Revision 09eeac7b
Added by Brad Davis almost 3 years ago
| src/usr/local/sbin/openvpn.connect_async.sh | ||
|---|---|---|
| 75 | 75 |
fi |
| 76 | 76 |
fi |
| 77 | 77 |
|
| 78 |
/sbin/pfctl -k $ifconfig_pool_remote_ip
|
|
| 79 |
/sbin/pfctl -K $ifconfig_pool_remote_ip
|
|
| 80 |
/sbin/pfctl -k $ifconfig_pool_remote_ip6
|
|
| 81 |
/sbin/pfctl -K $ifconfig_pool_remote_ip6
|
|
| 78 |
/sbin/pfctl -k "$ifconfig_pool_remote_ip"
|
|
| 79 |
/sbin/pfctl -K "$ifconfig_pool_remote_ip"
|
|
| 80 |
/sbin/pfctl -k "$ifconfig_pool_remote_ip6"
|
|
| 81 |
/sbin/pfctl -K "$ifconfig_pool_remote_ip6"
|
|
| 82 | 82 |
elif [ "${script_type}" = "client-connect" ]; then
|
| 83 | 83 |
log_session "connecting" |
| 84 | 84 |
|
| ... | ... | |
| 96 | 96 |
do :; done |
| 97 | 97 |
if [ ${i} -ge 3 ]; then
|
| 98 | 98 |
log_session "server write to defer file failed" |
| 99 |
/bin/echo 0 > ${client_connect_deferred_file}
|
|
| 99 |
/bin/echo 0 > "${client_connect_deferred_file}"
|
|
| 100 | 100 |
exit 1 |
| 101 | 101 |
fi |
| 102 | 102 |
|
| ... | ... | |
| 107 | 107 |
|
| 108 | 108 |
# Process "Duplicate Connection Limit" setting |
| 109 | 109 |
if [ -n "${active_sessions}" ]; then
|
| 110 |
vpnid=$(/bin/echo ${dev} | /usr/bin/sed -e 's/ovpns//g')
|
|
| 110 |
vpnid=$(/bin/echo "${dev}" | /usr/bin/sed -e 's/ovpns//g')
|
|
| 111 | 111 |
if [ -f "/var/etc/openvpn/server${vpnid}/connuserlimit" ]; then
|
| 112 | 112 |
sessionlimit=$(/usr/bin/head -1 "/var/etc/openvpn/server${vpnid}/connuserlimit" | /usr/bin/sed -e 's/[[:space:]]//g')
|
| 113 | 113 |
if [ "${sessionlimit}" -ge 1 ]; then
|
| ... | ... | |
| 118 | 118 |
fi |
| 119 | 119 |
sessioncount=$(/bin/echo "${active_sessions}" | /usr/bin/grep -o "${usersession}" | /usr/bin/wc -l | /usr/bin/sed -e 's/[[:space:]]//g')
|
| 120 | 120 |
|
| 121 |
if [ ${sessioncount} -gt ${sessionlimit} ]; then
|
|
| 121 |
if [ "${sessioncount}" -gt "${sessionlimit}" ]; then
|
|
| 122 | 122 |
log_session "active connection limit of '${sessionlimit}' reached"
|
| 123 |
/bin/echo 0 > ${client_connect_deferred_file}
|
|
| 123 |
/bin/echo 0 > "${client_connect_deferred_file}"
|
|
| 124 | 124 |
if [ -n "${username}" ]; then
|
| 125 | 125 |
/bin/rm "${rulesfile}"
|
| 126 | 126 |
fi |
| ... | ... | |
| 143 | 143 |
do :; done |
| 144 | 144 |
if [ ${i} -ge 30 ]; then
|
| 145 | 145 |
log_session "Timeout while waiting for lockfile" |
| 146 |
/bin/echo 0 > ${client_connect_deferred_file}
|
|
| 146 |
/bin/echo 0 > "${client_connect_deferred_file}"
|
|
| 147 | 147 |
exit 1 |
| 148 | 148 |
else |
| 149 | 149 |
/usr/bin/touch "${lockfile}"
|
| ... | ... | |
| 160 | 160 |
fi |
| 161 | 161 |
done |
| 162 | 162 |
|
| 163 |
if [ -f "${rulesfile}"]; then
|
|
| 163 |
if [ -f "${rulesfile}" ]; then
|
|
| 164 | 164 |
/bin/echo "$(/usr/bin/sed -e "s/{clientip}/${ifconfig_pool_remote_ip}/g;s/{clientipv6}/${ifconfig_pool_remote_ip6}/g" "${rulesfile}")" > "${rulesfile}"
|
| 165 | 165 |
eval "/sbin/pfctl -a '${anchorname}' -f '${rulesfile}'"
|
| 166 | 166 |
fi |
| ... | ... | |
| 170 | 170 |
fi |
| 171 | 171 |
|
| 172 | 172 |
# success; allow client connection |
| 173 |
/bin/echo 1 > ${client_connect_deferred_file}
|
|
| 173 |
/bin/echo 1 > "${client_connect_deferred_file}"
|
|
| 174 | 174 |
log_session "connected" |
| 175 | 175 |
fi |
| 176 | 176 |
|
Also available in: Unified diff
Properly quote variables
No functional change intended