Menu
▾
▴
[Astlinux-commits] SF.net SVN: astlinux:[5725] branches/1.0/package/arnofw
|
From: <abe...@us...> - 2012-10-28 21:00:35
|
Revision: 5725
http://astlinux.svn.sourceforge.net/astlinux/?rev=5725&view=rev
Author: abelbeck
Date: 2012-10-28 21:00:24 +0000 (Sun, 28 Oct 2012)
Log Message:
-----------
arnofw, add openvpn-server plugin
Modified Paths:
--------------
branches/1.0/package/arnofw/arnofw.mk
branches/1.0/package/arnofw/arnofw.serial
Added Paths:
-----------
branches/1.0/package/arnofw/openvpn-server/
branches/1.0/package/arnofw/openvpn-server/50openvpn-server.plugin.sh
branches/1.0/package/arnofw/openvpn-server/openvpn-server-astlinux.conf
Modified: branches/1.0/package/arnofw/arnofw.mk
===================================================================
--- branches/1.0/package/arnofw/arnofw.mk 2012-10-28 19:49:31 UTC (rev 5724)
+++ branches/1.0/package/arnofw/arnofw.mk 2012-10-28 21:00:24 UTC (rev 5725)
@@ -112,6 +112,13 @@
$(INSTALL) -m 0644 package/arnofw/traffic-shaper/traffic-shaper-astlinux.conf \
$(TARGET_DIR)/stat$(ARNOFW_PLUGIN_CONFIG_DIR)/traffic-shaper.conf
@echo
+ @echo "Install local version of OpenVPN Server plugin."
+ @echo
+ $(INSTALL) -m 0644 package/arnofw/openvpn-server/50openvpn-server.plugin.sh \
+ $(TARGET_DIR)$(ARNOFW_PLUGIN_SCRIPT_DIR)/50openvpn-server.plugin
+ $(INSTALL) -m 0644 package/arnofw/openvpn-server/openvpn-server-astlinux.conf \
+ $(TARGET_DIR)/stat$(ARNOFW_PLUGIN_CONFIG_DIR)/openvpn-server.conf
+ @echo
@echo "Install local version of PPTP VPN plugin."
@echo
$(INSTALL) -m 0644 package/arnofw/pptp-vpn/50pptp-vpn.plugin.sh \
Modified: branches/1.0/package/arnofw/arnofw.serial
===================================================================
--- branches/1.0/package/arnofw/arnofw.serial 2012-10-28 19:49:31 UTC (rev 5724)
+++ branches/1.0/package/arnofw/arnofw.serial 2012-10-28 21:00:24 UTC (rev 5725)
@@ -1 +1 @@
-0002~0016~0000~0000~0000~
+0002~0017~0000~0000~0000~
Added: branches/1.0/package/arnofw/openvpn-server/50openvpn-server.plugin.sh
===================================================================
--- branches/1.0/package/arnofw/openvpn-server/50openvpn-server.plugin.sh (rev 0)
+++ branches/1.0/package/arnofw/openvpn-server/50openvpn-server.plugin.sh 2012-10-28 21:00:24 UTC (rev 5725)
@@ -0,0 +1,137 @@
+# ------------------------------------------------------------------------------
+# -= Arno's iptables firewall - OpenVPN Server plugin =-
+#
+PLUGIN_NAME="OpenVPN Server plugin"
+PLUGIN_VERSION="1.00 BETA"
+PLUGIN_CONF_FILE="openvpn-server.conf"
+#
+# Last changed : October 28, 2012
+# Requirements : AIF 2.0.0+
+# Comments : This plugin allows access to an OpenVPN Server.
+#
+# Author : (C) Copyright 2012 by Lonnie Abelbeck & Arno van Amersfoort
+# Homepage : http://rocky.eld.leidenuniv.nl/
+# Freshmeat homepage : http://freshmeat.net/projects/iptables-firewall/?topic_id=151
+# Email : a r n o v a AT r o c k y DOT e l d DOT l e i d e n u n i v DOT n l
+# (note: you must remove all spaces and substitute the @ and the .
+# at the proper locations!)
