From 8824679d81bec0af549ddaebb9111676b546b88d Mon Sep 17 00:00:00 2001 From: midoks Date: Mon, 20 Jun 2022 18:55:42 +0800 Subject: [PATCH] https://github.com/mw-plugin/l2tp --- plugins/l2tp/LICENSE | 21 - plugins/l2tp/ico.png | Bin 2459 -> 0 bytes plugins/l2tp/index.html | 19 - plugins/l2tp/index.py | 233 ---------- plugins/l2tp/info.json | 14 - plugins/l2tp/install.sh | 46 -- plugins/l2tp/js/l2tp.js | 158 ------- plugins/l2tp/scripts/l2tp.sh | 820 --------------------------------- plugins/l2tp/tmp/chap-secrets | 3 - plugins/l2tp/tmp/ipsec.secrets | 1 - 10 files changed, 1315 deletions(-) delete mode 100644 plugins/l2tp/LICENSE delete mode 100644 plugins/l2tp/ico.png delete mode 100755 plugins/l2tp/index.html delete mode 100755 plugins/l2tp/index.py delete mode 100755 plugins/l2tp/info.json delete mode 100755 plugins/l2tp/install.sh delete mode 100755 plugins/l2tp/js/l2tp.js delete mode 100644 plugins/l2tp/scripts/l2tp.sh delete mode 100644 plugins/l2tp/tmp/chap-secrets delete mode 100644 plugins/l2tp/tmp/ipsec.secrets diff --git a/plugins/l2tp/LICENSE b/plugins/l2tp/LICENSE deleted file mode 100644 index b89fade39..000000000 --- a/plugins/l2tp/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2019 Mr Chen - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/plugins/l2tp/ico.png b/plugins/l2tp/ico.png deleted file mode 100644 index ddfd2f89b51407ed7c18f3f8b5ba840ad3aabbac..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2459 zcmV;M31s$(P)UT5yyW$7tlb0gp?2{&1Gf)p&$mr1;ubXyOe;u43eaZM<5ENl!B57F;t;}@KAyv z4-t^!jnM)OAc=y4-p*bUgFpd-$ZKXV355s*f`JIh-L&=1-tNxq?(Oa+DXaLZQmNao zzyA8)udlmD_?R#Gn9I+$0nno(=qOG`B?tN?;80+flya1Hz)FNd{IA=73Xy@WRp8bE z=qVn6rQZN%)d}2MvUh-AV{r@J&aUbpA%;w=cLHfE@6z`6mV`|;dY@WbB%In;;IVg*WERUSMDs`q19D~X-lwXl`O3GON)@TMcoC7)!WT(12lx2AK@y)VT za{zv@806%7#`-X$IEgOzy~q;Unjc&Pat@Z{=(h6}n&oTupuhi4 zgfBNZcNd;BdnhXm4Z!$3+|ocR3&=W`)cx)U%TXDNXYW6x#*90z3!erVLB`&vF5~#Y z=_tR9<0rNB3_SO?Mj#pkSP^#8&kMi~sY9Z3$+*|lG0KPC@#BO}$8+y*8hnM~@u)t4 zFq4d9;w8OeSK|SY?GhUsiDW-=c3&-dV*vS}7ZLNCCYCP3bI)%mTt0jlp_7cgU&}mh z-Vr~14y2!~(>NXH!RaNzY6>=rWd`K0n1nmI&=oAmkmBvB@Oljhhj-DD)Y(OS2VffaD+c4l)8x> zM~?a-Z;n z`0WsD4>A)>VOL#+zTMI2bzmc&vtzuG4_`!h3D23<;-0&axaTOZEAbptM?$Mc7`zF8Xv(;Dvm_9BZt4HJ{Tcx6GB1P&qnK<|ULl_2)&K}LrJir;*pE!7 zDJQnwshh0U8yPd&JF6P_FQCCM0Qua#4M4R!2Rb@~=rzz?1RncNnxK{reS zFddVXKxzDceH}Bg`pDRK#J?AUMW_s&L0U^I6-wPcUKHkJ=Jy`A{^9Xw}jZ4A5&vR9R;jUfJi z0WiY^bhI}IQoE=8!84Z?THIM;8v1@sk^QfDU2O)DqCwH*ue2FDV~(rOH| zl&oW3{ZtT}F3Y^ErKS2CvTl7lnMBmg0+CK3=RO&e_XJ&7@pYqU z&{O;*5^YHJqmdj)&VFV{1kGch^4#Nx7XX)Tkp+5#y@}+dglF`l)@X9}hiL%jui7|( z#duD#21(1%Du_+TWo?#p0M@{0WdT1lDZ4tA(5nB}11JR3QAsq~x*2Q4K6H1QG6QuI&M0%jGb(G zhxowZho%cVGIdy~A87TiK8UEl(%!X_wQgVK^;pxjD_>lI=)#)&A0_LUOqs^i@Y3F3 zJQ2@>j83@H1}y2`nvW4}0W?Y(=+7fEDt$Nm)9tQl4}hVn3+Q;du#S$7gDXLuABL%b??wY`zQ)5a~m(L~Z+@1Qp zH=IO-DgGAVIrTZ;B#1&-K;-~*)VN9oYM7Lg$6261PHR5iycW+*%aFLZ)p*@B)MgTA z<~HeN+B)IP_?tj^`Na!CFGBbx87Dm$_5-5~GfF=-&S2%0?>hvEZUR2v;Ep@+oYR|) zD_eiyFkJoO{8&4wej&b2Q62;9MznJ&Sq3N+&BJpVa4T4sm4;UXmmzW#Fb~hUlAbq5 zA@84z=-D8R>VGrfx&Y6;yj9$^2Oy4#qDQ3nAnewdss0CKRjGH?ljF}yY2SMewH`zC zi=YRk=1*z5H;I@|&RyP0c(dO=07Jbh+>H;p1K}&}FdsIJ@(9~SvzfZ*o9&(*9)OD9 zhTn=m3yJL6?nO=MR9{8pay;kO;qu!u097F7!^Uis6A? -
-
-

服务

-

用户配置

-

PSK配置

-

用户列表

-

说明

-
-
-
-
-
- - \ No newline at end of file diff --git a/plugins/l2tp/index.py b/plugins/l2tp/index.py deleted file mode 100755 index dd2ba504f..000000000 --- a/plugins/l2tp/index.py +++ /dev/null @@ -1,233 +0,0 @@ -# coding:utf-8 - -import sys -import io -import os -import time -import shutil - -sys.path.append(os.getcwd() + "/class/core") -import mw - -app_debug = False -if mw.isAppleSystem(): - app_debug = True - - -def getPluginName(): - return 'l2tp' - - -def getPluginDir(): - return mw.getPluginDir() + '/' + getPluginName() - - -def getServerDir(): - return mw.getServerDir() + '/' + getPluginName() - - -def getArgs(): - args = sys.argv[2:] - tmp = {} - args_len = len(args) - - if args_len == 1: - t = args[0].strip('{').strip('}') - t = t.split(':') - tmp[t[0]] = t[1] - elif args_len > 1: - for i in range(len(args)): - t = args[i].split(':') - tmp[t[0]] = t[1] - - return tmp - - -def checkArgs(data, ck=[]): - for i in range(len(ck)): - if not ck[i] in data: - return (False, mw.returnJson(False, '参数:(' + ck[i] + ')没有!')) - return (True, mw.returnJson(True, 'ok')) - - -def status(): - cmd = "ps -ef|grep xl2tpd |grep -v grep | grep -v python | awk '{print $2}'" - data = mw.execShell(cmd) - if data[0] == '': - return 'stop' - return 'start' - - -def initConf(): - l2tp_cs = getServerDir() + '/chap-secrets' - if not os.path.exists(l2tp_cs): - mw.execShell('cp -rf ' + getPluginDir() + - '/tmp/chap-secrets' + ' ' + getServerDir()) - - l2tp_is = getServerDir() + '/ipsec.secrets' - if not os.path.exists(l2tp_is): - mw.execShell('cp -rf ' + getPluginDir() + - '/tmp/ipsec.secrets' + ' ' + getServerDir()) - - -def start(): - initConf() - - if mw.isAppleSystem(): - return "Apple Computer does not support" - - data = mw.execShell('service xl2tpd start') - if data[0] == '': - return 'ok' - return data[1] - - -def stop(): - if mw.isAppleSystem(): - return "Apple Computer does not support" - - data = mw.execShell('service xl2tpd stop') - if data[0] == '': - return 'ok' - return data[1] - - -def restart(): - if mw.isAppleSystem(): - return "Apple Computer does not support" - - data = mw.execShell('service xl2tpd restart') - if data[0] == '': - return 'ok' - return data[1] - - -def reload(): - data = mw.execShell('service xl2tpd reload') - if data[0] == '': - return 'ok' - return data[1] - - -def getPathFile(): - if mw.isAppleSystem(): - return getServerDir() + '/chap-secrets' - return '/etc/ppp/chap-secrets' - - -def getPathFilePsk(): - if mw.isAppleSystem(): - return getServerDir() + '/ipsec.secrets' - return '/etc/ipsec.secrets' - - -def getUserList(): - import re - path = getPathFile() - if not os.path.exists(path): - return mw.returnJson(False, '密码配置文件不存在!') - conf = mw.readFile(path) - - conf = re.sub('#(.*)\n', '', conf) - - if conf.strip() == '': - return mw.returnJson(True, 'ok', []) - - ulist = conf.strip().split('\n') - - user = [] - for line in ulist: - line_info = {} - line = re.match(r'(\w*)\s*(\w*)\s*(\w*)\s*(.*)', - line.strip(), re.M | re.I).groups() - line_info['user'] = line[0] - line_info['pwd'] = line[2] - line_info['type'] = line[1] - line_info['ip'] = line[3] - user.append(line_info) - - return mw.returnJson(True, 'ok', user) - - -def addUser(): - if mw.isAppleSystem(): - return mw.returnJson(False, "Apple Computer does not support") - - args = getArgs() - data = checkArgs(args, ['username']) - if not data[0]: - return data[1] - ret = mw.execShell('echo ' + args['username'] + '|l2tp -a') - if ret[1] == '': - return mw.returnJson(True, '添加成功!:' + ret[0]) - return mw.returnJson(False, '添加失败:' + ret[0]) - - -def delUser(): - if mw.isAppleSystem(): - return mw.returnJson(False, "Apple Computer does not support") - - args = getArgs() - data = checkArgs(args, ['username']) - if not data[0]: - return data[1] - - ret = mw.execShell('echo ' + args['username'] + '|l2tp -d') - if ret[1] == '': - return mw.returnJson(True, '删除成功!:' + ret[0]) - return mw.returnJson(False, '删除失败:' + ret[0]) - - -def modUser(): - - args = getArgs() - data = checkArgs(args, ['username', 'password']) - if not data[0]: - return data[1] - - path = getPathFile() - username = args['username'] - password = args['password'] - - # sed -i "/^\<${user}\>/d" /etc/ppp/chap-secrets - # echo "${user} l2tpd ${pass} *" >> /etc/ppp/chap-secrets - - if mw.isAppleSystem(): - mw.execShell("sed -i .bak '/^\(" + username + "\)/d' " + path) - else: - mw.execShell("sed -i '/^\(" + username + "\)/d' " + path) - # print 'echo "' + username + " l2tpd " + password + " *\" >>" - # + path - ret = mw.execShell("echo \"" + username + - " l2tpd " + password + " *\" >>" + path) - if ret[1] == '': - return mw.returnJson(True, '修改成功!') - return mw.returnJson(False, '修改失败') - - -if __name__ == "__main__": - func = sys.argv[1] - if func == 'status': - print(status()) - elif func == 'start': - print(start()) - elif func == 'stop': - print(stop()) - elif func == 'restart': - print(restart()) - elif func == 'reload': - print(reload()) - elif func == 'conf': - print(getPathFile()) - elif func == 'conf_psk': - print(getPathFilePsk()) - elif func == 'user_list': - print(getUserList()) - elif func == 'add_user': - print(addUser()) - elif func == 'del_user': - print(delUser()) - elif func == 'mod_user': - print(modUser()) - else: - print('error') diff --git a/plugins/l2tp/info.json b/plugins/l2tp/info.json deleted file mode 100755 index c416b5855..000000000 --- a/plugins/l2tp/info.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "title":"L2TP", - "tip":"soft", - "name":"l2tp", - "type":"运行环境", - "ps":"VPN网关", - "versions":"1.0", - "shell":"install.sh", - "checks":"server/l2tp", - "author":"teddysun", - "home":"https://github.com/teddysun/across/blob/master/l2tp.sh", - "date":"2019-02-27", - "pid": "5" -} \ No newline at end of file diff --git a/plugins/l2tp/install.sh b/plugins/l2tp/install.sh deleted file mode 100755 index 2d7b767bb..000000000 --- a/plugins/l2tp/install.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin -export PATH - - -curPath=`pwd` -rootPath=$(dirname "$curPath") -rootPath=$(dirname "$rootPath") -serverPath=$(dirname "$rootPath") - - -install_tmp=${rootPath}/tmp/mw_install.pl -SYSOS=`uname` - -Install_l2tp() -{ - isStart="" - echo '正在安装脚本文件...' > $install_tmp - mkdir -p $serverPath/l2tp - echo '1.0' > $serverPath/l2tp/version.pl - - cp -rf scripts/l2tp.sh $serverPath/l2tp - chmod +x $serverPath/l2tp/l2tp.sh - - if [ "Darwin" == "$SYSOS" ];then - echo 'macosx unavailable' > $install_tmp - exit 0 - fi - - /bin/sh $serverPath/l2tp/l2tp.sh - - echo 'install complete' > $install_tmp -} - -Uninstall_l2tp() -{ - rm -rf $serverPath/l2tp - echo "Uninstall completed" > $install_tmp -} - -action=$1 -if [ "${1}" == 'install' ];then - Install_l2tp -else - Uninstall_l2tp -fi diff --git a/plugins/l2tp/js/l2tp.js b/plugins/l2tp/js/l2tp.js deleted file mode 100755 index df80baa57..000000000 --- a/plugins/l2tp/js/l2tp.js +++ /dev/null @@ -1,158 +0,0 @@ -function str2Obj(str){ - var data = {}; - kv = str.split('&'); - for(i in kv){ - v = kv[i].split('='); - data[v[0]] = v[1]; - } - return data; -} - -function lpPost(method,args,callback, title){ - - var _args = null; - if (typeof(args) == 'string'){ - _args = JSON.stringify(str2Obj(args)); - } else { - _args = JSON.stringify(args); - } - - var _title = '正在获取...'; - if (typeof(title) != 'undefined'){ - _title = title; - } - - var loadT = layer.msg(_title, { icon: 16, time: 0, shade: 0.3 }); - $.post('/plugins/run', {name:'l2tp', func:method, args:_args}, function(data) { - layer.close(loadT); - if (!data.status){ - layer.msg(data.msg,{icon:0,time:2000,shade: [0.3, '#000']}); - return; - } - - if(typeof(callback) == 'function'){ - callback(data); - } - },'json'); -} - -function lpAsyncPost(method,args){ - var _args = null; - if (typeof(args) == 'string'){ - _args = JSON.stringify(str2Obj(args)); - } else { - _args = JSON.stringify(args); - } - - var loadT = layer.msg('正在获取...', { icon: 16, time: 0, shade: 0.3 }); - return syncPost('/plugins/run', {name:'l2tp', func:method, args:_args}); -} - -function userList(){ - lpPost('user_list', '' ,function(data){ - var rdata = $.parseJSON(data['data']); - - if (!rdata['status']){ - layer.msg(rdata.msg,{icon:0,time:2000,shade: [0.3, '#000']}); - return; - } - var list = rdata['data']; - - var con = ''; - con += '
'; - con += ''; - con += ''; - con += ''; - con += ''; - con += ''; - - con += ''; - - for (var i = 0; i < list.length; i++) { - con += ''+ - '' + - '' + - ''; - } - - con += ''; - con += '
用户密码操作(添加)
' + list[i]['user']+'' + list[i]['pwd']+'改密|删除
'; - - $(".soft-man-con").html(con); - }); -} - - -function addUser(){ - var loadOpen = layer.open({ - type: 1, - title: '添加用户', - area: '240px', - content:"
\ -
\ -
\ -
\ -
\ - \ -
\ -
" - }); - - $('#add_ok').click(function(){ - _data = {}; - _data['username'] = $('#username').val(); - var loadT = layer.msg('正在获取...', { icon: 16, time: 0, shade: 0.3 }); - lpPost('add_user', _data, function(data){ - var rdata = $.parseJSON(data.data); - layer.close(loadOpen); - layer.msg(rdata.msg,{icon:rdata.status?1:2,time:2000,shade: [0.3, '#000']}); - setTimeout(function(){userList();},2000); - }); - }); -} - -function delUser(username){ - lpPost('del_user', {username:username}, function(data){ - var rdata = $.parseJSON(data.data); - layer.msg(rdata.msg,{icon:rdata.status?1:2,time:2000,shade: [0.3, '#000']}); - setTimeout(function(){userList();},2000); - }); -} - -function modUser(username){ - var loadOpen = layer.open({ - type: 1, - title: '修改密码', - area: '240px', - content:"
\ -
\ -
\ -
\ -
\ - \ -
\ -
" - }); - - $('#mod_ok').click(function(){ - _data = {}; - _data['username'] = username; - _data['password'] = $('#password').val(); - var loadT = layer.msg('正在获取...', { icon: 16, time: 0, shade: 0.3 }); - lpPost('mod_user', _data, function(data){ - var rdata = $.parseJSON(data.data); - layer.close(loadOpen); - layer.msg(rdata.msg,{icon:rdata.status?1:2,time:2000,shade: [0.3, '#000']}); - setTimeout(function(){userList();},2000); - }); - }); -} - - -function readme(){ - var readme = '
    '; - readme += '
  • PPTP需开放端口:UDP:1723
    • '; - readme += '
  • L2TP需开放端口:UDP:500,UDP:4500,UDP:1701
    • '; - readme += '
'; - $('.soft-man-con').html(readme); -} diff --git a/plugins/l2tp/scripts/l2tp.sh b/plugins/l2tp/scripts/l2tp.sh deleted file mode 100644 index 2109a4489..000000000 --- a/plugins/l2tp/scripts/l2tp.sh +++ /dev/null @@ -1,820 +0,0 @@ -#!/usr/bin/env bash -PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin -export PATH -#=======================================================================# -# System Supported: CentOS 6+ / Debian 7+ / Ubuntu 12+ # -# Description: L2TP VPN Auto Installer # -# Author: Teddysun # -# Intro: https://teddysun.com/448.html # -#=======================================================================# -cur_dir=`pwd` - -libreswan_filename="libreswan-3.27" -download_root_url="https://dl.lamp.sh/files" - -rootness(){ - if [[ $EUID -ne 0 ]]; then - echo "Error:This script must be run as root!" 1>&2 - exit 1 - fi -} - -tunavailable(){ - if [[ ! -e /dev/net/tun ]]; then - echo "Error:TUN/TAP is not available!" 1>&2 - exit 1 - fi -} - -disable_selinux(){ -if [ -s /etc/selinux/config ] && grep 'SELINUX=enforcing' /etc/selinux/config; then - sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config - setenforce 0 -fi -} - -get_opsy(){ - [ -f /etc/redhat-release ] && awk '{print ($1,$3~/^[0-9]/?$3:$4)}' /etc/redhat-release && return - [ -f /etc/os-release ] && awk -F'[= "]' '/PRETTY_NAME/{print $3,$4,$5}' /etc/os-release && return - [ -f /etc/lsb-release ] && awk -F'[="]+' '/DESCRIPTION/{print $2}' /etc/lsb-release && return -} - -get_os_info(){ - IP=$( ip addr | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | egrep -v "^192\.168|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-2]\.|^10\.|^127\.|^255\.|^0\." | head -n 1 ) - [ -z ${IP} ] && IP=$( wget -qO- -t1 -T2 ipv4.icanhazip.com ) - - local cname=$( awk -F: '/model name/ {name=$2} END {print name}' /proc/cpuinfo | sed 's/^[ \t]*//;s/[ \t]*$//' ) - local cores=$( awk -F: '/model name/ {core++} END {print core}' /proc/cpuinfo ) - local freq=$( awk -F: '/cpu MHz/ {freq=$2} END {print freq}' /proc/cpuinfo | sed 's/^[ \t]*//;s/[ \t]*$//' ) - local tram=$( free -m | awk '/Mem/ {print $2}' ) - local swap=$( free -m | awk '/Swap/ {print $2}' ) - local up=$( awk '{a=$1/86400;b=($1%86400)/3600;c=($1%3600)/60;d=$1%60} {printf("%ddays, %d:%d:%d\n",a,b,c,d)}' /proc/uptime ) - local load=$( w | head -1 | awk -F'load average:' '{print $2}' | sed 's/^[ \t]*//;s/[ \t]*$//' ) - local opsy=$( get_opsy ) - local arch=$( uname -m ) - local lbit=$( getconf LONG_BIT ) - local host=$( hostname ) - local kern=$( uname -r ) - - echo "########## System Information ##########" - echo - echo "CPU model : ${cname}" - echo "Number of cores : ${cores}" - echo "CPU frequency : ${freq} MHz" - echo "Total amount of ram : ${tram} MB" - echo "Total amount of swap : ${swap} MB" - echo "System uptime : ${up}" - echo "Load average : ${load}" - echo "OS : ${opsy}" - echo "Arch : ${arch} (${lbit} Bit)" - echo "Kernel : ${kern}" - echo "Hostname : ${host}" - echo "IPv4 address : ${IP}" - echo - echo "########################################" -} - -check_sys(){ - local checkType=$1 - local value=$2 - - local release='' - local systemPackage='' - - if [[ -f /etc/redhat-release ]]; then - release="centos" - systemPackage="yum" - elif cat /etc/issue | grep -Eqi "debian"; then - release="debian" - systemPackage="apt" - elif cat /etc/issue | grep -Eqi "ubuntu"; then - release="ubuntu" - systemPackage="apt" - elif cat /etc/issue | grep -Eqi "centos|red hat|redhat"; then - release="centos" - systemPackage="yum" - elif cat /proc/version | grep -Eqi "debian"; then - release="debian" - systemPackage="apt" - elif cat /proc/version | grep -Eqi "ubuntu"; then - release="ubuntu" - systemPackage="apt" - elif cat /proc/version | grep -Eqi "centos|red hat|redhat"; then - release="centos" - systemPackage="yum" - fi - - if [[ ${checkType} == "sysRelease" ]]; then - if [ "$value" == "$release" ];then - return 0 - else - return 1 - fi - elif [[ ${checkType} == "packageManager" ]]; then - if [ "$value" == "$systemPackage" ];then - return 0 - else - return 1 - fi - fi -} - -rand(){ - index=0 - str="" - for i in {a..z}; do arr[index]=${i}; index=`expr ${index} + 1`; done - for i in {A..Z}; do arr[index]=${i}; index=`expr ${index} + 1`; done - for i in {0..9}; do arr[index]=${i}; index=`expr ${index} + 1`; done - for i in {1..10}; do str="$str${arr[$RANDOM%$index]}"; done - echo ${str} -} - -is_64bit(){ - if [ `getconf WORD_BIT` = '32' ] && [ `getconf LONG_BIT` = '64' ] ; then - return 0 - else - return 1 - fi -} - -download_file(){ - if [ -s ${1} ]; then - echo "$1 [found]" - else - echo "$1 not found!!!download now..." - if ! wget -c -t3 -T60 ${download_root_url}/${1}; then - echo "Failed to download $1, please download it to ${cur_dir} directory manually and try again." - exit 1 - fi - fi -} - -versionget(){ - if [[ -s /etc/redhat-release ]];then - grep -oE "[0-9.]+" /etc/redhat-release - else - grep -oE "[0-9.]+" /etc/issue - fi -} - -centosversion(){ - if check_sys sysRelease centos;then - local code=${1} - local version="`versionget`" - local main_ver=${version%%.*} - if [ "${main_ver}" == "${code}" ];then - return 0 - else - return 1 - fi - else - return 1 - fi -} - -debianversion(){ - if check_sys sysRelease debian;then - local version=$( get_opsy ) - local code=${1} - local main_ver=$( echo ${version} | sed 's/[^0-9]//g') - if [ "${main_ver}" == "${code}" ];then - return 0 - else - return 1 - fi - else - return 1 - fi -} - -version_check(){ - if check_sys packageManager yum; then - if centosversion 5; then - echo "Error: CentOS 5 is not supported, Please re-install OS and try again." - exit 1 - fi - fi -} - -get_char(){ - SAVEDSTTY=`stty -g` - stty -echo - stty cbreak - dd if=/dev/tty bs=1 count=1 2> /dev/null - stty -raw - stty echo - stty $SAVEDSTTY -} - -preinstall_l2tp(){ - - echo - if [ -d "/proc/vz" ]; then - echo -e "\033[41;37m WARNING: \033[0m Your VPS is based on OpenVZ, and IPSec might not be supported by the kernel." - echo "Continue installation? (y/n)" - read -p "(Default: n)" agree - [ -z ${agree} ] && agree="n" - if [ "${agree}" == "n" ]; then - echo - echo "L2TP installation cancelled." - echo - exit 0 - fi - fi - echo - echo "Please enter IP-Range:" - # read -p "(Default Range: 192.168.18):" iprange - # [ -z ${iprange} ] && iprange="192.168.18" - iprange="192.168.18" - echo ${iprange} - - echo "Please enter PSK:" - # read -p "(Default PSK: teddysun.com):" mypsk - # [ -z ${mypsk} ] && mypsk="teddysun.com" - mypsk="midoks" - echo ${mypsk} - - echo "Please enter Username:" - # read -p "(Default Username: teddysun):" username - # [ -z ${username} ] && username="teddysun" - username="midoks" - echo ${username} - - # password=`rand` - echo "Please enter ${username}'s password:" - # read -p "(Default Password: ${password}):" tmppassword - # [ ! -z ${tmppassword} ] && password=${tmppassword} - password=midoks - echo ${password} - - echo - echo "ServerIP:${IP}" - echo "Server Local IP:${iprange}.1" - echo "Client Remote IP Range:${iprange}.2-${iprange}.254" - echo "PSK:${mypsk}" - echo - echo "Press any key to start... or press Ctrl + C to cancel." - char=`get_char` - -} - -install_l2tp(){ - - mknod /dev/random c 1 9 - - if check_sys packageManager apt; then - apt-get -y update - - if debianversion 7; then - if is_64bit; then - local libnspr4_filename1="libnspr4_4.10.7-1_amd64.deb" - local libnspr4_filename2="libnspr4-0d_4.10.7-1_amd64.deb" - local libnspr4_filename3="libnspr4-dev_4.10.7-1_amd64.deb" - local libnspr4_filename4="libnspr4-dbg_4.10.7-1_amd64.deb" - local libnss3_filename1="libnss3_3.17.2-1.1_amd64.deb" - local libnss3_filename2="libnss3-1d_3.17.2-1.1_amd64.deb" - local libnss3_filename3="libnss3-tools_3.17.2-1.1_amd64.deb" - local libnss3_filename4="libnss3-dev_3.17.2-1.1_amd64.deb" - local libnss3_filename5="libnss3-dbg_3.17.2-1.1_amd64.deb" - else - local libnspr4_filename1="libnspr4_4.10.7-1_i386.deb" - local libnspr4_filename2="libnspr4-0d_4.10.7-1_i386.deb" - local libnspr4_filename3="libnspr4-dev_4.10.7-1_i386.deb" - local libnspr4_filename4="libnspr4-dbg_4.10.7-1_i386.deb" - local libnss3_filename1="libnss3_3.17.2-1.1_i386.deb" - local libnss3_filename2="libnss3-1d_3.17.2-1.1_i386.deb" - local libnss3_filename3="libnss3-tools_3.17.2-1.1_i386.deb" - local libnss3_filename4="libnss3-dev_3.17.2-1.1_i386.deb" - local libnss3_filename5="libnss3-dbg_3.17.2-1.1_i386.deb" - fi - rm -rf ${cur_dir}/l2tp - mkdir -p ${cur_dir}/l2tp - cd ${cur_dir}/l2tp - download_file "${libnspr4_filename1}" - download_file "${libnspr4_filename2}" - download_file "${libnspr4_filename3}" - download_file "${libnspr4_filename4}" - download_file "${libnss3_filename1}" - download_file "${libnss3_filename2}" - download_file "${libnss3_filename3}" - download_file "${libnss3_filename4}" - download_file "${libnss3_filename5}" - dpkg -i ${libnspr4_filename1} ${libnspr4_filename2} ${libnspr4_filename3} ${libnspr4_filename4} - dpkg -i ${libnss3_filename1} ${libnss3_filename2} ${libnss3_filename3} ${libnss3_filename4} ${libnss3_filename5} - - apt-get -y install wget gcc ppp flex bison make pkg-config libpam0g-dev libcap-ng-dev iptables \ - libcap-ng-utils libunbound-dev libevent-dev libcurl4-nss-dev libsystemd-daemon-dev - else - apt-get -y install wget gcc ppp flex bison make python libnss3-dev libnss3-tools libselinux-dev iptables \ - libnspr4-dev pkg-config libpam0g-dev libcap-ng-dev libcap-ng-utils libunbound-dev \ - libevent-dev libcurl4-nss-dev libsystemd-dev - fi - apt-get -y --no-install-recommends install xmlto - apt-get -y install xl2tpd - - compile_install - elif check_sys packageManager yum; then - echo "Adding the EPEL repository..." - yum -y install epel-release yum-utils - [ ! -f /etc/yum.repos.d/epel.repo ] && echo "Install EPEL repository failed, please check it." && exit 1 - yum-config-manager --enable epel - echo "Adding the EPEL repository complete..." - - if centosversion 7; then - yum -y install ppp libreswan xl2tpd firewalld - yum_install - elif centosversion 6; then - yum -y remove libevent-devel - yum -y install libevent2-devel - yum -y install nss-devel nspr-devel pkgconfig pam-devel \ - libcap-ng-devel libselinux-devel lsof \ - curl-devel flex bison gcc ppp make iptables gmp-devel \ - fipscheck-devel unbound-devel xmlto libpcap-devel xl2tpd - - compile_install - fi - fi - -} - -config_install(){ - - cat > /etc/ipsec.conf< /etc/ipsec.secrets< /etc/xl2tpd/xl2tpd.conf< /etc/ppp/options.xl2tpd< /etc/ppp/chap-secrets< Makefile.inc.local <<'EOF' -WERROR_CFLAGS = -USE_DNSSEC = false -USE_DH31 = false -USE_GLIBC_KERN_FLIP_HEADERS = true -EOF - make programs && make install - - /usr/local/sbin/ipsec --version >/dev/null 2>&1 - if [ $? -ne 0 ]; then - echo "${libreswan_filename} install failed." - exit 1 - fi - - config_install - - cp -pf /etc/sysctl.conf /etc/sysctl.conf.bak - - sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf - - for each in `ls /proc/sys/net/ipv4/conf/`; do - echo "net.ipv4.conf.${each}.accept_source_route=0" >> /etc/sysctl.conf - echo "net.ipv4.conf.${each}.accept_redirects=0" >> /etc/sysctl.conf - echo "net.ipv4.conf.${each}.send_redirects=0" >> /etc/sysctl.conf - echo "net.ipv4.conf.${each}.rp_filter=0" >> /etc/sysctl.conf - done - sysctl -p - - if centosversion 6; then - [ -f /etc/sysconfig/iptables ] && cp -pf /etc/sysconfig/iptables /etc/sysconfig/iptables.old.`date +%Y%m%d` - - if [ "`iptables -L -n | grep -c '\-\-'`" == "0" ]; then - cat > /etc/sysconfig/iptables < /var/tmp/libreswan-nss-pwd - certutil -N -f /var/tmp/libreswan-nss-pwd -d /etc/ipsec.d - rm -f /var/tmp/libreswan-nss-pwd - fi - - chkconfig --add iptables - chkconfig iptables on - chkconfig --add ipsec - chkconfig ipsec on - chkconfig --add xl2tpd - chkconfig xl2tpd on - - /etc/init.d/iptables restart - /etc/init.d/ipsec start - /etc/init.d/xl2tpd start - - else - [ -f /etc/iptables.rules ] && cp -pf /etc/iptables.rules /etc/iptables.rules.old.`date +%Y%m%d` - - if [ "`iptables -L -n | grep -c '\-\-'`" == "0" ]; then - cat > /etc/iptables.rules < /etc/iptables.rules - fi - - cat > /etc/network/if-up.d/iptables < /var/tmp/libreswan-nss-pwd - certutil -N -f /var/tmp/libreswan-nss-pwd -d /etc/ipsec.d - rm -f /var/tmp/libreswan-nss-pwd - fi - - update-rc.d -f xl2tpd defaults - - cp -f /etc/rc.local /etc/rc.local.old.`date +%Y%m%d` - sed --follow-symlinks -i -e '/^exit 0/d' /etc/rc.local - cat >> /etc/rc.local < /proc/sys/net/ipv4/ip_forward -/usr/sbin/service ipsec start -exit 0 -EOF - chmod +x /etc/rc.local - echo 1 > /proc/sys/net/ipv4/ip_forward - - /sbin/iptables-restore < /etc/iptables.rules - /usr/sbin/service ipsec start - /usr/sbin/service xl2tpd restart - - fi - -} - -yum_install(){ - - config_install - - cp -pf /etc/sysctl.conf /etc/sysctl.conf.bak - - echo "# Added by L2TP VPN" >> /etc/sysctl.conf - echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf - echo "net.ipv4.tcp_syncookies=1" >> /etc/sysctl.conf - echo "net.ipv4.icmp_echo_ignore_broadcasts=1" >> /etc/sysctl.conf - echo "net.ipv4.icmp_ignore_bogus_error_responses=1" >> /etc/sysctl.conf - - for each in `ls /proc/sys/net/ipv4/conf/`; do - echo "net.ipv4.conf.${each}.accept_source_route=0" >> /etc/sysctl.conf - echo "net.ipv4.conf.${each}.accept_redirects=0" >> /etc/sysctl.conf - echo "net.ipv4.conf.${each}.send_redirects=0" >> /etc/sysctl.conf - echo "net.ipv4.conf.${each}.rp_filter=0" >> /etc/sysctl.conf - done - sysctl -p - - cat > /etc/firewalld/services/xl2tpd.xml< - - xl2tpd - L2TP IPSec - - - -EOF - chmod 640 /etc/firewalld/services/xl2tpd.xml - - systemctl enable ipsec - systemctl enable xl2tpd - systemctl enable firewalld - - systemctl status firewalld > /dev/null 2>&1 - if [ $? -eq 0 ]; then - firewall-cmd --reload - echo "Checking firewalld status..." - firewall-cmd --list-all - echo "add firewalld rules..." - firewall-cmd --permanent --add-service=ipsec - firewall-cmd --permanent --add-service=xl2tpd - firewall-cmd --permanent --add-masquerade - firewall-cmd --reload - else - echo "Firewalld looks like not running, trying to start..." - systemctl start firewalld - if [ $? -eq 0 ]; then - echo "Firewalld start successfully..." - firewall-cmd --reload - echo "Checking firewalld status..." - firewall-cmd --list-all - echo "adding firewalld rules..." - firewall-cmd --permanent --add-service=ipsec - firewall-cmd --permanent --add-service=xl2tpd - firewall-cmd --permanent --add-masquerade - firewall-cmd --reload - else - echo "Failed to start firewalld. please enable udp port 500 4500 1701 manually if necessary." - fi - fi - - systemctl restart ipsec - systemctl restart xl2tpd - echo "Checking ipsec status..." - systemctl -a | grep ipsec - echo "Checking xl2tpd status..." - systemctl -a | grep xl2tpd - echo "Checking firewalld status..." - firewall-cmd --list-all - -} - -finally(){ - - cd ${cur_dir} - rm -fr ${cur_dir}/l2tp - # create l2tp command - cp -f ${cur_dir}/`basename $0` /usr/bin/l2tp - - echo "Please wait a moment..." - sleep 5 - ipsec verify - echo - echo "###############################################################" - echo "# L2TP VPN Auto Installer #" - echo "# System Supported: CentOS 6+ / Debian 7+ / Ubuntu 12+ #" - echo "# Intro: https://teddysun.com/448.html #" - echo "# Author: Teddysun #" - echo "###############################################################" - echo "If there is no [FAILED] above, you can connect to your L2TP " - echo "VPN Server with the default Username/Password is below:" - echo - echo "Server IP: ${IP}" - echo "PSK : ${mypsk}" - echo "Username : ${username}" - echo "Password : ${password}" - echo - echo "If you want to modify user settings, please use below command(s):" - echo "l2tp -a (Add a user)" - echo "l2tp -d (Delete a user)" - echo "l2tp -l (List all users)" - echo "l2tp -m (Modify a user password)" - echo - echo "Welcome to visit our website: https://teddysun.com/448.html" - echo "Enjoy it!" - echo -} - - -l2tp(){ - clear - echo - echo "###############################################################" - echo "# L2TP VPN Auto Installer #" - echo "# System Supported: CentOS 6+ / Debian 7+ / Ubuntu 12+ #" - echo "# Intro: https://teddysun.com/448.html #" - echo "# Author: Teddysun #" - echo "###############################################################" - echo - rootness - tunavailable - disable_selinux - version_check - get_os_info - preinstall_l2tp - install_l2tp - finally -} - -list_users(){ - if [ ! -f /etc/ppp/chap-secrets ];then - echo "Error: /etc/ppp/chap-secrets file not found." - exit 1 - fi - local line="+-------------------------------------------+\n" - local string=%20s - printf "${line}|${string} |${string} |\n${line}" Username Password - grep -v "^#" /etc/ppp/chap-secrets | awk '{printf "|'${string}' |'${string}' |\n", $1,$3}' - printf ${line} -} - -add_user(){ - while : - do - read -p "Please input your Username:" user - if [ -z ${user} ]; then - echo "Username can not be empty" - else - grep -w "${user}" /etc/ppp/chap-secrets > /dev/null 2>&1 - if [ $? -eq 0 ];then - echo "Username (${user}) already exists. Please re-enter your username." - else - break - fi - fi - done - pass=`rand` - echo "Please input ${user}'s password:" - read -p "(Default Password: ${pass}):" tmppass - [ ! -z ${tmppass} ] && pass=${tmppass} - echo "${user} l2tpd ${pass} *" >> /etc/ppp/chap-secrets - echo "Username (${user}) add completed." -} - -del_user(){ - while : - do - read -p "Please input Username you want to delete it:" user - if [ -z ${user} ]; then - echo "Username can not be empty" - else - grep -w "${user}" /etc/ppp/chap-secrets >/dev/null 2>&1 - if [ $? -eq 0 ];then - break - else - echo "Username (${user}) is not exists. Please re-enter your username." - fi - fi - done - sed -i "/^\<${user}\>/d" /etc/ppp/chap-secrets - echo "Username (${user}) delete completed." -} - -mod_user(){ - while : - do - read -p "Please input Username you want to change password:" user - if [ -z ${user} ]; then - echo "Username can not be empty" - else - grep -w "${user}" /etc/ppp/chap-secrets >/dev/null 2>&1 - if [ $? -eq 0 ];then - break - else - echo "Username (${user}) is not exists. Please re-enter your username." - fi - fi - done - pass=`rand` - echo "Please input ${user}'s new password:" - read -p "(Default Password: ${pass}):" tmppass - [ ! -z ${tmppass} ] && pass=${tmppass} - sed -i "/^\<${user}\>/d" /etc/ppp/chap-secrets - echo "${user} l2tpd ${pass} *" >> /etc/ppp/chap-secrets - echo "Username ${user}'s password has been changed." -} - - - -# Main process -action=$1 -if [ -z ${action} ] && [ "`basename $0`" != "l2tp" ]; then - action=install -fi - -case ${action} in - install) - l2tp 2>&1 | tee ${cur_dir}/l2tp.log - ;; - -l|--list) - list_users - ;; - -a|--add) - add_user - ;; - -d|--del) - del_user - ;; - -m|--mod) - mod_user - ;; - -h|--help) - echo "Usage: `basename $0` -l,--list List all users" - echo " `basename $0` -a,--add Add a user" - echo " `basename $0` -d,--del Delete a user" - echo " `basename $0` -m,--mod Modify a user password" - echo " `basename $0` -h,--help Print this help information" - ;; - *) - echo "Usage: `basename $0` [-l,--list|-a,--add|-d,--del|-m,--mod|-h,--help]" && exit - ;; -esac diff --git a/plugins/l2tp/tmp/chap-secrets b/plugins/l2tp/tmp/chap-secrets deleted file mode 100644 index 20721096a..000000000 --- a/plugins/l2tp/tmp/chap-secrets +++ /dev/null @@ -1,3 +0,0 @@ -# Secrets for authentication using CHAP -# client server secret IP addresses -demo demo demo * diff --git a/plugins/l2tp/tmp/ipsec.secrets b/plugins/l2tp/tmp/ipsec.secrets deleted file mode 100644 index e186ee087..000000000 --- a/plugins/l2tp/tmp/ipsec.secrets +++ /dev/null @@ -1 +0,0 @@ -%any %any : PSK "midoks"