Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
R
re6stnet
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Xiaowu Zhang
re6stnet
Commits
bb5ddbd1
Commit
bb5ddbd1
authored
Jul 06, 2012
by
Guillaume Bury
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixed babel + added log directory
parent
35e585dc
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
59 additions
and
30 deletions
+59
-30
client-connect
client-connect
+38
-2
client-disconnect
client-disconnect
+0
-4
main.py
main.py
+17
-20
openvpn.py
openvpn.py
+4
-4
No files found.
client-connect
View file @
bb5ddbd1
#!/usr/bin/python -S
#!/usr/bin/python -S
import
os
,
sys
import
os
,
sys
import
pdb
;
pdb
.
set_trace
()
os
.
write
(
int
(
sys
.
argv
[
1
]),
'CLIENT_CONNECTED '
+
os
.
environ
[
'trusted_ip'
]
+
'
\
n
'
)
# example of os.environ
{
'X509_0_C'
:
'FR'
,
'X509_0_CN'
:
'ulm'
,
'X509_0_O'
:
'Guillaume Bury'
,
'X509_0_OU'
:
'VPN'
,
'X509_1_C'
:
'FR'
,
'X509_1_CN'
:
'Guillaume Bury CA'
,
'X509_1_O'
:
'Guillaume Bury'
,
'X509_1_OU'
:
'VPN'
,
'common_name'
:
'ulm'
,
'daemon'
:
'0'
,
'daemon_log_redirect'
:
'0'
,
'daemon_pid'
:
'11637'
,
'daemon_start_time'
:
'1341568405'
,
'dev'
:
'vifibnet'
,
'link_mtu'
:
'1573'
,
'local_port_1'
:
'1194'
,
'proto_1'
:
'udp'
,
'remote_port_1'
:
'1194'
,
'script_context'
:
'init'
,
'script_type'
:
'client-connect'
,
'time_ascii'
:
'Fri Jul 6 11:53:31 2012'
,
'time_unix'
:
'1341568411'
,
'tls_digest_0'
:
'2d:eb:f3:05:5d:bf:17:62:dd:ef:d4:bb:30:c0:5b:b7:ef:e3:e8:a6'
,
'tls_digest_1'
:
'43:1c:a1:22:ca:c0:a0:f5:b0:c6:65:6f:33:29:b2:bb:1d:04:43:9a'
,
'tls_id_0'
:
'/C=FR/O=Guillaume_Bury/OU=VPN/CN=ulm'
,
'tls_id_1'
:
'/C=FR/O=Guillaume_Bury/OU=VPN/CN=Guillaume_Bury_CA'
,
'tls_serial_0'
:
'02'
,
'tls_serial_1'
:
'CC3019BC1CFA5141'
,
'trusted_ip'
:
'192.0.2.25'
,
'trusted_port'
:
'59345'
,
'tun_mtu'
:
'1500'
,
'untrusted_ip'
:
'192.0.2.25'
,
'untrusted_port'
:
'59345'
,
'verb'
:
'3'
}
os
.
write
(
int
(
sys
.
argv
[
1
]),
'%(script_type)s %(common_name)s
\
n
'
%
os
.
environ
)
client-disconnect
deleted
100755 → 0
View file @
35e585dc
#!/usr/bin/python -S
import
os
,
sys
os
.
write
(
int
(
sys
.
argv
[
1
]),
'CLIENT_DISCONNECTED '
+
os
.
environ
[
'trusted_ip'
]
+
'
\
n
'
)
main.py
View file @
bb5ddbd1
...
@@ -43,7 +43,7 @@ class PeersDB:
...
@@ -43,7 +43,7 @@ class PeersDB:
self
.
db
.
execute
(
"UPDATE peers SET used = 0 WHERE id = ?"
,
(
id
,))
self
.
db
.
execute
(
"UPDATE peers SET used = 0 WHERE id = ?"
,
(
id
,))
def
startBabel
():
def
startBabel
(
**
kw
):
args
=
[
'babeld'
,
args
=
[
'babeld'
,
'-C'
,
'redistribute local ip %s'
%
(
config
.
ip
),
'-C'
,
'redistribute local ip %s'
%
(
config
.
ip
),
'-C'
,
'redistribute local deny'
,
'-C'
,
'redistribute local deny'
,
...
@@ -54,30 +54,27 @@ def startBabel():
...
