module(..., package.seeall) -- Load libraries require("fs") require("procps") require("getopts") require("format") require("daemoncontrol") require("validator") require("processinfo") -- Set variables local configfile = "/etc/racoon/racoon.conf" local configfile2 = "/etc/ipsec.conf" local processname = "racoon" local packagename = "ipsec-tools" local baseurl = "/etc/racoon/" local descr = { state={ ['9']="Established", }, side={ ['R']="We are 'Responder'.", ['I']="We 'Initiated' this phase1", }, exchange={ ['M']="Main mode", ['A']="Agressive mode", ['B']="Basic mode", }, } -- ################################################################################ -- LOCAL FUNCTIONS local function ip_xfrm(mode) local cmd_output_result local cmd = "/bin/ip xfrm " .. mode .. " 2>/dev/null" local f = io.popen( cmd ) local cmd_output_result = f:read("*a") f:close() return cmd_output_result end local function phase2details(dst) local output = {} dst = string.match(dst,"^(.*)%.") -- Removes the portnumber table.insert(output, {label="Outgoing", value=ip_xfrm("state list src ".. dst)}) table.insert(output, {label="Incoming", value=ip_xfrm("state list dst ".. dst)}) return output end local function racoonctl_table() local output = {} local cmd = "/usr/sbin/racoonctl -lll show-sa isakmp 2>/dev/null" local f = io.popen( cmd ) local value = f:read("*a") f:close() for k,v in pairs(format.string_to_table(value,"\n")) do if not ((string.find(v,"^Source")) or (#v == 0)) then output[k]={} local variable=format.string_to_table(v,"%s+") output[k]['Source']=cfe({ name="Source", label="Source", value=variable[1], }) output[k]['Destination']=cfe({ name="Destination", label="Destination", value=variable[2], }) output[k]['Cookies']=cfe({ name="Cookies", label="Cookies", value=variable[3], }) output[k]['St']=cfe({ name="St", label="State", value=variable[4], descr=descr.state[variable[4]], }) output[k]['S']=cfe({ name="S", label="Side", value=variable[5], descr=descr.side[variable[5]], }) output[k]['V']=cfe({ name="V", label="Version", value=variable[6], }) output[k]['E']=cfe({ name="E", label="Exchange", value=variable[7], descr=descr.exchange[variable[7]], }) output[k]['Created']=cfe({ name="Created", label="Created", value=(variable[8] or "") .. " " .. (variable[9] or ""), }) output[k]['Phase2']=cfe({ name="Phase2", label="Phase2", value=variable[10], option=phase2details(variable[2]), }) end end return output end function process_status_text(procname) local t = procps.pidof(procname) if (t) and (#t > 0) then return "Enabled" else return "Disabled" end end -- ################################################################################ -- PUBLIC FUNCTIONS function startstop_service ( self, action ) local cmd = action.value local cmdresult,cmdmessage,cmderror,cmdaction = daemoncontrol.daemoncontrol(processname, cmd) action.descr=cmdmessage action.errtxt=cmderror return cmdresult,action end function getstatus() local status = {} local value, errtxt = processinfo.package_version(packagename) status.version = cfe({ name = "version", label="Program version", value=value, errtxt=errtxt, }) status.status = cfe({ name="status", label="Program status", value=process_status_text(processname), }) local autostart_sequense, autostart_errtxt = processinfo.process_botsequence(processname) status.autostart = cfe({ name="autostart", label="Autostart sequence", value=autostart_sequense, errtxt=autostart_errtxt, }) status.show_isakmp = cfe({ name="show_isakmp", label="Tunnels", option=racoonctl_table(), }) status.ip_xfrm_policy = cfe({ name="ip_xfrm_policy", label="ip xfrm policy", value=ip_xfrm("policy"), }) return status end function getconfig() local config = {} return config end function get_filedetails(self,num) local path if (num == "2") then path = configfile2 else path = configfile end local file = {} local filedetails = {} local config = {} local filenameerrtxt if (path) and (fs.is_file(path)) then filedetails = fs.stat(path) config = getconfig(path) else config = {} config.filename = {} config["filename"]["errtxt"]="Config file '".. path .. "' is missing!" end file["filename" .. (num or "")] = cfe({ name="filename" .. (num or ""), label="File name", value=path, errtxt=filenameerrtxt }) file["filesize" .. (num or "")] = cfe({ name="filesize" .. (num or ""), label="File size", value=filedetails.size or 0, }) file["mtime" .. (num or "")] = cfe({ name="mtime" .. (num or ""), label="File date", value=filedetails.mtime or "---", }) file["filecontent" .. (num or "")] = cfe({ type="longtext", name="filecontent" .. (num or ""), label="File content", value=fs.read_file(path), }) -- Sum all errors into one cfe local sumerrors = "" for k,v in pairs(config) do if (config[k]) and (config[k]["errtxt"]) and (config[k]["errtxt"] ~= "") then sumerrors = sumerrors .. config[k]["errtxt"] .. "\n" end end if (sumerrors ~= "") then file["sumerrors" .. (num or "")] = cfe ({ name="sumerrors" .. (num or ""), label = "Configuration errors", errtxt = string.match(sumerrors, "(.-)\n$"), }) end return file end function update_filecontent (self, modifications) local path = configfile local file_result,err = fs.write_file(path, format.dostounix(modifications)) return file_result end function update_filecontent2 (self, modifications) local path = configfile2 local file_result,err = fs.write_file(path, format.dostounix(modifications)) return file_result end function get_logfile () local file = {} local cmdtxt = "grep " .. processname .. " /var/log/messages" local cmd, error = io.popen(cmdtxt ,r) local cmdoutput = cmd:read("*a") cmd:close() file["filename"] = cfe({ name="filename", label="File name", value=cmdtxt, }) file["filecontent"] = cfe({ type="longtext", name="filecontent", label="File content", value=cmdoutput, }) return file end