diff options
Diffstat (limited to 'ipsectools-model.lua')
| -rw-r--r-- | ipsectools-model.lua | 203 |
1 files changed, 127 insertions, 76 deletions
diff --git a/ipsectools-model.lua b/ipsectools-model.lua index 26d9ffc..3582900 100644 --- a/ipsectools-model.lua +++ b/ipsectools-model.lua @@ -12,6 +12,21 @@ local processname = "racoon" local pkgname = "ipsec-tools" local baseurl = "/etc/racoon/" +local descr = { + state={ + ['9']="Established", + }, + side={ + ['R']="We are 'Responder'.", + ['I']="We 'Initiated' this phase1", + }, + exchange={ + ['M']="Main mode", + ['A']="Agressive mode", + ['B']="Basic mode", + }, + +} local function get_version() local cmd_output_result, cmd_output_error local cmd = "/sbin/apk_version -vs " .. pkgname .." 2>/dev/null" @@ -41,85 +56,91 @@ local function autostarts() end -local function racoonctl() - local cmd_output_result, cmd_output_error - local cmd = "/usr/sbin/racoonctl -lll show-sa isakmp 2>/dev/null" +local function ip_xfrm(mode) + local cmd_output_result + local cmd = "/bin/ip xfrm " .. mode .. " 2>/dev/null" local f = io.popen( cmd ) local cmd_output_result = f:read("*a") f:close() - return cmd_output_result,cmd_output_error + return cmd_output_result end -local function racoonctl_table() - local value = racoonctl() +local function phase2details(dst) local output = {} - for k,v in pairs(format.string_to_table(value,"\n")) do - if not (string.find(v,"^Source")) then - output[k]={} - local variable=format.string_to_table(v,"%s+") - output[k]['Source']=cfe({ - name="Source", - label="Source", - value=variable[1], - }) - output[k]['Destination']=cfe({ - name="Destination", - label="Destination", - value=variable[2], - }) - output[k]['Cookies']=cfe({ - name="Cookies", - label="Cookies", - value=variable[3], - }) - output[k]['St']=cfe({ - name="St", - label="Variable St", - value=variable[4], - }) - output[k]['S']=cfe({ - name="S", - label="Variable S", - value=variable[5], - }) - output[k]['V']=cfe({ - name="V", - label="Variable V", - value=variable[6], - }) - output[k]['E']=cfe({ - name="E", - label="Variable E", - value=variable[7], - }) - output[k]['Created']=cfe({ - name="Created", - label="Created", - value=(variable[8] or "") .. " " .. (variable[9] or ""), - }) - - output[k]['Phase2']=cfe({ - name="Phase2", - label="Phase2", - value=variable[10], - }) - end - end + dst = string.match(dst,"^(.*)%.") -- Removes the portnumber + table.insert(output, {label="Outgoing", value=ip_xfrm("state list src ".. dst)}) + table.insert(output, {label="Incoming", value=ip_xfrm("state list dst ".. dst)}) return output end -local function ip_xfrm(mode) - local cmd_output_result - local cmd = "/bin/ip xfrm " .. mode .. " 2>/dev/null" +local function racoonctl_table() + local output = {} + local cmd = "/usr/sbin/racoonctl -lll show-sa isakmp 2>/dev/null" local f = io.popen( cmd ) - local cmd_output_result = f:read("*a") + local value = f:read("*a") f:close() - return cmd_output_result + for k,v in pairs(format.string_to_table(value,"\n")) do + if not ((string.find(v,"^Source")) or (#v == 0)) then + output[k]={} + local variable=format.string_to_table(v,"%s+") + output[k]['Source']=cfe({ + name="Source", + label="Source", + value=variable[1], + }) + output[k]['Destination']=cfe({ + name="Destination", + label="Destination", + value=variable[2], + }) + output[k]['Cookies']=cfe({ + name="Cookies", + label="Cookies", + value=variable[3], + }) + output[k]['St']=cfe({ + name="St", + label="State", + value=variable[4], + descr=descr.state[variable[4]], + }) + output[k]['S']=cfe({ + name="S", + label="Side", + value=variable[5], + descr=descr.side[variable[5]], + }) + output[k]['V']=cfe({ + name="V", + label="Version", + value=variable[6], + }) + output[k]['E']=cfe({ + name="E", + label="Exchange", + value=variable[7], + descr=descr.exchange[variable[7]], + }) + output[k]['Created']=cfe({ + name="Created", + label="Created", + value=(variable[8] or "") .. " " .. (variable[9] or ""), + }) + + output[k]['Phase2']=cfe({ + name="Phase2", + label="Phase2", + value=variable[10], + option=phase2details(variable[2]), + }) + end + end + return output end function process_status_text(procname) local t = procps.pidof(procname) - if #t > 0 then + if (t) and (#t > 0) then return "Enabled" else return "Disabled" @@ -129,6 +150,14 @@ end -- ################################################################################ -- PUBLIC FUNCTIONS +function startstop_service ( self, action ) + local cmd = action.value + local cmdresult,cmdmessage,cmderror,cmdaction = daemoncontrol.daemoncontrol(processname, cmd) + action.descr=cmdmessage + action.errtxt=cmderror + -- Reporting back (true|false, the original acition) + return cmdresult,action +end function getstatus() local status = {} @@ -147,19 +176,9 @@ function getstatus() errtxt=autostart_errtxt, }) - status.show_isakmp2 = cfe({ name="show_isakmp2", - label="Tunnels", - value=racoonctl_table(), - }) - status.show_isakmp = cfe({ name="show_isakmp", - label="racoonctl -lll show-sa isakmp", - value=racoonctl(), - }) - - status.ip_xfrm_state = cfe({ name="show_esp", - label="ip xfrm state", - value=ip_xfrm("state"), + label="Tunnels", + option=racoonctl_table(), }) status.ip_xfrm_policy = cfe({ name="ip_xfrm_policy", @@ -170,4 +189,36 @@ function getstatus() return status end +function get_filedetails() + local path = configfile + local filedetails = fs.stat(path) + local file = {} + file["filename"] = cfe({ + name="filename", + label="File name", + value=path, + }) + file["filesize"] = cfe({ + name="filesize", + label="File size", + value=filedetails.size or 0, + }) + file["mtime"] = cfe({ + name="mtime", + label="File date", + value=filedetails.mtime or "---", + }) + file["filecontent"] = cfe({ + type="longtext", + name="filecontent", + label="File content", + value=fs.read_file(path), + }) + return file +end +function update_filecontent (self, modifications) + local path = configfile + local file_result,err = fs.write_file(path, format.dostounix(modifications)) + return file_result +end |