summaryrefslogtreecommitdiff
path: root/lib/Vyatta/VPNUtil.pm
diff options
context:
space:
mode:
authorStephen Hemminger <stephen.hemminger@vyatta.com>2008-11-21 16:33:30 -0800
committerStephen Hemminger <stephen.hemminger@vyatta.com>2008-11-21 16:33:30 -0800
commit0a89c7e5a37b84a1c9e96343ba519982fa00f6cb (patch)
tree1b2d5e66594cd828543a4484eaef3c0c0099b433 /lib/Vyatta/VPNUtil.pm
parent093344935a7564ee32a714e0154309aa6dfdd30f (diff)
downloadvyatta-cfg-vpn-0a89c7e5a37b84a1c9e96343ba519982fa00f6cb.tar.gz
vyatta-cfg-vpn-0a89c7e5a37b84a1c9e96343ba519982fa00f6cb.zip
Rename VyattaVPNUtil to Vyatta::VPNUtil
Diffstat (limited to 'lib/Vyatta/VPNUtil.pm')
-rwxr-xr-xlib/Vyatta/VPNUtil.pm131
1 files changed, 131 insertions, 0 deletions
diff --git a/lib/Vyatta/VPNUtil.pm b/lib/Vyatta/VPNUtil.pm
new file mode 100755
index 0000000..a5bfe71
--- /dev/null
+++ b/lib/Vyatta/VPNUtil.pm
@@ -0,0 +1,131 @@
+#
+# Module: Vyatta::VPNUtil.pm
+#
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2005, 2006, 2007 Vyatta, Inc.
+# All Rights Reserved.
+#
+# Author: Marat
+# Date: 2007
+# Description:
+#
+# **** End License ****
+#
+
+package Vyatta::VPNUtil;
+our @EXPORT = qw(rsa_get_local_key_file LOCAL_KEY_FILE_DEFAULT rsa_get_local_pubkey
+ is_vpn_running vpn_debug enableICMP);
+use base qw(Exporter);
+
+use strict;
+use warnings;
+
+use VyattaConfig;
+
+use constant LOCAL_KEY_FILE_DEFAULT
+ => '/opt/vyatta/etc/config/ipsec.d/rsa-keys/localhost.key';
+
+sub is_vpn_running {
+ return ( -e '/var/run/pluto/pluto.ctl');
+}
+
+sub rsa_get_local_key_file {
+ my $file = LOCAL_KEY_FILE_DEFAULT;
+
+ #
+ # Read configuration tree
+ #
+ my $vc = new VyattaConfig();
+ $vc->setLevel('vpn');
+ my $key_file_override = $vc->returnOrigValue('rsa-keys local-key file');
+
+ #
+ # We'll assume validation for valid path/file was handled in the
+ # commit.
+ #
+ $file = $key_file_override if defined($key_file_override);
+
+ return $file
+}
+
+sub rsa_get_local_pubkey {
+ my ($file) = @_;
+
+ unless ( -r $file) {
+ return 0;
+ }
+
+ open(DAT, $file) || die("Could not open file $file!");
+ my @raw_data=<DAT>;
+ close(DAT);
+
+ foreach my $line (@raw_data) {
+ my $file_pubkey;
+ if (($file_pubkey) = ($line =~ m/\s+\#pubkey=(\S+)/)) {
+ return $file_pubkey;
+ }
+ }
+ return 0;
+}
+
+sub vpn_debug {
+ use POSIX;
+ my $timestamp = strftime("%Y%m%d-%H:%M.%S", localtime);
+ open LOG, ">>", "/var/log/vpn-debug.log";
+ print LOG "$timestamp: ", @_ , "\n";
+ close LOG;
+}
+
+sub vpn_log {
+ my ($msg) = @_;
+
+ open LOG, ">> /tmp/ipsec.log";
+
+ use POSIX;
+ my $timestamp = strftime("%Y-%m-%d %H:%M.%S", localtime);
+
+ print LOG "$timestamp\nLog: $msg\n";
+ close LOG;
+}
+
+sub vpn_system {
+ my ($cmdline) = @_;
+ vpn_debug("START $cmdline");
+ my $ret = system($cmdline);
+ if ($ret) {
+ vpn_debug("END ERROR $cmdline");
+ } else {
+ vpn_debug("END OK $cmdline");
+ }
+}
+
+sub enableICMP {
+ my ($enable) = @_;
+
+ opendir DIR, '/proc/sys/net/ipv4/conf/' or return undef;
+ my @nodes = grep !/^\./, readdir DIR;
+ closedir DIR;
+
+ foreach my $node (@nodes) {
+ my $OUT;
+ open OUT, ">/proc/sys/net/ipv4/conf/$node/accept_redirects" or return undef;
+ print OUT $enable;
+ close OUT;
+ open OUT, ">/proc/sys/net/ipv4/conf/$node/send_redirects" or return undef;
+ print OUT $enable;
+ close OUT;
+ }
+ return 1;
+}
+
+1;