Context Navigation

source: src/router/services/services/pppoeserver.c @ 18689

Last change on this file since 18689 was 18689, checked in by sash, 15 months ago
pppoesrv: typo
File size: 12.3 KB

Line
1	/*
2	* pppoeserver.c
3	*
4	* Copyright (C) 2007 Sebastian Gottschall <gottschall@dd-wrt.com>
5	*
6	* This program is free software; you can redistribute it and/or
7	* modify it under the terms of the GNU General Public License
8	* as published by the Free Software Foundation; either version 2
9	* of the License.
10	*
11	* This program is distributed in the hope that it will be useful,
12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14	* GNU General Public License for more details.
15	*
16	* You should have received a copy of the GNU General Public License
17	* along with this program; if not, write to the Free Software
18	* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
19	*
20	* $Id:
21	*/
22	#ifdef HAVE_PPPOESERVER
23	#include <stdio.h>
24	#include <signal.h>
25	#include <bcmnvram.h>
26	#include <shutils.h>
27	#include <utils.h>
28	#include <malloc.h>
29	#include <sys/stat.h>
30	#include <syslog.h>
31	#include <services.h>
32
33	static char *getifip(void)
34	{
35	if (nvram_match("pppoeserver_interface", "br0"))
36	return nvram_safe_get("lan_ipaddr");
37	else
38	return nvram_nget("%s_ipaddr",
39	nvram_safe_get("pppoeserver_interface"));
40	}
41
42	void add_pppoe_natrule(void)
43	{
44
45	if (nvram_match("wan_proto", "disabled")) {
46	char mask[128];
47
48	sprintf(mask, "%s/%s", nvram_safe_get("pppoeserver_remotenet"),
49	nvram_safe_get("pppoeserver_remotemask"));
50	eval("iptables", "-A", "INPUT", "-i", getifip(),
51	"-s", mask, "-j", "DROP");
52	eval("iptables", "-t", "nat", "-A", "POSTROUTING", "-s", mask,
53	"-j", "SNAT", "--to-source", getifip());
54	}
55	}
56
57	void del_pppoe_natrule(void)
58	{
59	if (nvram_match("wan_proto", "disabled")) {
60	char mask[128];
61
62	sprintf(mask, "%s/%s", nvram_safe_get("pppoeserver_remotenet"),
63	nvram_safe_get("pppoeserver_remotemask"));
64	eval("iptables", "-D", "INPUT", "-i", getifip(),
65	"-s", mask, "-j", "DROP");
66	eval("iptables", "-t", "nat", "-D", "POSTROUTING", "-s", mask,
67	"-j", "SNAT", "--to-source", getifip());
68	}
69	}
70
71	static void makeipup(void)
72	{
73	int mss;
74
75	//WHY is this? we dont use the MSS?!
76	if (nvram_match("mtu_enable", "1"))
77	mss = atoi(nvram_safe_get("wan_mtu")) - 40 - 108;
78	else
79	mss = 1500 - 40 - 108;
80
81	FILE *fp = fopen("/tmp/pppoeserver/ip-up", "w");
82
83	fprintf(fp, "#!/bin/sh\n" "startservice set_routes\n" // reinitialize
84	"echo \"$PPPD_PID\t$1\t$5\t$PEERNAME\" >> /tmp/pppoe_connected\n"
85	// just an uptime test
86	"echo \"`date +%%s`\t$PEERNAME\" >> /tmp/pppoe_uptime\n" //
87	//->use something like $(( ($(date +%s) - $(date -d "$dates" +%s)) / (606024*31) )) for computing uptime in the gui
88	"iptables -I INPUT -i $1 -j ACCEPT\n" //
89	"iptables -I FORWARD -i $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu\n" //
90	"iptables -I FORWARD -i $1 -j ACCEPT\n"); //
91	// per peer shaping
92	if (nvram_match("pppoeradius_enabled", "1")) {
93	fprintf(fp, "IN=`grep -i RP-Upstream-Speed-Limit /var/run/radattr.$1 \| awk '{print $2}'`\n" //
94	"OUT=`grep -i RP-Downstream-Speed-Limit /var/run/radattr.$1 \| awk '{print $2}'`\n" //
95	"if [ ! -z $IN ] && [ ! -z $OUT ] && [ $IN -gt 0 ] && [ $OUT -gt 0 ]\n" //only if Speed limit !=0 and !empty
96	"then tc qdisc del root dev $1\n" //
97	" tc qdisc del dev $1 ingress\n" //
98	" tc qdisc add dev $1 root tbf rate \"$OUT\"kbit latency 50ms burst \"$OUT\"kbit\n" //
99	" tc qdisc add dev $1 handle ffff: ingress\n" //
100	" tc filter add dev $1 parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate \"$IN\"kbit burst \"$IN\"kbit drop flowid :1\n"
101	"fi\n");
102	}
103	//tc qdisc add dev $1 root red min 150KB max 450KB limit 600KB burst 200 avpkt 1000 probability 0.02 bandwidth 100Mbit
104	//eg: tc qdisc add dev $1 root red min 150KB max 450KB limit 600KB burst 200 avpkt 1000 probability 0.02 bandwidth 10Mbit
105	//burst = (min+min+max)/(3avpkt); limit = minimum: max+burst or xmax, max = 2*min
106	fclose(fp);
107	fp = fopen("/tmp/pppoeserver/ip-down", "w");
108	fprintf(fp, "#!/bin/sh\n"
109	"grep -v $PPPD_PID /tmp/pppoe_connected > /tmp/pppoe_connected.tmp\n" //
110	"mv /tmp/pppoe_connected.tmp /tmp/pppoe_connected\n" //
111	// just an uptime test
112	"grep -v $PEERNAME /tmp/pppoe_uptime > /tmp/pppoe_uptime.tmp\n" //
113	"mv /tmp/pppoe_uptime.tmp /tmp/pppoe_uptime\n" //
114	// calc connected time and volume per peer
115	"CONTIME=`grep $PEERNAME /tmp/pppoe_peer.db \| awk '{print $1}'`\n"
116	"SENT=`grep $PEERNAME /tmp/pppoe_peer.db \| awk '{print $2}'`\n"
117	"RCVD=`grep $PEERNAME /tmp/pppoe_peer.db \| awk '{print $3}'`\n"
118	"CONTIME=$(($CONTIME+$CONNECT_TIME))\n"
119	"SENT=$(($SENT+$BYTES_SENT))\n"
120	"RCVD=$(($RCVD+$BYTES_RCVD))\n"
121	"grep -v $PEERNAME /tmp/pppoe_peer.db > /tmp/pppoe_peer.db.tmp\n"
122	"mv /tmp/pppoe_peer.db.tmp /tmp/pppoe_peer.db\n"
123	"echo \"$CONTIME\t\t$SENT\t\t$RCVD\t\t$PEERNAME\" >> /tmp/pppoe_peer.db\n"
124	//
125	"iptables -D INPUT -i $1 -j ACCEPT\n" //
126	"iptables -D FORWARD -i $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu\n" //
127	"iptables -D FORWARD -i $1 -j ACCEPT\n"); //
128	if (nvram_match("pppoeradius_enabled", "1")) {
129	fprintf(fp, "tc qdisc del root dev $1\n" //
130	"tc qdisc del dev $1 ingress\n");
131	}
132	fclose(fp);
133
134	chmod("/tmp/pppoeserver/ip-up", 0744);
135	chmod("/tmp/pppoeserver/ip-down", 0744);
136
137	// copy existing peer data to /tmp
138	if (nvram_match("sys_enable_jffs2", "1"))
139	system("/bin/cp /jffs/etc/pppoe_peer.db /tmp/");
140	}
141
142	static void do_pppoeconfig(FILE * fp)
143	{
144	int nowins = 0;
145
146	if (nvram_match("wan_wins", "0.0.0.0")) {
147	nvram_set("wan_wins", "");
148	nowins = 1;
149	}
150	if (strlen(nvram_safe_get("wan_wins")) == 0)
151	nowins = 1;
152	// fprintf (fp, "crtscts\n");
153	if (nvram_default_match("pppoeserver_bsdcomp", "0", "0"))
154	fprintf(fp, "nobsdcomp\n");
155	else
156	fprintf(fp, "bsdcomp 12\n");
157	if (nvram_default_match("pppoeserver_deflate", "0", "0"))
158	fprintf(fp, "nodeflate\n");
159	else
160	fprintf(fp, "deflate 12\n");
161	if (nvram_default_match("pppoeserver_lzs", "0", "0"))
162	fprintf(fp, "nolzs\n");
163	else
164	fprintf(fp, "lzs\n");
165	if (nvram_default_match("pppoeserver_mppc", "0", "0"))
166	fprintf(fp, "nomppc\n");
167	else
168	fprintf(fp, "mppc\n");
169	if (nvram_default_match("pppoeserver_encryption", "1", "0"))
170	fprintf(fp, "mppe required,no56,no40,stateless\n");
171	else
172	fprintf(fp, "nomppe\n");
173	fprintf(fp, "auth\n"
174	"refuse-eap\n" // be sure using best auth methode
175	"refuse-pap\n" //
176	"refuse-chap\n" //
177	"refuse-mschap\n" //
178	"require-mschap-v2\n"
179	"nopcomp\n" // no protocol field compression
180	"default-mru\n"
181	"default-asyncmap\n"
182	"noipdefault\n"
183	"defaultroute\n"
184	"proxyarp\n" //
185	"noktune\n" //
186	"netmask 255.255.255.255\n" //
187	"ip-up-script /tmp/pppoeserver/ip-up\n" //
188	"ip-down-script /tmp/pppoeserver/ip-down\n"
189	//"lcp-echo-adaptive\n"
190	"lcp-echo-interval %s\n"
191	"lcp-echo-failure %s\n"
192	"idle %s\n",
193	nvram_safe_get("pppoeserver_lcpechoint"),
194	nvram_safe_get("pppoeserver_lcpechofail"),
195	nvram_safe_get("pppoeserver_idle"));
196	if (!nowins) {
197	fprintf(fp, "ms-wins %s\n", nvram_safe_get("wan_wins"));
198	}
199	struct dns_lists *dns_list = get_dns_list();
200
201	/* if (nvram_match("dnsmasq_enable", "1")) {
202	if (strcmp(getifip(), "")) {
203	fprintf(fp, "ms-dns %s\n", getifip());
204	fprintf(fp, "ms-dns %s\n",
205	dns_list->dns_server[0]);
206	}
207	} else if (nvram_match("local_dns", "1")) {
208	if (dns_list && (strcmp(getifip(), "")
209	\|\| strlen(dns_list->dns_server[0]) > 0
210	\|\| strlen(dns_list->dns_server[1]) > 0
211	\|\| strlen(dns_list->dns_server[2]) > 0)) {
212
213	if (strcmp(getifip(), ""))
214	fprintf(fp, "ms-dns %s\n", getifip());
215	if (strlen(dns_list->dns_server[0]) > 0)
216	fprintf(fp, "ms-dns %s\n",
217	dns_list->dns_server[0]);
218	if (strlen(dns_list->dns_server[1]) > 0)
219	fprintf(fp, "ms-dns %s\n",
220	dns_list->dns_server[1]);
221	if (strlen(dns_list->dns_server[2]) > 0)
222	fprintf(fp, "ms-dns %s\n",
223	dns_list->dns_server[2]);
224	}
225	} else {
226	if (dns_list
227	&& (strlen(dns_list->dns_server[0]) > 0
228	\|\| strlen(dns_list->dns_server[1]) > 0
229	\|\| strlen(dns_list->dns_server[2]) > 0)) { */
230	if (strlen(dns_list->dns_server[0]) > 0)
231	fprintf(fp, "ms-dns %s\n",
232	dns_list->dns_server[0]);
233	if (strlen(dns_list->dns_server[1]) > 0)
234	fprintf(fp, "ms-dns %s\n",
235	dns_list->dns_server[1]);
236	if (strlen(dns_list->dns_server[2]) > 0)
237	fprintf(fp, "ms-dns %s\n",
238	dns_list->dns_server[2]);
239
240	// }
241	// }
242
243	if (dns_list)
244	free(dns_list);
245
246	}
247
248	void start_pppoeserver(void)
249	{
250	FILE *fp;
251	if (nvram_default_match("pppoeserver_enabled", "1", "0")) {
252	add_pppoe_natrule();
253	if (nvram_default_match("pppoeradius_enabled", "0", "0")) {
254
255	mkdir("/tmp/pppoeserver", 0777);
256	fp = fopen("/tmp/pppoeserver/pppoe-server-options", "wb");
257	do_pppoeconfig(fp);
258	fprintf(fp, "chap-secrets /tmp/pppoeserver/chap-secrets\n");
259	fclose(fp);
260
261	// parse chaps from nvram to file
262	static char word[256];
263	char next, wordlist;
264	char user, pass, ip, enable;
265
266	wordlist = nvram_safe_get("pppoeserver_chaps");
267
268	fp = fopen("/tmp/pppoeserver/chap-secrets", "wb");
269
270	foreach(word, wordlist, next) {
271	pass = word;
272	user = strsep(&pass, ":");
273	if (!user \|\| !pass)
274	continue;
275
276	ip = pass;
277	pass = strsep(&ip, ":");
278	if (!pass \|\| !ip)
279	continue;
280
281	enable = ip;
282	ip = strsep(&enable, ":");
283	if (!ip \|\| !enable)
284	continue;
285
286	if (!strcmp(ip, "0.0.0.0"))
287	ip = "*";
288	if (!strcmp(enable, "on"))
289	fprintf(fp, "%s * %s %s\n", user, pass,
290	ip);
291
292	}