@@ -54,30 +54,27 @@ def startBabel():
#'-C', 'in ip %s' % (config.ip),
#'-C', 'in ip %s' % (config.ip),
#'-C', 'in ip ::/0 le %s' % network_mask,
#'-C', 'in ip ::/0 le %s' % network_mask,
# Don't route other addresses
# Don't route other addresses
'-C'
,
'in
ip
deny'
,
'-C'
,
'in deny'
,
'-d'
,
str
(
config
.
verbose
),
'-d'
,
str
(
config
.
verbose
),
'-s'
,
'-s'
,
]
]
if
config
.
babel_state
:
if
config
.
babel_state
:
args
+=
'-S'
,
config
.
babel_state
args
+=
'-S'
,
config
.
babel_state
log_message
(
"Starting babel daemon"
,
2
)
return
subprocess
.
Popen
(
args
+
[
'vifibnet'
]
+
list
(
free_interface_set
),
**
kw
)
return
subprocess
.
Popen
(
args
+
list
(
free_interface_set
))
def
getConfig
():
def
getConfig
():
global
config
global
config
parser
=
argparse
.
ArgumentParser
(
parser
=
argparse
.
ArgumentParser
(
description
=
'Resilient virtual private network application'
)
description
=
'Resilient virtual private network application'
)
_
=
parser
.
add_argument
_
=
parser
.
add_argument
_
(
'--server-log'
,
default
=
'/var/log/vifibnet.server.log'
,
_
(
'--log-directory'
,
default
=
'/var/log'
,
help
=
'Path to openvpn server log file'
)
help
=
'Path to vifibnet logs directory'
)
_
(
'--client-log'
,
default
=
'/var/log'
,
help
=
'Path to openvpn client log directory'
)
_
(
'--client-count'
,
default
=
2
,
type
=
int
,
_
(
'--client-count'
,
default
=
2
,
type
=
int
,
help
=
'
the number servers the peers try to connect to
'
)
help
=
'
Number of client connections
'
)
# TODO : use maxpeer
# TODO : use maxpeer
_
(
'--max-peer'
,
default
=
10
,
type
=
int
,
_
(
'--max-peer'
,
default
=
10
,
type
=
int
,
help
=
'the number of peers that can connect to the server'
)
help
=
'the number of peers that can connect to the server'
)
_
(
'--refresh-time'
,
default
=
2
0
,
type
=
int
,
_
(
'--refresh-time'
,
default
=
6
0
,
type
=
int
,
help
=
'the time (seconds) to wait before changing the connections'
)
help
=
'the time (seconds) to wait before changing the connections'
)
_
(
'--refresh-count'
,
default
=
1
,
type
=
int
,
_
(
'--refresh-count'
,
default
=
1
,
type
=
int
,
help
=
'The number of connections to drop when refreshing the connections'
)
help
=
'The number of connections to drop when refreshing the connections'
)
...
@@ -105,7 +102,7 @@ def startNewConnection(n):
...
@@ -105,7 +102,7 @@ def startNewConnection(n):
log_message
(
'Establishing a connection with id %s (%s:%s)'
%
(
id
,
ip
,
port
),
2
)
log_message
(
'Establishing a connection with id %s (%s:%s)'
%
(
id
,
ip
,
port
),
2
)
iface
=
free_interface_set
.
pop
()
iface
=
free_interface_set
.
pop
()
connection_dict
[
id
]
=
(
openvpn
.
client
(
ip
,
'--dev'
,
iface
,
'--proto'
,
proto
,
'--rport'
,
str
(
port
),
connection_dict
[
id
]
=
(
openvpn
.
client
(
ip
,
'--dev'
,
iface
,
'--proto'
,
proto
,
'--rport'
,
str
(
port
),
stdout
=
os
.
open
(
'%s/vifibnet.client.%s.log'
%
(
config
.
client_log
,
id
),
os
.
O_WRONLY
|
os
.
O_CREAT
|
os
.
O_TRUNC
)
),
stdout
=
os
.
open
(
'%s/vifibnet.client.%s.log'
%
(
config
.
log_directory
,
id
),
os
.
O_WRONLY
|
os
.
O_CREAT
|
os
.
O_TRUNC
)
),
iface
)
iface
)
peers_db
.
usePeer
(
id
)
peers_db
.
usePeer
(
id
)
except
KeyError
:
except
KeyError
:
...
@@ -150,12 +147,12 @@ def refreshConnections():
...
