diff options
author | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2008-11-21 16:33:30 -0800 |
---|---|---|
committer | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2008-11-21 16:33:30 -0800 |
commit | 0a89c7e5a37b84a1c9e96343ba519982fa00f6cb (patch) | |
tree | 1b2d5e66594cd828543a4484eaef3c0c0099b433 /lib/Vyatta/VPNUtil.pm | |
parent | 093344935a7564ee32a714e0154309aa6dfdd30f (diff) | |
download | vyatta-cfg-vpn-0a89c7e5a37b84a1c9e96343ba519982fa00f6cb.tar.gz vyatta-cfg-vpn-0a89c7e5a37b84a1c9e96343ba519982fa00f6cb.zip |
Rename VyattaVPNUtil to Vyatta::VPNUtil
Diffstat (limited to 'lib/Vyatta/VPNUtil.pm')
-rwxr-xr-x | lib/Vyatta/VPNUtil.pm | 131 |
1 files changed, 131 insertions, 0 deletions
diff --git a/lib/Vyatta/VPNUtil.pm b/lib/Vyatta/VPNUtil.pm new file mode 100755 index 0000000..a5bfe71 --- /dev/null +++ b/lib/Vyatta/VPNUtil.pm @@ -0,0 +1,131 @@ +# +# Module: Vyatta::VPNUtil.pm +# +# **** License **** +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# This code was originally developed by Vyatta, Inc. +# Portions created by Vyatta are Copyright (C) 2005, 2006, 2007 Vyatta, Inc. +# All Rights Reserved. +# +# Author: Marat +# Date: 2007 +# Description: +# +# **** End License **** +# + +package Vyatta::VPNUtil; +our @EXPORT = qw(rsa_get_local_key_file LOCAL_KEY_FILE_DEFAULT rsa_get_local_pubkey + is_vpn_running vpn_debug enableICMP); +use base qw(Exporter); + +use strict; +use warnings; + +use VyattaConfig; + +use constant LOCAL_KEY_FILE_DEFAULT + => '/opt/vyatta/etc/config/ipsec.d/rsa-keys/localhost.key'; + +sub is_vpn_running { + return ( -e '/var/run/pluto/pluto.ctl'); +} + +sub rsa_get_local_key_file { + my $file = LOCAL_KEY_FILE_DEFAULT; + + # + # Read configuration tree + # + my $vc = new VyattaConfig(); + $vc->setLevel('vpn'); + my $key_file_override = $vc->returnOrigValue('rsa-keys local-key file'); + + # + # We'll assume validation for valid path/file was handled in the + # commit. + # + $file = $key_file_override if defined($key_file_override); + + return $file +} + +sub rsa_get_local_pubkey { + my ($file) = @_; + + unless ( -r $file) { + return 0; + } + + open(DAT, $file) || die("Could not open file $file!"); + my @raw_data=<DAT>; + close(DAT); + + foreach my $line (@raw_data) { + my $file_pubkey; + if (($file_pubkey) = ($line =~ m/\s+\#pubkey=(\S+)/)) { + return $file_pubkey; + } + } + return 0; +} + +sub vpn_debug { + use POSIX; + my $timestamp = strftime("%Y%m%d-%H:%M.%S", localtime); + open LOG, ">>", "/var/log/vpn-debug.log"; + print LOG "$timestamp: ", @_ , "\n"; + close LOG; +} + +sub vpn_log { + my ($msg) = @_; + + open LOG, ">> /tmp/ipsec.log"; + + use POSIX; + my $timestamp = strftime("%Y-%m-%d %H:%M.%S", localtime); + + print LOG "$timestamp\nLog: $msg\n"; + close LOG; +} + +sub vpn_system { + my ($cmdline) = @_; + vpn_debug("START $cmdline"); + my $ret = system($cmdline); + if ($ret) { + vpn_debug("END ERROR $cmdline"); + } else { + vpn_debug("END OK $cmdline"); + } +} + +sub enableICMP { + my ($enable) = @_; + + opendir DIR, '/proc/sys/net/ipv4/conf/' or return undef; + my @nodes = grep !/^\./, readdir DIR; + closedir DIR; + + foreach my $node (@nodes) { + my $OUT; + open OUT, ">/proc/sys/net/ipv4/conf/$node/accept_redirects" or return undef; + print OUT $enable; + close OUT; + open OUT, ">/proc/sys/net/ipv4/conf/$node/send_redirects" or return undef; + print OUT $enable; + close OUT; + } + return 1; +} + +1; |