slitaz-tools rev 177
netbox: add PPPoE and SSH/PPP vpn
author | Pascal Bellard <pascal.bellard@slitaz.org> |
---|---|
date | Fri May 09 15:18:31 2008 +0000 (2008-05-09) |
parents | c0871b90c912 |
children | 49001c0a7592 |
files | tinyutils/netbox |
line diff
1.1 --- a/tinyutils/netbox Tue May 06 15:05:10 2008 +0200 1.2 +++ b/tinyutils/netbox Fri May 09 15:18:31 2008 +0000 1.3 @@ -16,35 +16,122 @@ 1.4 fi 1.5 } 1.6 1.7 +set_ipup() 1.8 +{ 1.9 + [ -f /etc/ppp/ip-up ] && return 1.10 + cat > /etc/ppp/ip-up <<EOT 1.11 +#!/bin/sh 1.12 +exec $0 call ipup \$@ 1.13 +EOT 1.14 + chmod +x /etc/ppp/ip-up 1.15 +} 1.16 + 1.17 +if [ "$1" = "call" ]; then 1.18 + ppp="pppd local lock notty" 1.19 + pppup="" 1.20 + sub=$2 1.21 + shift 2 1.22 + case "$sub" in 1.23 + sendsshkey) 1.24 + check_root 1.25 + dropbearkey -y -f /etc/dropbear/dropbear_rsa_host_key | \ 1.26 + grep ^ssh | ssh $1 "mkdir .ssh 2> /dev/null ; while read key; do for i in authorized_keys authorized_keys2; do grep -q \$key .ssh/\$i || echo \$key >> .ssh/\$i; done; done; chmod 700 .ssh ; chmod 600 .ssh/authorized_keys*" 1.27 + exit 0;; 1.28 + vpnssh) check_root 1.29 + set_ipup 1.30 + ps ww | grep -q "$ppp $2:$3" && exit 1 1.31 + pipe="/tmp/ssh$$" 1.32 + mkfifo $pipe 1.33 + [ -n "$4" ] && pppup="ipparam 'addroutes,$(echo $4 | sed 's/ /,/g')'" 1.34 + cat $pipe | dbclient -i /etc/dropbear/dropbear_rsa_host_key \ 1.35 + $1 "$ppp" | $ppp $2:$3 $pppup > $pipe 1.36 + rm -f $pipe 1.37 + exit 0;; 1.38 + killvpnssh) 1.39 + check_root 1.40 + kill $(ps x | grep dbclient | grep "$ppp" | awk '{ print $1 }') 1.41 + exit 0;; 1.42 + ipup) 1.43 +# Arg Name Example 1.44 +# $1 Interface name ppp0 1.45 +# $2 The tty ttyS1 1.46 +# $3 The link speed 38400 1.47 +# $4 Local IP number 12.34.56.78 1.48 +# $5 Peer IP number 12.34.56.99 1.49 +# $6 Optional ``ipparam'' value foo 1.50 + iface=$1 1.51 + # skip tty if present 1.52 + case "$2" in [0-9]*);; *) shift; esac 1.53 + peer=$4 1.54 + IFS=","; set -- $(eval echo $5); unset IFS 1.55 + set -- $1 1.56 + if [ "$1" = "addroutes" ]; then 1.57 + while [ -n "$2" ]; do 1.58 + eval $(ipcalc -n $2) 1.59 + eval $(ipcalc -m $2) 1.60 + route add -net $NETWORK netmask $NETMASK \ 1.61 + gw $peer $iface 1.62 + shift 1.63 + done 1.64 + fi 1.65 + exit 0;; 1.66 + esac 1.67 + echo "call $sub unsupported." 1.68 + exit 1 1.69 +fi 1.70 + 1.71 # Interafce status with ifconfig without arguments to show all 1.72 # active connections. 