Commit 51bf0f51 authored by Guillaume Bury's avatar Guillaume Bury

wip

parent 3aa12fca
import socket
hostname = socket.gethostname()
CaPath = '/root/overnet/keys/ca.crt'
CertPath = '/root/overnet/keys/server.crt'
KeyPath = '/root/overnet/keys/server.key'
DhPath = '/root/overnet/keys/dh1024.pem'
if hostname == 'm5':
IPv6 = '2000:0:0:1::1/64'
MandatoryConnections = [('10.1.4.3', 1194)]
elif hostname == 'm6':
IPv6 = '2000:0:0:2::1/64'
Debug = True
def CheckVarExists(varName):
return varName in config.__dict__
def FailIfNotExists(varName):
if not CheckVarExists(varName):
print 'Entry ' + varName + ' not found in config.py'
sys.exit(-1)
def SetIfNotExists(varName, value):
if not CheckVarExists(varName):
config.__dict__[varName] = value
# Check that the file config.py exist and is valid
try:
import config
except ImportError:
print 'Unable to read the config file config.py'
sys.exit(-1)
# Check vars existence
FailIfNotExists('CaPath')
FailIfNotExists('CertPath')
FailIfNotExists('KeyPath')
FailIfNotExists('DhPath')
FailIfNotExists('IPv6')
SetIfNotExists('Debug', False)
SetIfNotExists('MandatoryConnections', [])
SetIfNotExists('LocalPort', 1194)
#!/usr/bin/env python #!/usr/bin/env python
import argparse, errno, os, subprocess, sys, time
import upnpigd import upnpigd
import openvpn
from configuration import *
(ip, port) = upnpigd.GetExternalInfo(config.LocalPort) def openvpn(*args, **kw):
openvpn.LaunchServer() args = ['openvpn',
'--dev', 'tap',
'--ca', ca_path,
'--cert', cert_path,
'--key', key_path,
'--nobind',
'--persist-tun',
'--persist-key',
'--user' 'nobody',
'--group', 'nogroup',
] + list(args)
#stdin = kw.pop('stdin', None)
#stdout = kw.pop('stdout', None)
#stderr = kw.pop('stderr', None)
for i in kw.iteritems():
args.append('--%s=%s' % i)
return subprocess.Popen(args,
#stdin=stdin, stdout=stdout, stderr=stderr,
)
# TODO : set iface up when creating a server/client
# ! check working directory before launching up script ?
def server(*args, **kw):
return openvpn(
'--tls-server',
'--client-to-client',
#'--keepalive', '10', '60',
mode='server',
dh=dh_path,
*args, **kw)
def client(ip, *args, **kw):
return openvpn(remote=ip, *args, **kw)
def main():
server = openvpn.server(dev="server", verb=3 )
pass
if __name__ == "__main__":
main()
for (address, port) in config.MandatoryConnections:
openvpn.LaunchClient(address, port)
from subprocess import call
from configuration import *
def LaunchClient(serverAddress, serverPort):
if config.Debug:
print 'Connecting to :' + serverAddress
call(['openvpn',
'--client',
'--dev', 'tap',
'--proto', 'udp',
'--remote', serverAddress, str(serverPort),
'--nobind',
'--script-security', '2',
'--up', './up-client',
'--persist-key',
'--persist-tun',
'--tls-client',
'--ca', config.CaPath,
'--cert', config.CertPath,
'--key', config.KeyPath,
'--user', 'nobody',
'--verb', '3',
'--daemon', 'openVpnClient(' + serverAddress + ')' ])
def LaunchServer():
call(['openvpn',
'--dev', 'tap',
'--mode', 'server',
'--proto', 'udp',
'--tls-server',
'--ca', config.CaPath,
'--cert', config.CertPath,
'--key', config.KeyPath,
'--dh', config.DhPath,
'--user', 'nobody',
'--port', str(config.LocalPort),
'--up', './up-server ' + config.IPv6,
'--script-security', '2',
'--persist-tun',
'--persist-key',
'--daemon', 'openvpnServer',
'--verb', '3'])
# TODO : should we use comp-lzo option ?
# TODO : group nobody
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment