#!/usr/bin/lua
--[[
Part of AREDN -- Used for creating Amateur Radio Emergency Data Networks
Copyright (C) 2021 Tim Wilkinson
Original Perl Copyright (c) 2015 Darryl Quinn
See Contributors file for additional contributors
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation version 3 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see .
Additional Terms:
Additional use restrictions exist on the AREDN(TM) trademark and logo.
See AREDNLicense.txt for more info.
Attributions to the AREDN Project must be retained in the source code.
If importing this code into a new or existing project attribution
to the AREDN project must be added to the source code.
You must not misrepresent the origin of the material contained within.
Modified versions must be modified to attribute to the original source
and be marked in reasonable ways as differentiate it from the original
version
--]]
require("nixio")
require("aredn.http")
require("aredn.utils")
require("aredn.html")
require("aredn.hardware")
aredn.info = require("aredn.info")
require("uci")
local html = aredn.html
local cursor = uci.cursor("/etc/config.mesh");
local node = aredn.info.get_nvram("node")
if node == "" then
node = "NOCALL"
end
-- truncate node name down to 23 chars (max) to avoid vtun issues
-- this becomes the vtun "username"
node = node:sub(1, 23)
local config = aredn.info.get_nvram("config");
local VPNVER = "1.0"
-- post_data
local parms = {}
if os.getenv("REQUEST_METHOD") == "POST" then
require('luci.http')
local request = luci.http.Request(nixio.getenv(),
function()
local v = io.read(1024)
if not v then
io.close()
end
return v
end
)
parms = request:formvalue()
end
-- wireguard
local wireguard_alive_time = 300 -- 5 minutes
-- helpers start
local hidden = {}
function hide(inp)
hidden[#hidden + 1] = inp
end
local conn_err = {}
function err(msg)
conn_err[#conn_err + 1] = msg
end
local errors = {}
function err2(msg)
errors[#errors + 1] = msg
end
function get_active_tun()
local tuns = {}
local f = io.popen("ps -w | grep vtun | grep ' tun '")
if f then
for line in f:lines()
do
local m = line:match(".*:.*-(172%-.*)%stun%stun.*")
if m then
tuns[#tuns + 1] = m:gsub("-", ".")
end
end
f:close()
end
return tuns
end
function get_active_wgtun()
local tuns = {}
local f = io.popen("/usr/bin/wg show all latest-handshakes")
if f then
for line in f:lines()
do
local k,v = line:match("^%S+%s+(%S+)%s+(%S+)%s*$")
if k then
tuns[k] = tonumber(v) -- time in seconds
end
end
f:close()
end
return tuns
end
function is_tunnel_active(ip, tunnels)
for _, aip in ipairs(tunnels)
do
if ip == aip then
return true
end
end
return false
end
function is_wgtunnel_active(key, wgtunnels)
local key = key:match("^(.*=).*=.*=$")
local v = wgtunnels[key]
if v and v + wireguard_alive_time > os.time() then
return true
end
return false
end
-- helpers end
local gci_vars = { "enabled", "host", "passwd", "netip", "contact" }
function get_connection_info()
local c = 0
cursor:foreach("vtun", "server",
function(section)
for _, var in ipairs(gci_vars)
do
local key = "conn" .. c .. "_" .. var
parms[key] = section[var]
if not parms[key] then
parms[key] = ""
end
end
c = c + 1
end
)
parms.conn_num = c
end
if parms.button_reboot then
local node = aredn.info.get_nvram("node")
if node == "" then
node = "Node"
end
local lanip, _, lanmask = aredn.hardware.get_interface_ip4(aredn.hardware.get_iface_name("lan"))
local browser = os.getenv("REMOTE_ADDR")
local browser6 = browser:match("::ffff:([%d%.]+)")
if browser6 then
browser = browser6
end
local fromlan = false
local subnet_change = false
if lanip then
fromlan = validate_same_subnet(browser, lanip, lanmask)
if fromlan then
lanmask = ip_to_decimal(lanmask)
local cfgip = cursor:get("network", "lan", "ipaddr")
local cfgmask = ip_to_decimal(cursor:get("network", "lan", "netmask"))
if lanmask ~= cfgmask or nixio.bit.band(ip_to_decimal(lanip), lanmask) ~= nixio.bit.band(ip_to_decimal(cfgip), cfgmask) then
subnet_change = true
end
end
end
http_header()
if fromlan and subnet_change then
html.header(node .. " rebooting", true);
html.print("
")
html.print("
" .. node .. " is rebooting
")
html.print("
The LAN subnet has changed. You will need to acquire a new DHCP lease ")
html.print("and reset any name service caches you may be using.