1.73 # 1.74 export IFCONFIG=' 1.75 <window title="Network status" icon-name="network-wired"> 1.76 <vbox> 1.77 - <text use-markup="true"> 1.78 - <label>" 1.79 -<b>Active network interfaces</b>" 1.80 - </label> 1.81 - </text> 1.82 <text wrap="false"> 1.83 <input>date</input> 1.84 </text> 1.85 + <notebook labels="Network interfaces' 1.86 +[ -x /usr/sbin/iwlist ] && IFCONFIG="$IFCONFIG|Wireless interfaces|Wireless networks" 1.87 +tmp='|Routing|Servers"> 1.88 <frame Ifconfig> 1.89 <text wrap="false" width-chars="58"> 1.90 <input>ifconfig</input> 1.91 </text> 1.92 + </frame>' 1.93 +IFCONFIG="$IFCONFIG$tmp" 1.94 +tmp='<frame Iwconfig> 1.95 + <text wrap="false" width-chars="58"> 1.96 + <input>iwconfig</input> 1.97 + </text> 1.98 </frame> 1.99 - <text use-markup="true"> 1.100 - <label>" 1.101 -<b>Active network servers</b>" 1.102 - </label> 1.103 - </text> 1.104 + <frame Wireless networks> 1.105 + <text wrap="false" width-chars="58"> 1.106 + <input>iwlist scan</input> 1.107 + </text> 1.108 + </frame>' 1.109 +[ -x /usr/sbin/iwlist ] && IFCONFIG="$IFCONFIG$tmp" 1.110 +tmp='<frame Routing> 1.111 + <frame Nameservers> 1.112 + <text wrap="false" width-chars="58"> 1.113 + <input>cat /etc/resolv.conf</input> 1.114 + </text> 1.115 + </frame> 1.116 + <frame Routing table> 1.117 + <text wrap="false" width-chars="58"> 1.118 + <input>route</input> 1.119 + </text> 1.120 + </frame> 1.121 + <frame Arp table> 1.122 + <text wrap="false" width-chars="58"> 1.123 + <input>arp</input> 1.124 + </text> 1.125 + </frame> 1.126 + </frame> 1.127 <frame Servers> 1.128 <text wrap="false" width-chars="58"> 1.129 - <input>for i in dropbear inetd udhcpd dnsd rsync lighttpd smbd nmbd x11vnc; do ps w | grep $i | grep -v grep; done</input> 1.130 + <input>for i in dropbear inetd udhcpd dnsd rsync lighttpd smbd nmbd x11vnc pppd; do ps ww | grep $i | grep -v grep | fold -s; done</input> 1.131 </text> 1.132 </frame> 1.133 + </notebook> 1.134 <hbox> 1.135 <button> 1.136 <input file icon="exit"></input> 1.137 @@ -54,6 +141,7 @@ 1.138 </vbox> 1.139 </window> 1.140 ' 1.141 +IFCONFIG="$IFCONFIG$tmp" 1.142 1.143 # The main dialog with notebook, start/stop buttons and all options. 1.144 # Note than /etc/network.conf is seded wehwn an interafce is activate 1.145 @@ -74,6 +162,7 @@ 1.146 by DHCP or static IP, and setup servers. 1.147 Netbox can start or stop networking, configure 1.148 network interfaces or directly edit files. 1.149 +Wifi users may configure System wide / Network. 1.150 " 1.151 </label> 1.152 </text> 1.153 @@ -90,7 +179,7 @@ 1.154 </hbox> 1.155 </frame> 1.156 1.157 - <notebook labels="DHCP|Static IP|System wide|Servers' 1.158 + <notebook labels="DHCP|PPPoE|Static IP|System wide|VPN|Servers' 1.159 [ -x /sbin/iptables ] && NET_BOX="$NET_BOX|Firewall" 1.160 tmp='|Etherwake"> 1.161 1.162 @@ -127,6 +216,61 @@ 1.163 </hbox> 1.164 </frame> 1.165 1.166 + <frame PPPoE> 1.167 + <hbox> 1.168 + <text use-markup="true"> 1.169 + <label>"<b>Name :</b>"</label> 1.170 + </text> 1.171 + <entry> 1.172 + <input>NAME=$(grep -s ^name /etc/ppp/options); echo "${NAME#* }"</input> 1.173 + <variable>NAME</variable> 1.174 + </entry> 1.175 + </hbox> 1.176 + <hbox> 1.177 + <text use-markup="true"> 1.178 + <label>"<b>Username :</b>"</label> 1.179 + </text> 1.180 + <entry> 1.181 + <variable>USER</variable> 1.182 + </entry> 1.183 + </hbox> 1.184 + <hbox> 1.185 + <text use-markup="true"> 1.186 + <label>"<b>Password :</b>"</label> 1.187 + </text> 1.188 + <entry> 1.189 + <variable>USER</variable> 1.190 + </entry> 1.191 + </hbox> 1.192 + <hbox> 1.193 + <button> 1.194 + <input file icon="accessories-text-editor"></input> 1.195 + <label>Tune</label> 1.196 + <action>[ -n "$NAME" ] && sed -i "s/^name .*/name $NAME/" /etc/ppp/options</action> 1.197 + <action type="lauch">leafpad /etc/ppp/options</action> 1.198 + </button> 1.199 + <button> 1.200 + <label>Start</label> 1.201 + <input file icon="forward"></input> 1.202 + <action>[ -n "$USER" ] && grep -qs "^\"$USER\"" /etc/ppp/pap-secrets 1.203 + && echo "\"$USER\" * \"$PASS\"" >> /etc/ppp/pap-secrets</action> 1.204 + <action>[ -n "$USER" ] && grep -qs "^\"$USER\"" /etc/ppp/chap-secrets 1.205 + && echo "\"$USER\" * \"$PASS\"" >> /etc/ppp/chap-secrets</action> 1.206 + <action>[ -n "$NAME" ] && sed -i "s/^name .*/name $NAME/" /etc/ppp/options</action> 1.207 + <action>killall udhcpc</action> 1.208 + <action>sed -i "s/DHCP=\"yes\"/DHCP=\"no\"/" /etc/network.conf</action> 1.209 + <action>sed -i "s/PPPOE=\"no\"/PPPOE=\"yes\"/" /etc/network.conf</action> 1.210 + <action>pppd $INTERFACE &</action> 1.211 + </button> 1.212 + <button> 1.213 + <label>Stop</label> 1.214 + <input file icon="stop"></input> 1.215 + <action>sed -i "s/PPPOE=\"yes\"/PPPOE=\"no\"/" /etc/network.conf</action> 1.216 + <action>killall pppd</action> 1.217 + </button> 1.218 + </hbox> 1.219 + </frame> 1.220 + 1.221 <frame Configuration> 1.222 <hbox> 1.223 <text use-markup="true"> 1.224 @@ -240,6 +384,62 @@ 1.225 </button> 1.226 </hbox> 1.227 </frame> 1.228 + 1.229 + <frame Virtual Private Network with PPP/SSH> 1.230 + <hbox> 1.231 + <text use-markup="true"> 1.232 + <label>"<b>Peer :</b>"</label> 1.233 + </text> 1.234 + <entry> 1.235 + <variable>DROPBEAR_PEERVPN</variable> 1.236 + <default>user@elsewhere</default> 1.237 + </entry> 1.238 + </hbox> 1.239 + <hbox> 1.240 + <text use-markup="true"> 1.241 + <label>"<b>Local IP :</b>"</label> 1.242 + </text> 1.243 + <entry> 1.244 + <variable>DROPBEAR_LOCAL</variable> 1.245 + <default>192.168.254.1</default> 1.246 + </entry> 1.247 + </hbox> 1.248 + <hbox> 1.249 + <text use-markup="true"> 1.250 + <label>"<b>Remote IP :</b>"</label> 1.251 + </text> 1.252 + <entry> 1.253 + <variable>DROPBEAR_REMOTE</variable> 1.254 + <default>192.168.254.2</default> 1.255 + </entry> 1.256 + </hbox> 1.257 + <hbox> 1.258 + <text use-markup="true"> 1.259 + <label>"<b>Route(s) :</b>"</label> 1.260 + </text> 1.261 + <entry> 1.262 + <variable>DROPBEAR_ROUTE</variable> 1.263 + <default>192.168.10.0/24 192.168.20.0/28</default> 