From 56dfe1a5030e1e79d6b7fda6225377a7abd811de Mon Sep 17 00:00:00 2001 From: DmitriyEshenko Date: Fri, 10 Apr 2020 21:56:00 +0000 Subject: sstp: T2263: Implement reset feature --- op-mode-definitions/reset-vpn.xml | 12 +++++++ src/op_mode/reset_vpn.py | 68 ++++++++++++++++----------------------- 2 files changed, 39 insertions(+), 41 deletions(-) diff --git a/op-mode-definitions/reset-vpn.xml b/op-mode-definitions/reset-vpn.xml index a081ea488..ae553c272 100644 --- a/op-mode-definitions/reset-vpn.xml +++ b/op-mode-definitions/reset-vpn.xml @@ -37,6 +37,12 @@ sudo ${vyos_op_scripts_dir}/reset_vpn.py --username="all_users" --protocol="pptp" + + + Terminate all user's current remote access VPN session(s) with SSTP protocol + + sudo ${vyos_op_scripts_dir}/reset_vpn.py --username="all_users" --protocol="sstp" + @@ -70,6 +76,12 @@ sudo ${vyos_op_scripts_dir}/reset_vpn.py --username="$5" --protocol="pptp" + + + Terminate all user's current remote access VPN session(s) with SSTP protocol + + sudo ${vyos_op_scripts_dir}/reset_vpn.py --username="$5" --protocol="sstp" + diff --git a/src/op_mode/reset_vpn.py b/src/op_mode/reset_vpn.py index 15908ee77..3a0ad941c 100755 --- a/src/op_mode/reset_vpn.py +++ b/src/op_mode/reset_vpn.py @@ -14,63 +14,49 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . -# import os import sys import argparse -#import re from vyos.util import run -from vyos.util import DEVNULL -pptp_base = '/usr/bin/accel-cmd -p 2003 terminate {} {}' -l2tp_base = '/usr/bin/accel-cmd -p 2004 terminate {} {}' +cmd_dict = { + 'cmd_base' : '/usr/bin/accel-cmd -p {} terminate {} {}', + 'vpn_types' : { + 'pptp' : 2003, + 'l2tp' : 2004, + 'sstp' : 2005 + } +} def terminate_sessions(username='', interface='', protocol=''): - if username: - if username == "all_users": - if protocol == "pptp": - pptp_cmd = pptp_base.format('all','') - run(pptp_cmd) - return - elif protocol == "l2tp": - l2tp_cmd = l2tp_base.format('all', '') - run(l2tp_cmd) - return - else: - pptp_cmd = pptp_base.format('all', '') - run(pptp_cmd) - l2tp_cmd = l2tp_base.format('all', '') - run(l2tp_cmd) - return - if protocol == "pptp": - pptp_cmd = pptp_base.format('username', username) - run(pptp_cmd) - return - elif protocol == "l2tp": - l2tp_cmd = l2tp_base.format('username', username) - run(l2tp_cmd) - return + # Reset vpn connections by username + if protocol in cmd_dict['vpn_types']: + if username == "all_users": + run(cmd_dict['cmd_base'].format(cmd_dict['vpn_types'][protocol], 'all', '')) else: - pptp_cmd = pptp_base.format('username', username) - run(pptp_cmd) - l2tp_cmd = l2tp_base.format('username', username) - run(l2tp_cmd) - return + run(cmd_dict['cmd_base'].format(cmd_dict['vpn_types'][protocol], 'username', username)) + + # Reset vpn connections by ifname + elif interface: + for proto in cmd_dict['vpn_types']: + run(cmd_dict['cmd_base'].format(cmd_dict['vpn_types'][proto], 'if', interface)) - # rewrite `terminate by interface` if pptp will have pptp%d interface naming - if interface: - pptp_cmd = pptp_base.format('if', interface) - run(pptp_cmd) - l2tp_cmd = l2tp_base.format('if', interface) - run(l2tp_cmd) + elif username: + # Reset all vpn connections + if username == "all_users": + for proto in cmd_dict['vpn_types']: + run(cmd_dict['cmd_base'].format(cmd_dict['vpn_types'][proto], 'all', '')) + else: + for proto in cmd_dict['vpn_types']: + run(cmd_dict['cmd_base'].format(cmd_dict['vpn_types'][proto], 'username', username)) def main(): #parese args parser = argparse.ArgumentParser() parser.add_argument('--username', help='Terminate by username (all_users used for disconnect all users)', required=False) parser.add_argument('--interface', help='Terminate by interface', required=False) - parser.add_argument('--protocol', help='Set protocol (pptp|l2tp)', required=False) + parser.add_argument('--protocol', help='Set protocol (pptp|l2tp|sstp)', required=False) args = parser.parse_args() if args.username or args.interface: -- cgit v1.2.3