diff options
| author | Christian Poessinger <christian@poessinger.com> | 2019-09-15 20:13:07 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2019-09-15 20:13:07 +0200 |
| commit | c4d0b9ed4736911d341efdebf34997e6cee8c5a8 (patch) | |
| tree | 69a17499eb72a52b33cf5b92551316b879984694 /src/op_mode | |
| parent | a9a68a6f1086fd4c978deaf5ddace69c18443756 (diff) | |
| parent | 6e169b011569bddd0c07d476528a3ecad56e6499 (diff) | |
| download | vyos-1x-c4d0b9ed4736911d341efdebf34997e6cee8c5a8.tar.gz vyos-1x-c4d0b9ed4736911d341efdebf34997e6cee8c5a8.zip | |
Merge branch 'current' of github.com:vyos/vyos-1x into equuleus
* 'current' of github.com:vyos/vyos-1x:
bonding: T1614: do not overwrite interface description with interface name
[openvpn] T1661 Adding additional check for tls_dh if it not need for ovpn client
[openvpn] T1662 Defined default remote port if it not set in cli
[openvpn] T1661 Fixing returned value on check function
bonding: T1614: use proper (previously missing) miimon property
Python/ifconfig: T1557: bonding: add miimon property
Python/ifconfig: T1557: bonding: fix class name in comments
bonding: T1660: bugfix for triggered OS permission denied exception
Revert "[bonding] T1660 Adding additional check. Some bonding mode don't support arp_interval"
[bonding] T1660 Adding additional check. Some bonding mode don't support arp_interval
[l2tp] T834 Implementation advanced ppp-options/lcp.
openvpn: T1548: fix missing sys import
[l2tp] T834 fix cli reset commands for l2tp and pptp. Adding l2tp%d tunnel naming.
Diffstat (limited to 'src/op_mode')
| -rwxr-xr-x | src/op_mode/reset_vpn.py | 85 | ||||
| -rwxr-xr-x | src/op_mode/show_openvpn.py | 7 |
2 files changed, 91 insertions, 1 deletions
diff --git a/src/op_mode/reset_vpn.py b/src/op_mode/reset_vpn.py new file mode 100755 index 000000000..52677b58d --- /dev/null +++ b/src/op_mode/reset_vpn.py @@ -0,0 +1,85 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2019 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +# import os +import sys +import subprocess +import argparse +#import re + +pptp_cmd = ["/usr/bin/accel-cmd", "-p 2003"] +l2tp_cmd = ["/usr/bin/accel-cmd", "-p 2004"] + +def terminate_sessions(username='', interface='', protocol=''): + if username: + if username == "all_users": + if protocol == "pptp": + pptp_cmd.append("terminate all") + subprocess.call(pptp_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) + return + elif protocol == "l2tp": + l2tp_cmd.append("terminate all") + subprocess.call(l2tp_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) + return + else: + pptp_cmd.append("terminate all") + subprocess.call(pptp_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) + l2tp_cmd.append("terminate all") + subprocess.call(l2tp_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) + return + + if protocol == "pptp": + pptp_cmd.append("terminate username {0}".format(username)) + subprocess.call(pptp_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) + return + elif protocol == "l2tp": + l2tp_cmd.append("terminate username {0}".format(username)) + subprocess.call(l2tp_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) + return + else: + pptp_cmd.append("terminate username {0}".format(username)) + subprocess.call(pptp_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) + l2tp_cmd.append("terminate username {0}".format(username)) + subprocess.call(l2tp_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) + return + + # rewrite `terminate by interface` if pptp will have pptp%d interface naming + if interface: + pptp_cmd.append("terminate if {0}".format(interface)) + subprocess.call(pptp_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) + l2tp_cmd.append("terminate if {0}".format(interface)) + subprocess.call(l2tp_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) + + +def main(): + #parese args + parser = argparse.ArgumentParser() + parser.add_argument('--username', help='Terminate by username (all_users used for disconnect all users)', required=False) + parser.add_argument('--interface', help='Terminate by interface', required=False) + parser.add_argument('--protocol', help='Set protocol (pptp|l2tp)', required=False) + args = parser.parse_args() + + if args.username or args.interface: + terminate_sessions(username=args.username, interface=args.interface, protocol=args.protocol) + else: + print("Param --username or --interface required") + sys.exit(1) + + terminate_sessions() + + +if __name__ == '__main__': + main() diff --git a/src/op_mode/show_openvpn.py b/src/op_mode/show_openvpn.py index 23a8156ec..577ed7eb7 100755 --- a/src/op_mode/show_openvpn.py +++ b/src/op_mode/show_openvpn.py @@ -18,6 +18,7 @@ import jinja2 import argparse +from sys import exit from vyos.config import Config outp_tmpl = """ @@ -136,7 +137,7 @@ if __name__ == '__main__': config = Config() if len(config.list_effective_nodes('interfaces openvpn')) == 0: print("No OpenVPN interfaces configured") - sys.exit(0) + exit(0) # search all OpenVPN interfaces and add those with a matching mode to our # interfaces list @@ -161,6 +162,10 @@ if __name__ == '__main__': remote_host = config.return_effective_values('interfaces openvpn {} remote-host'.format(intf)) remote_port = config.return_effective_value('interfaces openvpn {} remote-port'.format(intf)) + + if not remote_port: + remote_port = '1194' + if len(remote_host) >= 1: client['remote'] = str(remote_host[0]) + ':' + remote_port |