1.264 + </entry> 1.265 + </hbox> 1.266 + <hbox> 1.267 + <button> 1.268 + <input file icon="forward"></input> 1.269 + <label>Connect</label> 1.270 + <action>netbox call vpnssh $DROPBEAR_PEERVPN $DROPBEAR_LOCAL $DROPBEAR_REMOTE "$DROPBEAR_ROUTE" &</action> 1.271 + </button> 1.272 + <button> 1.273 + <input file icon="stop"></input> 1.274 + <label>Disconnect</label> 1.275 + <action>netbox call killvpnssh</action> 1.276 + </button> 1.277 + <button> 1.278 + <input file icon="go-up"></input> 1.279 + <label>Send key</label> 1.280 + <action>xterm -fa MiscFixed -fs 11 -bg gray93 -fg black -geometry 80x10 -title "dropbear help" -e "netbox call sendsshkey $DROPBEAR_PEERVPN; echo -e \"----\nENTER to continue...\" && read close"</action> 1.281 + </button> 1.282 + </hbox> 1.283 + </frame> 1.284 <notebook labels="' 1.285 NET_BOX="$NET_BOX$tmp" 1.286 tmp='' 1.287 @@ -295,6 +495,25 @@ 1.288 </button> 1.289 </hbox> 1.290 <hbox> 1.291 + <text use-markup="true"> 1.292 + <label>"<b>Remote :</b>"</label> 1.293 + </text> 1.294 + <entry> 1.295 + <variable>DROPBEAR_PEER</variable> 1.296 + <default>user@elsewhere</default> 1.297 + </entry> 1.298 + <button> 1.299 + <input file icon="utilities-terminal"></input> 1.300 + <label>Connect</label> 1.301 + <action>xterm -fa MiscFixed -fs 11 -bg black -fg white -geometry 80x25 -title "$DROPBEAR_PEER" -e "dbclient -i /etc/dropbear/dropbear_rsa_host_key $DROPBEAR_PEER ; echo -e \"----\nENTER to continue...\" && read close" &</action> 1.302 + </button> 1.303 + <button> 1.304 + <input file icon="go-up"></input> 1.305 + <label>Send key</label> 1.306 + <action>xterm -fa MiscFixed -fs 11 -bg gray93 -fg black -geometry 80x10 -title "dropbear help" -e "netbox call sendsshkey $DROPBEAR_PEER; echo -e \"----\nENTER to continue...\" && read close"</action> 1.307 + </button> 1.308 + </hbox> 1.309 + <hbox> 1.310 <button> 1.311 <label>Start</label> 1.312 <input file icon="forward"></input> 1.313 @@ -805,6 +1024,29 @@ 1.314 1.315 # Only root can configure network. 1.316 check_root 1.317 +# Configure and connect if button Connect was pressed. 1.318 +if ! grep -qs ^name /etc/ppp/options ; then 1.319 + # Generate /etc/ppp/options 1.320 + cat > /etc/ppp/options << _EOT_ 1.321 +plugin rp-pppoe.so 1.322 +name provider-ID 1.323 +noipdefault 1.324 +defaultroute 1.325 +mtu 1492 1.326 +mru 1492 1.327 +lock 1.328 +_EOT_ 1.329 + # Generate /etc/ppp/pap-secrets 1.330 + cat > /etc/ppp/pap-secrets << _EOT_ 1.331 +# Secrets for authentication using PAP 1.332 +# client server secret IP addresses 1.333 +_EOT_ 1.334 + # Generate /etc/ppp/chap-secrets 1.335 + cat > /etc/ppp/chap-secrets << _EOT_ 1.336 +# Secrets for authentication using CHAP 1.337 +# client server secret IP addresses 1.338 +_EOT_ 1.339 +fi 1.340 gtkdialog --center --program=NET_BOX 1.341 1.342 exit 0