module(..., package.seeall)
-- Load libraries
require("fs")
require("procps")
require("format")
require("daemoncontrol")
require("validator")
require("processinfo")
-- Set variables
local configfile = "/etc/racoon/racoon.conf"
local configfile2 = "/etc/ipsec.conf"
local processname = "racoon"
local packagename = "ipsec-tools"
local baseurl = "/etc/racoon/"
local descr = {
state={
['9']="Established",
},
side={
['R']="We are 'Responder'.",
['I']="We 'Initiated' this phase1",
},
exchange={
['M']="Main mode",
['A']="Agressive mode",
['B']="Basic mode",
},
}
-- ################################################################################
-- LOCAL FUNCTIONS
local function ip_xfrm(mode)
local cmd_output_result
local cmd = "/bin/ip xfrm " .. mode .. " 2>/dev/null"
local f = io.popen( cmd )
local cmd_output_result = f:read("*a")
f:close()
return cmd_output_result
end
local function phase2details(dst)
local output = {}
dst = string.match(dst,"^(.*)%.") -- Removes the portnumber
table.insert(output, {label="Outgoing", value=ip_xfrm("state list src ".. dst .. " | grep '^src'")})
table.insert(output, {label="Incoming", value=ip_xfrm("state list dst ".. dst .. " | grep '^src'")})
return output
end
local function racoonctl_table()
local output = {}
local cmd = "/usr/sbin/racoonctl -lll show-sa isakmp 2>/dev/null"
local f = io.popen( cmd )
local value = f:read("*a")
f:close()
for k,v in pairs(format.string_to_table(value,"\n")) do
if not ((string.find(v,"^Source")) or (#v == 0)) then
output[k]={}
local variable=format.string_to_table(v,"%s+")
output[k]['Source']=cfe({
name="Source",
label="Source",
value=variable[1],
})
output[k]['Destination']=cfe({
name="Destination",
label="Destination",
value=variable[2],
})
output[k]['Cookies']=cfe({
name="Cookies",
label="Cookies",
value=variable[3],
})
output[k]['St']=cfe({
name="St",
label="State",
value=variable[4],
descr=descr.state[variable[4]],
})
output[k]['S']=cfe({
name="S",
label="Side",
value=variable[5],
descr=descr.side[variable[5]],
})
output[k]['V']=cfe({
name="V",
label="Version",
value=variable[6],
})
output[k]['E']=cfe({
name="E",
label="Exchange",
value=variable[7],
descr=descr.exchange[variable[7]],
})
output[k]['Created']=cfe({
name="Created",
label="Created",
value=(variable[8] or "") .. " " .. (variable[9] or ""),
})
local phase2s = phase2details(variable[2])
output[k]['Phase2']=cfe({
name="Phase2",
label="Phase2",
value=variable[10],
option=phase2s,
})
output[k]['Phase2details']=cfe({
name="Phase2details",
label="Phase2details",
value=tostring(string.gsub(phase2s[1]['value'],"\n","
")) .. tostring(string.gsub(phase2s[2]['value'],"\n","
"))
})
end
end
return output
end
function process_status_text(procname)
local t = procps.pidof(procname)
if (t) and (#t > 0) then
return "Enabled"
else
return "Disabled"
end
end
-- ################################################################################
-- PUBLIC FUNCTIONS
function startstop_service ( self, action )
local cmd = action.value
local cmdresult,cmdmessage,cmderror,cmdaction = daemoncontrol.daemoncontrol(processname, cmd)
action.descr=cmdmessage
action.errtxt=cmderror
return cmdresult,action
end
function getstatus()
local status = {}
local value, errtxt = processinfo.package_version(packagename)
status.version = cfe({ name = "version",
label="Program version",
value=value,
errtxt=errtxt,
})
status.status = cfe({ name="status",
label="Program status",
value=process_status_text(processname),
})
local autostart_sequense, autostart_errtxt = processinfo.process_botsequence(processname)
status.autostart = cfe({ name="autostart",
label="Autostart sequence",
value=autostart_sequense,
errtxt=autostart_errtxt,
})
status.show_isakmp = cfe({ name="show_isakmp",
label="Tunnels",
option=racoonctl_table(),
})
status.ip_xfrm_policy = cfe({ name="ip_xfrm_policy",
label="ip xfrm policy",
value=ip_xfrm("policy"),
})
return status
end
function getconfig()
local config = {}
return config
end
function get_filedetails(self,num)
local path
if (num == "2") then
path = configfile2
else
path = configfile
end
local file = {}
local filedetails = {}
local config = {}
local filenameerrtxt
if (path) and (fs.is_file(path)) then
filedetails = fs.stat(path)
config = getconfig(path)
else
config = {}
config.filename = {}
config["filename"]["errtxt"]="Config file '".. path .. "' is missing!"
end
file["filename" .. (num or "")] = cfe({
name="filename" .. (num or ""),
label="File name",
value=path,
errtxt=filenameerrtxt
})
file["filesize" .. (num or "")] = cfe({
name="filesize" .. (num or ""),
label="File size",
value=filedetails.size or 0,
})
file["mtime" .. (num or "")] = cfe({
name="mtime" .. (num or ""),
label="File date",
value=filedetails.mtime or "---",
})
file["filecontent" .. (num or "")] = cfe({
type="longtext",
name="filecontent" .. (num or ""),
label="File content",
value=fs.read_file(path),
})
-- Sum all errors into one cfe
local sumerrors = ""
for k,v in pairs(config) do
if (config[k]) and (config[k]["errtxt"]) and (config[k]["errtxt"] ~= "") then
sumerrors = sumerrors .. config[k]["errtxt"] .. "\n"
end
end
if (sumerrors ~= "") then
file["sumerrors" .. (num or "")] = cfe ({
name="sumerrors" .. (num or ""),
label = "Configuration errors",
errtxt = string.match(sumerrors, "(.-)\n$"),
})
end
return file
end
function update_filecontent (self, modifications)
local path = configfile
local file_result,err = fs.write_file(path, format.dostounix(modifications))
return file_result
end
function update_filecontent2 (self, modifications)
local path = configfile2
local file_result,err = fs.write_file(path, format.dostounix(modifications))
return file_result
end
function get_logfile ()
local file = {}
local cmdtxt = "grep " .. processname .. " /var/log/messages"
local cmd, error = io.popen(cmdtxt ,r)
local cmdoutput = cmd:read("*a")
cmd:close()
file["filename"] = cfe({
name="filename",
label="File name",
value=cmdtxt,
})
file["filecontent"] = cfe({
type="longtext",
name="filecontent",
label="File content",
value=cmdoutput,
})
return file
end