+# ------------------------------------------------------------------------------
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# version 2 as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+# ------------------------------------------------------------------------------
+
+# Plugin start function
+plugin_start()
+{
+ local host proto port IFS
+
+ if [ -z "$OPENVPN_SERVER_TUNNEL_HOSTS" ]; then
+ OPENVPN_SERVER_TUNNEL_HOSTS="0/0"
+ fi
+
+ echo "${INDENT}Allowing internet hosts $OPENVPN_SERVER_TUNNEL_HOSTS to access the OpenVPN Server service"
+ port="$OPENVPN_SERVER_PORT"
+ case $OPENVPN_SERVER_PROTOCOL in
+ udp|UDP) proto="udp" ;;
+ tcp*|TCP*) proto="tcp" ;;
+ esac
+ IFS=' ,'
+ for host in $(ip_range "$OPENVPN_SERVER_TUNNEL_HOSTS"); do
+ iptables -A EXT_INPUT_CHAIN -p $proto --dport $port -s $host -j ACCEPT
+ done
+
+ return 0
+}
+
+
+# Plugin restart function
+plugin_restart()
+{
+
+ # Skip plugin_stop on a restart
+ plugin_start
+
+ return 0
+}
+
+
+# Plugin stop function
+plugin_stop()
+{
+
+ return 0
+}
+
+
+# Plugin status function
+plugin_status()
+{
+ return 0
+}
+
+
+# Check sanity of eg. environment
+plugin_sanity_check()
+{
+ # Sanity check
+ if [ -z "$OPENVPN_SERVER_PORT" -o -z "$OPENVPN_SERVER_PROTOCOL" ]; then
+ printf "\033[40m\033[1;31m${INDENT}ERROR: The plugin config file is not properly set!\033[0m\n" >&2
+ return 1
+ fi
+
+ return 0
+}
+
+
+############
+# Mainline #
+############
+
+# Check where to find the config file
+CONF_FILE=""
+if [ -n "$PLUGIN_CONF_PATH" ]; then
+ CONF_FILE="$PLUGIN_CONF_PATH/$PLUGIN_CONF_FILE"
+fi
+
+# Check if the config file exists
+if [ ! -e "$CONF_FILE" ]; then
+ printf "NOTE: Config file \"$CONF_FILE\" not found!\n Plugin \"$PLUGIN_NAME v$PLUGIN_VERSION\" ignored!\n" >&2
+ PLUGIN_RET_VAL=0
+else
+ # Source the plugin config file
+ . "$CONF_FILE"
+
+ if [ "$ENABLED" = "1" -a "$PLUGIN_CMD" != "stop-restart" ] ||
+ [ "$ENABLED" = "0" -a "$PLUGIN_CMD" = "stop-restart" ] ||
+ [ -n "$PLUGIN_LOAD_FILE" -a "$PLUGIN_CMD" = "stop" ] ||
+ [ -n "$PLUGIN_LOAD_FILE" -a "$PLUGIN_CMD" = "status" ]; then
+ # Show who we are:
+ echo "${INDENT}$PLUGIN_NAME v$PLUGIN_VERSION"
+
+ # Increment indention
+ INDENT="$INDENT "
+
+ # Only proceed if environment ok
+ if plugin_sanity_check; then
+ case $PLUGIN_CMD in
+ start|'') plugin_start; PLUGIN_RET_VAL=$?;;
+ restart ) plugin_restart; PLUGIN_RET_VAL=$?;;
+ stop|stop-restart) plugin_stop; PLUGIN_RET_VAL=$?;;
+ status ) plugin_status; PLUGIN_RET_VAL=$?;;
+ * ) PLUGIN_RET_VAL=1; printf "\033[40m\033[1;31m ERROR: Invalid plugin option \"$PLUGIN_CMD\"!\033[0m\n" >&2;;
+ esac
+ fi
+ else
+ PLUGIN_RET_VAL=0
+ fi
+fi
Added: branches/1.0/package/arnofw/openvpn-server/openvpn-server-astlinux.conf
===================================================================
--- branches/1.0/package/arnofw/openvpn-server/openvpn-server-astlinux.conf (rev 0)
+++ branches/1.0/package/arnofw/openvpn-server/openvpn-server-astlinux.conf 2012-10-28 21:00:24 UTC (rev 5725)
@@ -0,0 +1,34 @@
+# ------------------------------------------------------------------------------
+# -= Arno's iptables firewall - OpenVPN Server plugin =-
+# ------------------------------------------------------------------------------
+
+# To actually enable this plugin make ENABLED=1:
+# ------------------------------------------------------------------------------
+# Automatically enabled when AstLinux OpenVPN Server is enabled.
+ENABLED=0
+
+# ------------------------------------------------------------------------------
+# *** Do Not Edit Below Here ***
+# AstLinux specific mappings, either edit your /mnt/kd/rc.conf file
+# or, use Network tab -> OpenVPN Server - [OpenVPN Configuration]
+# from the web interface.
+# ------------------------------------------------------------------------------
+# Indent script section so script variables won't be merged
+
+ ENABLED=0
+ OPENVPN_SERVER_PORT="$OVPN_PORT"
+ OPENVPN_SERVER_PROTOCOL="$OVPN_PROTOCOL"
+ OPENVPN_SERVER_TUNNEL_HOSTS="$OVPN_TUNNEL_HOSTS"
+ vpntype_openvpn=0
+
+ unset IFS
+ for vpntype in $VPN; do
+ case $vpntype in
+ openvpn) vpntype_openvpn=1 ;;
+ esac
+ done
+
+ if [ $vpntype_openvpn -eq 1 ]; then
+ ENABLED=1
+ fi
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
