. * All rights reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ require_once("ipsec.inc"); require_once("filter.inc"); require_once("auth.inc"); require_once("certs.inc"); /* master setup for vpn (mpd) */ function vpn_setup() { /* start pppoe server */ vpn_pppoes_configure(); /* setup l2tp */ vpn_l2tp_configure(); } function vpn_ppp_server_get_dns($dns1 = '', $dns2 = '') { $ipcp_dns = ''; $dns_servers = []; if (is_ipaddrv4($dns1)) { /* Use manual DNS servers if they are valid */ $dns_servers[] = $dns1; if (is_ipaddrv4($dns2)) { $dns_servers[] = $dns2; } } else { /* Get system defined DNS servers */ $host_dns_servers = get_dns_nameservers(false, true); /* Add LAN address if the Resolver or Forwarder are enabled */ if (config_path_enabled('unbound') || config_path_enabled('dnsmasq')) { $dns_servers[] = get_interface_ip("lan"); } /* Add host DNS servers if they are usable */ foreach ($host_dns_servers as $dns) { if (is_ipaddrv4($dns) && ($dns != '127.0.0.1')) { $dns_servers[] = $dns; } } } if (!empty($dns_servers)) { /* Use the first two DNS servers since that is all MPD currently allows */ $ipcp_dns = 'set ipcp dns ' . join(' ', array_slice($dns_servers, 0, 2)); } return $ipcp_dns; } function vpn_pppoes_configure() { foreach (config_get_path("pppoes/pppoe", []) as $pppoe) { if (!empty($pppoe)) { vpn_pppoe_configure($pppoe); } } } function vpn_pppoe_configure(&$pppoecfg) { global $g; if (empty($pppoecfg) || !is_array($pppoecfg)) { return false; } /* create directory if it does not exist */ if (!is_dir("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn")) { mkdir("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn"); } if (platform_booting()) { if (!$pppoecfg['mode'] || ($pppoecfg['mode'] == "off")) { return 0; } echo gettext("Configuring PPPoE Server service... "); } else { /* kill mpd */ if (isvalidpid("{$g['varrun_path']}/pppoe{$pppoecfg['pppoeid']}-vpn.pid")) { killbypid("{$g['varrun_path']}/pppoe{$pppoecfg['pppoeid']}-vpn.pid"); } /* wait for process to die */ sleep(2); } if ($pppoecfg['mode'] != 'server') { if (platform_booting()) { echo gettext("done") . "\n"; } return true; } $pppoe_interface = get_real_interface($pppoecfg['interface']); if ($pppoecfg['paporchap'] == "chap") { $paporchap = "set link enable chap"; } else { $paporchap = "set link enable pap"; } /* write mpd.conf */ $fd = fopen("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.conf", "w"); if (!$fd) { printf(gettext("Error: cannot open mpd.conf in vpn_pppoe_configure().") . "\n"); return 1; } $issue_ip_type = "set ipcp ranges {$pppoecfg['localip']}/32 "; if (array_path_enabled($pppoecfg, 'radius', 'radiusissueips') && array_path_enabled($pppoecfg, 'radius/server')) { $issue_ip_type .= "0.0.0.0/0"; } else { $issue_ip_type .= "ippool p0"; } $ippool_p0 = ip_after($pppoecfg['remoteip'], $pppoecfg['n_pppoe_units'] - 1); if (is_numeric($pppoecfg['n_pppoe_maxlogin']) && ($pppoecfg['n_pppoe_maxlogin'] > 0)) { $pppoemaxlogins = $pppoecfg['n_pppoe_maxlogin']; } else { $pppoemaxlogins = 1; } $ipcp_dns = vpn_ppp_server_get_dns($pppoecfg['dns1'], $pppoecfg['dns2']); $mpdconf = <<