pap\n" //
157	"refuse-chap\n" //
158	"refuse-mschap\n" //
159	"require-mschap-v2\n"
160	"nopcomp\n" // what comp methode is this? we need no switch?
161	"default-mru\n"
162	"default-asyncmap\n"
163	"noipdefault\n"
164	"nodefaultroute\n"
165	"noproxyarp\n" //
166	"noktune\n" //
167	"netmask 255.255.255.255\n" //
168	"ip-up-script /tmp/pppoeserver/ip-up\n" //
169	"ip-down-script /tmp/pppoeserver/ip-down\n"
170	"lcp-echo-interval %s\n"
171	"lcp-echo-failure %s\n"
172	"idle %s\n",
173	nvram_safe_get("pppoeserver_lcpechoint"),
174	nvram_safe_get("pppoeserver_lcpechofail"),
175	nvram_safe_get("pppoeserver_idle"));
176	if (!nowins) {
177	fprintf(fp, "ms-wins %s\n", nvram_safe_get("wan_wins"));
178	}
179	struct dns_lists *dns_list = get_dns_list();
180
181	if (nvram_match("dnsmasq_enable", "1")) {
182	if (strcmp(getifip(), ""))
183	fprintf(fp, "ms-dns %s\n", getifip());
184	} else if (nvram_match("local_dns", "1")) {
185	if (dns_list && (strcmp(getifip(), "")
186	\|\| strlen(dns_list->dns_server[0]) > 0
187	\|\| strlen(dns_list->dns_server[1]) > 0
188	\|\| strlen(dns_list->dns_server[2]) > 0)) {
189
190	if (strcmp(getifip(), ""))
191	fprintf(fp, "ms-dns %s\n", getifip());
192	if (strlen(dns_list->dns_server[0]) > 0)
193	fprintf(fp, "ms-dns %s\n",
194	dns_list->dns_server[0]);
195	if (strlen(dns_list->dns_server[1]) > 0)
196	fprintf(fp, "ms-dns %s\n",
197	dns_list->dns_server[1]);
198	if (strlen(dns_list->dns_server[2]) > 0)
199	fprintf(fp, "ms-dns %s\n",
200	dns_list->dns_server[2]);
201	}
202	} else {
203	if (dns_list
204	&& (strlen(dns_list->dns_server[0]) > 0
205	\|\| strlen(dns_list->dns_server[1]) > 0
206	\|\| strlen(dns_list->dns_server[2]) > 0)) {
207	if (strlen(dns_list->dns_server[0]) > 0)
208	fprintf(fp, "ms-dns %s\n",
209	dns_list->dns_server[0]);
210	if (strlen(dns_list->dns_server[1]) > 0)
211	fprintf(fp, "ms-dns %s\n",
212	dns_list->dns_server[1]);
213	if (strlen(dns_list->dns_server[2]) > 0)
214	fprintf(fp, "ms-dns %s\n",
215	dns_list->dns_server[2]);
216
217	}
218	}
219
220	if (dns_list)
221	free(dns_list);
222
223	}
224
225	void start_pppoeserver(void)
226	{
227	FILE *fp;
228	if (nvram_default_match("pppoeserver_enabled", "1", "0")) {
229	add_pppoe_natrule();
230	if (nvram_default_match("pppoeradius_enabled", "0", "0")) {
231
232	mkdir("/tmp/pppoeserver", 0777);
233	fp =
234	fopen("/tmp/pppoeserver/pppoe-server-options",
235	"wb");
236	do_pppoeconfig(fp);
237	fprintf(fp, "chap-secrets /tmp/pppoeserver/chap-secrets\n");
238	fclose(fp);
239
240	// parse chaps from nvram to file
241	static char word[256];
242	char next, wordlist;
243	char user, pass, ip, enable;
244
245	wordlist = nvram_safe_get("pppoeserver_chaps");
246
247	fp = fopen("/tmp/pppoeserver/chap-secrets", "wb");
248
249	foreach(word, wordlist, next) {
250	pass = word;
251	user = strsep(&pass, ":");
252	if (!user \|\| !pass)
253	continue;
254
255	ip = pass;
256	pass = strsep(&ip, ":");
257	if (!pass \|\| !ip)
258	continue;
259
260	enable = ip;
261	ip = strsep(&enable, ":");
262	if (!ip \|\| !enable)
263	continue;
264
265	if (!strcmp(ip, "0.0.0.0"))
266	ip = "*";
267	if (!strcmp(enable, "on"))
268	fprintf(fp, "%s * %s %s\n", user, pass,
269	ip);
270
271	}
272	fclose(fp);
273	makeipup();
274	// end parsing
275	} else {
276
277	mkdir("/tmp/pppoeserver", 0777);
278	fp =
279	fopen("/tmp/pppoeserver/pppoe-server-options", "wb");
280	do_pppoeconfig(fp);
281	fprintf(fp, "login\n" //
282	"plugin radius.so\n" //
283	"plugin radattr.so\n" //
284	"radius-config-file /tmp/pppoeserver/radius/radiusclient.conf\n");
285	fclose(fp);
286	mkdir("/tmp/pppoeserver/radius", 0777);
287	fp = fopen("/tmp/pppoeserver/radius/radiusclient.conf",
288	"wb");
289	fprintf(fp, "auth_order\tradius\n" //
290	"login_tries\t4\n" //
291	"login_timeout\t60\n" //
292	"nologin\t/etc/nologin\n" //
293	"issue\t/etc/issue\n" //
294	"servers\t/tmp/pppoeserver/radius/servers\n" //
295	"dictionary\t/etc/dictionary\n" //
296	"login_radius\t/usr/local/sbin/login.radius\n" //
297	"seqfile\t/var/run/radius.seq\n" //
298	"mapfile\t/etc/port-id-map\n" "default_realm\n" //
299	"radius_timeout\t10\n" //
300	"radius_retries\t3\n" //
301	"login_local\t/bin/login\n" //
302	"authserver %s:%s\n" //
303	"acctserver %s:%s\n", //
304	nvram_safe_get("pppoeserver_authserverip"),
305	nvram_safe_get("pppoeserver_authserverport"),
306	nvram_safe_get("pppoeserver_authserverip"),
307	nvram_safe_get("pppoeserver_acctserverport"));
308	fclose(fp);
309	fp = fopen("/tmp/pppoeserver/radius/servers", "wb");
310	fprintf(fp, "%s %s\n", nvram_safe_get("pppoeserver_authserverip"), nvram_safe_get("pppoeserver_sharedkey")); // todo,
311	fclose(fp);
312	makeipup();
313	}
314
315	//create the ip pool file
316	fp = fopen("/tmp/pppoeserver/pool", "wb");
317	fprintf(fp, "%s\n", nvram_safe_get("pppoeserver_pool"));
318	fclose(fp);
319
320	eval("pppoe-server", "-k", "-I", nvram_safe_get("pppoeserver_interface"), "-L", getifip(), "-x", nvram_safe_get("pppoeserver_sessionlimit"), "-p", "/tmp/pppoeserver/pool");
321	dd_syslog(LOG_INFO,
322	"rp-pppoe : pppoe server successfully started\n");
323	}
324	}
325
326	void stop_pppoeserver(void)
327	{
328	if (stop_process("pppoe-server", "pppoe server")) {
329	del_pppoe_natrule();
330	}
331
332	}
333
334	#endif

Note: See TracBrowser for help on using the repository browser.

Download in other formats: