kanazux · February 22, 2016 14:32
diff --git a/install_ipsec_monitor.php b/install_ipsec_monitor.php
 <?php

 /*
 *  Autor: Silvio Giunge a.k.a kanazuchi
 *  <[email protected]>
 *
 */

 require_once("config.inc");
 require_once("services.inc");

 if (file_exists("restart_vpn_ipsec.php"))
    mwexec("/bin/cp restart_vpn_ipsec.php usr/local/bin/");

 if (file_exists("ipsec_police_monitor.sh")) {
    mwexec("/bin/cp ipsec_police_monitor.sh /usr/local/sbin/");
    mwexec("/bin/chmod +x /usr/local/bin/ipsec_police_monitor.sh");
 }

 if (!is_array($config['cron']['item']))
    $config['cron']['item'] = array();

 $display_cron = array(
        'minute'    => "*/15",
        'hour'      => "*",
        'mday'      => "*",
        'month'     => "*",
        'wday'      => "*",
        'who'       => "root",
        'command'   => "/bin/sh /usr/local/bin/ipsec_police_monitor.sh");

 $config['cron']['item'][] = $display_cron;

 write_config(gettext("Installed ipsec monitor service."));

 configure_cron();
 
 ?>
diff --git a/ipsec_police_monitor.sh b/ipsec_police_monitor.sh
 #!/bin/sh
 #
 #  Autor: Silvio Giunge a.k.a kanazuchi
 #  <[email protected]>
 #

 [ $(/bin/pgrep -f ipsec_police_monitor | wc -l) -gt 0 ] && exit 0

 read_init_error=$(/usr/sbin/clog /var/log/ipsec.log | egrep "utm racoon: INFO: deleting a generated policy." | tail -1)

 while [ 1 ]; do
    read_last_error=$(/usr/sbin/clog /var/log/ipsec.log | egrep "utm racoon: INFO: deleting a generated policy." | tail -1)
    if [ ! "$read_init_error" = "$read_last_error" ]; then
        /usr/local/bin/php -f /usr/local/bin/restart_vpn_ipsec.php
        echo Policy was deleted, restarting ipsec... | /usr/bin/logger -t racoon -p local0.info
        read_init_error="$read_last_error"
    fi  
    sleep 2
 done
diff --git a/restart_vpn_ipsec.php b/restart_vpn_ipsec.php
 <?php

 /*
 *  Autor: Silvio Giunge a.k.a kanazuchi
 *  <[email protected]>
 *
 */

 require_once("vpn.inc");
 require_once("interfaces.inc");
 require_once("ipsec.inc");
 require_once("util.inc");
 require_once("gwlb.inc");
 require_once("filter.inc");
 require_once("config.inc");

 $config['ipsec']['enable'] = true;

 write_config();

 vpn_ipsec_refresh_policies();
 vpn_ipsec_configure();
 filter_configure();

 ?>
	<?php

	/*
	* Autor: Silvio Giunge a.k.a kanazuchi
	* <[email protected]>
	*
	*/

	require_once("config.inc");
	require_once("services.inc");

	if (file_exists("restart_vpn_ipsec.php"))
	mwexec("/bin/cp restart_vpn_ipsec.php usr/local/bin/");

	if (file_exists("ipsec_police_monitor.sh")) {
	mwexec("/bin/cp ipsec_police_monitor.sh /usr/local/sbin/");
	mwexec("/bin/chmod +x /usr/local/bin/ipsec_police_monitor.sh");
	}

	if (!is_array($config['cron']['item']))
	$config['cron']['item'] = array();

	$display_cron = array(
	'minute' => "*/15",
	'hour' => "*",
	'mday' => "*",
	'month' => "*",
	'wday' => "*",
	'who' => "root",
	'command' => "/bin/sh /usr/local/bin/ipsec_police_monitor.sh");

	$config['cron']['item'][] = $display_cron;

	write_config(gettext("Installed ipsec monitor service."));

	configure_cron();

	?>
	#!/bin/sh
	#
	# Autor: Silvio Giunge a.k.a kanazuchi
	# <[email protected]>
	#

	[ $(/bin/pgrep -f ipsec_police_monitor \| wc -l) -gt 0 ] && exit 0

	read_init_error=$(/usr/sbin/clog /var/log/ipsec.log \| egrep "utm racoon: INFO: deleting a generated policy." \| tail -1)

	while [ 1 ]; do
	read_last_error=$(/usr/sbin/clog /var/log/ipsec.log \| egrep "utm racoon: INFO: deleting a generated policy." \| tail -1)
	if [ ! "$read_init_error" = "$read_last_error" ]; then
	/usr/local/bin/php -f /usr/local/bin/restart_vpn_ipsec.php
	echo Policy was deleted, restarting ipsec... \| /usr/bin/logger -t racoon -p local0.info
	read_init_error="$read_last_error"
	fi
	sleep 2
	done