@@ -150,12 +147,12 @@ def refreshConnections():
startNewConnection
(
config
.
client_count
-
len
(
connection_dict
))
startNewConnection
(
config
.
client_count
-
len
(
connection_dict
))
def
handle_message
(
msg
):
def
handle_message
(
msg
):
words
=
msg
.
split
()
script_type
,
common_name
=
msg
.
split
()
if
words
[
0
]
==
'CLIENT_CONNECTED
'
:
if
script_type
==
'client-connect
'
:
log_message
(
'Incomming connection from
'
+
words
[
1
]
,
3
)
log_message
(
'Incomming connection from
%s'
%
(
common_name
,)
,
3
)
# TODO : check if we are not already connected to it
# TODO : check if we are not already connected to it
elif
words
[
0
]
==
'CLIENT_DISCONNECTED
'
:
elif
script_type
==
'client-disconnect
'
:
log_message
(
words
[
1
]
+
' has disconnected'
,
3
)
log_message
(
'%s has disconnected'
%
(
common_name
,)
,
3
)
else
:
else
:
log_message
(
'Unknow message recieved from the openvpn pipe : '
+
msg
,
1
)
log_message
(
'Unknow message recieved from the openvpn pipe : '
+
msg
,
1
)
...
@@ -170,7 +167,8 @@ def main():
...
@@ -170,7 +167,8 @@ def main():
# Launch babel on all interfaces
# Launch babel on all interfaces
log_message
(
'Starting babel'
,
3
)
log_message
(
'Starting babel'
,
3
)
babel
=
startBabel
()
babel
=
startBabel
(
stdout
=
os
.
open
(
'%s/babeld.log'
%
(
config
.
log_directory
,),
os
.
O_WRONLY
|
os
.
O_CREAT
|
os
.
O_TRUNC
),
stderr
=
subprocess
.
STDOUT
)
# Create and open read_only pipe to get connect/disconnect events from openvpn
# Create and open read_only pipe to get connect/disconnect events from openvpn
log_message
(
'Creating pipe for openvpn events'
,
3
)
log_message
(
'Creating pipe for openvpn events'
,
3
)
...
@@ -179,9 +177,8 @@ def main():
...
@@ -179,9 +177,8 @@ def main():
# Establish connections
# Establish connections
log_message
(
'Starting openvpn server'
,
3
)
log_message
(
'Starting openvpn server'
,
3
)
serverProcess
=
openvpn
.
server
(
config
.
ip
,
write_pipe
,
serverProcess
=
openvpn
.
server
(
config
.
ip
,
write_pipe
,
'--dev'
,
'vifibnet'
,
'--dev'
,
'vifibnet'
,
stdout
=
os
.
open
(
'%s/vifibnet.server.log'
%
(
config
.
log_directory
,),
os
.
O_WRONLY
|
os
.
O_CREAT
|
os
.
O_TRUNC
))
stdout
=
os
.
open
(
config
.
server_log
,
os
.
O_WRONLY
|
os
.
O_CREAT
|
os
.
O_TRUNC
))
startNewConnection
(
config
.
client_count
)
startNewConnection
(
config
.
client_count
)
# Timed refresh initializing
# Timed refresh initializing
...
...
openvpn.py
View file @
bb5ddbd1
...
@@ -8,12 +8,12 @@ def openvpn(*args, **kw):
...
@@ -8,12 +8,12 @@ def openvpn(*args, **kw):
'--persist-key'
,
'--persist-key'
,
'--script-security'
,
'2'
,
'--script-security'
,
'2'
,
'--user'
,
'nobody'
,
'--user'
,
'nobody'
,
'--ping'
,
'1'
,
# I don't kown how Babel works, but if it test the
# I don't kown how Babel works, but if it test the
# connection often, the ping directive might not be needed
# connection often, the ping directive might not be needed
# if it test the connection very often, we could also decrease
# if it test the connection very often, we could also decrease
# ping-exit to 1 sec
# ping-exit to 1 sec
'--ping-exit'
,
'3'
,
# '--ping', '1',
# '--ping-exit', '3',
'--group'
,
'nogroup'
,
'--group'
,
'nogroup'
,
'--verb'
,
str
(
config
.
verbose
),
'--verb'
,
str
(
config
.
verbose
),
]
+
list
(
args
)
+
config
.
openvpn_args
]
+
list
(
args
)
+
config
.
openvpn_args
...
@@ -31,7 +31,7 @@ def server(ip, pipe_fd, *args, **kw):
...
@@ -31,7 +31,7 @@ def server(ip, pipe_fd, *args, **kw):
'--duplicate-cn'
,
# XXX : to be removed
'--duplicate-cn'
,
# XXX : to be removed
'--up'
,
'up-server '
+
ip
,
'--up'
,
'up-server '
+
ip
,
'--client-connect'
,
'client-connect '
+
str
(
pipe_fd
),
'--client-connect'
,
'client-connect '
+
str
(
pipe_fd
),
'--client-disconnect'
,
'client-
dis
connect '
+
str
(
pipe_fd
),
'--client-disconnect'
,
'client-connect '
+
str
(
pipe_fd
),
'--dh'
,
config
.
dh
,
'--dh'
,
config
.
dh
,
*
args
,
**
kw
)
*
args
,
**
kw
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment