[PATCH 3/4] Add package fff-vpn-select

Tim Niemeyer tim at tn-x.org
So Jul 3 22:11:43 CEST 2016 

Hi

Ich hab mir das jetzt noch nicht im Detail angeschaut. Muss das auch
erst noch auf mich wirken lassen. Scheint aber insgesamt schon mal sehr
gut in die Richtung zu gehen, welche mir sehr zu sagt.

Am Sonntag, den 26.06.2016, 23:23 +0200 schrieb Robert Langhammer:
> Signed-off-by: Robert Langhammer <rlanghammer at web.de>
> ---
>  src/packages/fff/fff-vpn-select/Makefile           | 41 +++++++++++
>  .../files/etc/hotplug.d/iface/50-vpn-select        |  6 ++
>  .../files/usr/lib/micron.d/vpn-select              |  1 +
>  .../fff/fff-vpn-select/files/usr/sbin/vpn-select   | 80 ++++++++++++++++++++++
>  4 files changed, 128 insertions(+)
>  create mode 100644 src/packages/fff/fff-vpn-select/Makefile
>  create mode 100755 src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
>  create mode 100644 src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
>  create mode 100755 src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
> 
> diff --git a/src/packages/fff/fff-vpn-select/Makefile b/src/packages/fff/fff-vpn-select/Makefile
> new file mode 100644
> index 0000000..30d9cc1
> --- /dev/null
> +++ b/src/packages/fff/fff-vpn-select/Makefile
> @@ -0,0 +1,41 @@
> +include $(TOPDIR)/rules.mk
> +
> +PKG_NAME:=fff-vpn-select
> +PKG_VERSION:=1
> +PKG_RELEASE:=1
> +
> +PKG_BUILD_DIR:=$(BUILD_DIR)/fff-vpn-select
> +
> +include $(INCLUDE_DIR)/package.mk
> +
> +define Package/fff-vpn-select
> +    SECTION:=base
> +    CATEGORY:=Freifunk
> +    TITLE:= Freifunk-Franken vpn-select
> +    URL:=http://www.freifunk-franken.de
> +    DEPENDS:=+fff-tunneldigger \
> +             +fff-fastd
> +endef
> +
> +define Package/fff-vpn-select/description
> +    Thie package selects and starts the VPN 
> +    In this version fastd and l2tp via tunneldigger
> +endef
> +
> +define Build/Prepare
> +       echo "all: " > $(PKG_BUILD_DIR)/Makefile
> +endef
> +
> +define Build/Configure
> +       # nothing
> +endef
> +
> +define Build/Compile
> +       # nothing
> +endef
> +
> +define Package/fff-vpn-select/install
> +       $(CP) ./files/* $(1)/
> +endef
> +
> +$(eval $(call BuildPackage,fff-vpn-select))
> diff --git a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
> new file mode 100755
> index 0000000..16d9853
> --- /dev/null
> +++ b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
> @@ -0,0 +1,6 @@
> +#!/bin/sh 
> +[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && {
> +       sleep 3
> +       /usr/sbin/vpn-select
> +}
> +
> diff --git a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
> new file mode 100644
> index 0000000..dc20486
> --- /dev/null
> +++ b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
> @@ -0,0 +1 @@
> +*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/vpn-select
> diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
> new file mode 100755
> index 0000000..165c584
> --- /dev/null
> +++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
> @@ -0,0 +1,80 @@
> +#!/bin/sh
> +
> +test -f /tmp/started || exit
> +
> +make_config() {
> +# remove old config
> +>etc/config/tunneldigger
Ein / fehlt am Anfang des Pfades.

Tim

> +rm /tmp/fastd_${project}_peers/*
> +count=0
> +# get fastd peers
> +pubkey=$(echo "secret \"$(uci get fastd.fff.secret)\";" | fastd -c - --show-key --machine-readable)
> +wget -T15 "http://keyserver.freifunk-franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port&key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output
> +filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print $0; }' /tmp/fastd_${project}_output)
> +for file in $filecounts; do
> +    awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" /tmp/fastd_${project}_output | sed 's/ float;/;/g' > /etc/fastd/$project/peers/$file
> +    echo 'float yes;' >> /etc/fastd/$project/peers/$file
> +
> +    # ask for Broker and select the tunnel
> +    IP=$(awk -F\" '/remote/ {print $2}' /etc/fastd/${project}/peers/$file)
> +    if [ "l2tp" = "$(wget -T10 $IP/vpn.txt -O - 2>/dev/null)" ]; then
> +        # Gateway offers l2tp
> +        FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' /etc/fastd/${project}/peers/$file)
> +        L2PORT=$((FDPORT + 10000))
> +        UUID=_$hostname
> +
> +        uci set tunneldigger.$count=broker
> +        uci set tunneldigger.$count.address="$IP:$L2PORT"
> +        uci set tunneldigger.$count.uuid="$UUID"
> +        uci set tunneldigger.$count.interface="l2tp$count"
> +        uci set tunneldigger.$count.enabled="1"
> +        uci set tunneldigger.$count.hook_script='/etc/tunneldigger/tunneldigger.hook'
> +        uci commit tunneldigger
> +        count=$((count + 1))
> +        # remove this fastd-peer
> +        rm /etc/fastd/${project}/peers/$file
> +    fi
> +done
> +}
> +
> +# main
> +test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken keyserver
> +test_ipv4_host2="8.8.8.8"        # Google DNS
> +test_ipv6_host1="heise.de"       # heise Zeitschriftenverlag
> +
> +# Only do something when the router has internet connection
> +if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
> +   ping -w5 -c3 "$test_ipv4_host2" &>/dev/null ||
> +   ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then
> +
> +    #set some vars
> +    . /etc/community.cfg
> +    project="$VPN_PROJECT"
> +    mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' /sys/class/net/br-mesh/address 2>/dev/null)
> +    lat=$(uci get system. at system[0].latitude)
> +    long=$(uci get system. at system[0].longitude)
> +    hostname=$(cat /proc/sys/kernel/hostname)
> +    [ "$hostname" = "OpenWrt" ] && hostname=""
> +    [ "$hostname" = "" ] &&  hostname="$mac"
> +
> +    if [ ! -d /tmp/fastd_${project}_peers ]; then
> +        # first run after reboot
> +        mkdir /tmp/fastd_${project}_peers
> +        # do we have a fastd secret
> +        if [ "$(uci get fastd.${project}.secret)" = "generate" -o -z "$(uci get fastd.${project}.secret)" ]; then
> +            secret=$(fastd --generate-key 2>&1 |  awk '/[Ss]ecret/ { print $2 }')
> +            uci set fastd.${project}.secret="$secret"
> +            uci commit fastd
> +        fi
> +        make_config
> +        /etc/init.d/fastd start
> +        /etc/init.d/tunneldigger start
> +    else
> +        # check if new tunneldigger conf is different
> +        md5old=$(md5sum /etc/config/tunneldigger | cut -f1 -d" ")
> +        make_config
> +        md5new=$(md5sum /etc/config/tunneldigger | cut -f1 -d" ")
> +        [ "$md5new" != "$md5old" ] && /etc/init.d/tunneldigger restart
> +        /etc/init.d/fastd reload
> +    fi
> +fi
> -- 
> 2.8.0.rc3
> 

-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname   : signature.asc
Dateityp    : application/pgp-signature
Dateigröße  : 473 bytes
Beschreibung: This is a digitally signed message part
URL         : <http://lists.freifunk.net/pipermail/franken-dev-freifunk.net/attachments/20160703/e022f312/attachment.sig>

Mehr Informationen über die Mailingliste franken-dev