293	fclose(fp);
294	makeipup();
295	// end parsing
296	} else {
297
298	mkdir("/tmp/pppoeserver", 0777);
299	fp =
300	fopen("/tmp/pppoeserver/pppoe-server-options", "wb");
301	do_pppoeconfig(fp);
302	fprintf(fp, "login\n" //
303	"plugin radius.so\n" //
304	"plugin radattr.so\n" //
305	"radius-config-file /tmp/pppoeserver/radius/radiusclient.conf\n");
306	fclose(fp);
307	mkdir("/tmp/pppoeserver/radius", 0777);
308	fp = fopen("/tmp/pppoeserver/radius/radiusclient.conf",
309	"wb");
310	fprintf(fp, "auth_order\tradius\n" //
311	"login_tries\t4\n" //
312	"login_timeout\t60\n" //
313	"nologin\t/etc/nologin\n" //
314	"issue\t/etc/issue\n" //
315	"servers\t/tmp/pppoeserver/radius/servers\n" //
316	"dictionary\t/etc/dictionary\n" //
317	"login_radius\t/usr/local/sbin/login.radius\n" //
318	"seqfile\t/var/run/radius.seq\n" //
319	"mapfile\t/etc/port-id-map\n" "default_realm\n" //
320	"radius_timeout\t10\n" //
321	"radius_retries\t3\n" //
322	"login_local\t/bin/login\n"); //
323	if (nvram_match("pppoeserver_authserverip_backup", "0.0.0.0")
324	\|\| strlen(nvram_safe_get("pppoeserver_authserverip_backup")) == 0 ) {
325	fprintf(fp, "authserver %s:%s\n" //
326	"acctserver %s:%s\n", //
327	nvram_safe_get("pppoeserver_authserverip"),
328	nvram_safe_get("pppoeserver_authserverport"),
329	nvram_safe_get("pppoeserver_authserverip"),
330	nvram_safe_get("pppoeserver_acctserverport"));
331	}
332	else { fprintf(fp, "authserver %s:%s, %s:%s\n" //
333	"acctserver %s:%s, %s:%s\n", //
334	nvram_safe_get("pppoeserver_authserverip"),
335	nvram_safe_get("pppoeserver_authserverport"),
336	nvram_safe_get("pppoeserver_authserverip_backup"),
337	nvram_safe_get("pppoeserver_authserverport_backup"),
338	nvram_safe_get("pppoeserver_authserverip"),
339	nvram_safe_get("pppoeserver_acctserverport"),
340	nvram_safe_get("pppoeserver_authserverip_backup"),
341	nvram_safe_get("pppoeserver_acctserverport_backup"));
342	}
343	fclose(fp);
344	fp = fopen("/tmp/pppoeserver/radius/servers", "wb");
345	fprintf(fp, "%s %s\n",
346	nvram_safe_get("pppoeserver_authserverip"),
347	nvram_safe_get("pppoeserver_sharedkey")); // todo,
348	if (nvram_invmatch("pppoeserver_authserverip_backup", "0.0.0.0")
349	\|\| strlen(nvram_safe_get("pppoeserver_authserverip_backup")) != 0 )
350	fprintf(fp, "%s %s\n",
351	nvram_safe_get("pppoeserver_authserverip_backup"),
352	nvram_safe_get("pppoeserver_sharedkey_backup"));
353	fclose(fp);
354	makeipup();
355	}
356
357	//create the ip pool file
358	fp = fopen("/tmp/pppoeserver/pool", "wb");
359	fprintf(fp, "%s\n", nvram_safe_get("pppoeserver_pool"));
360	fclose(fp);
361
362	eval("pppoe-server", "-k", "-I", nvram_safe_get("pppoeserver_interface"),
363	"-L", getifip(), "-i", "-x", nvram_safe_get("pppoeserver_sessionlimit"),
364	"-N", "512", "-p", "/tmp/pppoeserver/pool",
365	"-X", "/var/run/pppoeserver.pid");
366	dd_syslog(LOG_INFO,
367	"rp-pppoe : pppoe server successfully started\n");
368	}
369	}
370
371	void stop_pppoeserver(void)
372	{
373	if (stop_process("pppoe-server", "pppoe server")) {
374	del_pppoe_natrule();
375	unlink("/tmp/pppoe_connected");
376	// backup peer data
377	if (nvram_match("sys_enable_jffs2", "1"))
378	system("/bin/cp /tmp/pppoe_peer.db /jffs/etc/");
379	}
380
381	}
382
383	#endif

Note: See TracBrowser for help on using the repository browser.

Download in other formats: