Class: Kytoon::Vpn::VpnOpenVpn
Constant Summary
Kytoon::Vpn::VpnConnection::CERT_DIR
Instance Method Summary
collapse
#create_certs, #delete_certs, #get_cfile
Constructor Details
#initialize(group, client = nil) ⇒ VpnOpenVpn
Returns a new instance of VpnOpenVpn.
5
6
7
|
# File 'lib/kytoon/vpn/vpn_openvpn.rb', line 5
def initialize(group, client = nil)
super(group, client)
end
|
Instance Method Details
#clean ⇒ Object
93
94
95
|
# File 'lib/kytoon/vpn/vpn_openvpn.rb', line 93
def clean
delete_certs
end
|
#connect ⇒ Object
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
# File 'lib/kytoon/vpn/vpn_openvpn.rb', line 9
def connect
create_certs
@up_script=get_cfile('up.bash')
File.open(@up_script, 'w') do |f|
f << <<EOF_UP
#!/bin/bash
# setup routes
/sbin/route add #{@group.vpn_network.chomp("0")+"1"} dev \$dev
/sbin/route add -net #{@group.vpn_network} netmask 255.255.128.0 gw #{@group.vpn_network.chomp("0")+"1"}
mv /etc/resolv.conf /etc/resolv.conf.bak
egrep ^search /etc/resolv.conf.bak | sed -e 's/search /search #{@group.domain_name} /' > /etc/resolv.conf
echo 'nameserver #{@group.vpn_network.chomp("0")+"1"}' >> /etc/resolv.conf
grep ^nameserver /etc/resolv.conf.bak >> /etc/resolv.conf
EOF_UP
f.chmod(0700)
end
@down_script=get_cfile('down.bash')
File.open(@down_script, 'w') do |f|
f << <<EOF_DOWN
#!/bin/bash
mv /etc/resolv.conf.bak /etc/resolv.conf
EOF_DOWN
f.chmod(0700)
end
@config_file=get_cfile('config')
File.open(@config_file, 'w') do |f|
f << <<EOF_CONFIG
client
dev #{@group.vpn_device}
proto #{@group.vpn_proto}
#Change my.publicdomain.com to your public domain or IP address
remote #{@group.gateway_ip} 1194
resolv-retry infinite
nobind
persist-key
persist-tun
script-security 2
ca #{@ca_cert}
cert #{@client_cert}
key #{@client_key}
ns-cert-type server
route-nopull
comp-lzo
verb 3
up #{@up_script}
down #{@down_script}
EOF_CONFIG
f.chmod(0600)
end
disconnect if File.exist?(get_cfile('openvpn.pid'))
out=%x{sudo openvpn --config #{@config_file} --writepid #{get_cfile('openvpn.pid')} --daemon}
retval=$?
if retval.success? then
poll_vpn_interface
puts "OK."
else
raise "Failed to create VPN connection: #{out}"
end
end
|
#connected? ⇒ Boolean
89
90
91
|
# File 'lib/kytoon/vpn/vpn_openvpn.rb', line 89
def connected?
system("/sbin/route -n | grep #{@group.vpn_network.chomp("0")+"1"} &> /dev/null")
end
|
#disconnect ⇒ Object
82
83
84
85
86
87
|
# File 'lib/kytoon/vpn/vpn_openvpn.rb', line 82
def disconnect
raise "Not running? No pid file found!" unless File.exist?(get_cfile('openvpn.pid'))
pid = File.read(get_cfile('openvpn.pid')).chomp
system("sudo kill -TERM #{pid}")
File.delete(get_cfile('openvpn.pid'))
end
|