diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2008-09-19 14:25:08 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2008-09-19 14:25:08 +0200 |
| commit | d28d39cabd55b3de3258dabd3fbefe1976dc1bc1 (patch) | |
| tree | ecb5090a5f3994875fef668d39030ef5ff176095 | |
| parent | 8b2c60cee562ed98596a228750f10f735725ac11 (diff) | |
| download | eurephia-d28d39cabd55b3de3258dabd3fbefe1976dc1bc1.tar.gz eurephia-d28d39cabd55b3de3258dabd3fbefe1976dc1bc1.tar.xz eurephia-d28d39cabd55b3de3258dabd3fbefe1976dc1bc1.zip | |
Added (untested) logging of time_duration into openvpn_lastlog.session_duration
| -rw-r--r-- | TODO | 22 | ||||
| -rw-r--r-- | TODO.done | 22 | ||||
| -rw-r--r-- | database/sqlite/eurephiadb-sqlite.c | 7 | ||||
| -rw-r--r-- | database/sqlite/sql-schema.sql | 33 | ||||
| -rw-r--r-- | eurephia.c | 3 | ||||
| -rw-r--r-- | eurephiadb_driver.h | 2 |
6 files changed, 46 insertions, 43 deletions
@@ -1,26 +1,4 @@ -* Write firewall (iptables) implementation - - Add function declarations in eurephia_firewall.h (DONE) - - Enable firewall functionality by checking if firewall_interface - config variable is set. (DONE) - - Add eDBget_firewall_profile(ctx, session) in eurephiadb (DONE) - - Add eurephia_firewall(ctx, mode{ADD|DELETE}, {profilename|macaddr}, - (eurephiaCTX *, const int mode, char *) (DONE) - - This function is located in eurephia_fw_iptables.c (DONE) - - iptables -I {INSERT place} is taken from config: - firewall_destination (DONE) - - iptables -j {vpnuser_profile} is taken from VPN users - accessprofile (DONE) - - - Needs probably to be an own thread with root permission and a - socket to send ADD/DELETE commands (DONE) - - - Flush iptables chain on startup - -* Implement logging of env.variable time_duration on disconnect - - Needs to expand the openvpn_lastlog table with connection_duration - field. - * Write admin program - Add / Delete / Modify users - Add / Delete / Modify certificates (by loading the certfile) @@ -1,3 +1,25 @@ +* Implement logging of env.variable time_duration on disconnect (DONE) + - Needs to expand the openvpn_lastlog table with connection_duration + field. + +* Write firewall (iptables) implementation + - Add function declarations in eurephia_firewall.h (DONE) + - Enable firewall functionality by checking if firewall_interface + config variable is set. (DONE) + - Add eDBget_firewall_profile(ctx, session) in eurephiadb (DONE) + - Add eurephia_firewall(ctx, mode{ADD|DELETE}, {profilename|macaddr}, + (eurephiaCTX *, const int mode, char *) (DONE) + - This function is located in eurephia_fw_iptables.c (DONE) + - iptables -I {INSERT place} is taken from config: + firewall_destination (DONE) + - iptables -j {vpnuser_profile} is taken from VPN users + accessprofile (DONE) + + - Needs probably to be an own thread with root permission and a + socket to send ADD/DELETE commands (DONE) + + - Flush iptables chain on startup (DONE) + * Log MACaddresses per session into openvpn_macaddr_history (DONE) - Can change during a session CREATE TABLE openvpn_macaddr_history ( diff --git a/database/sqlite/eurephiadb-sqlite.c b/database/sqlite/eurephiadb-sqlite.c index f566320..67b22f4 100644 --- a/database/sqlite/eurephiadb-sqlite.c +++ b/database/sqlite/eurephiadb-sqlite.c @@ -581,7 +581,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha // Register the user as logged out int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, - const char *bytes_sent, const char *bytes_received) + const char *bytes_sent, const char *bytes_received, const char *duration) { dbresult *res = NULL; @@ -592,9 +592,10 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, res = sqlite_query(ctx, "UPDATE openvpn_lastlog " " SET sessionstatus = 3, logout = CURRENT_TIMESTAMP, " - " bytes_sent = '%i', bytes_received = '%i' " + " bytes_sent = '%i', bytes_received = '%i', session_duration = '%i' " " WHERE sessionkey = '%q' AND sessionstatus = 2", - atoi_nullsafe(bytes_sent), atoi_nullsafe(bytes_received), skey->sessionkey); + atoi_nullsafe(bytes_sent), atoi_nullsafe(bytes_received), + atoi_nullsafe(duration), skey->sessionkey); if( res == NULL ) { eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with logout information (%s)", skey->sessionkey); diff --git a/database/sqlite/sql-schema.sql b/database/sqlite/sql-schema.sql index 5cdb77b..490669d 100644 --- a/database/sqlite/sql-schema.sql +++ b/database/sqlite/sql-schema.sql @@ -36,22 +36,23 @@ CREATE TABLE openvpn_accesses ( ); CREATE TABLE openvpn_lastlog ( - uid integer , - certid integer , - protocol varchar(4) NOT NULL, - remotehost varchar(128) NOT NULL, - remoteport integer NOT NULL, - macaddr varchar(20) , - vpnipaddr varchar(32) NOT NULL, - vpnipmask varchar(32) NOT NULL, - sessionstatus integer NOT NULL DEFAULT 0, - sessionkey varchar(128) , - login timestamp , - logout timestamp , - session_del timestamp , - bytes_sent integer , - bytes_received integer , - llid integer PRIMARY KEY AUTOINCREMENT + uid integer , + certid integer , + protocol varchar(4) NOT NULL, + remotehost varchar(128) NOT NULL, + remoteport integer NOT NULL, + macaddr varchar(20) , + vpnipaddr varchar(32) NOT NULL, + vpnipmask varchar(32) NOT NULL, + sessionstatus integer NOT NULL DEFAULT 0, + sessionkey varchar(128) , + login timestamp , + logout timestamp , + session_del timestamp , + session_duration timestamp, + bytes_sent integer , + bytes_received integer , + llid integer PRIMARY KEY AUTOINCREMENT ); CREATE UNIQUE INDEX openvpn_lastlog_sessionkey ON openvpn_lastlog(sessionkey); @@ -356,7 +356,7 @@ int eurephia_connect(eurephiaCTX *ctx, const char **env) { int eurephia_disconnect(eurephiaCTX *ctx, const char **env) { eurephiaSESSION *session = NULL; const char *digest, *cname, *uname, *vpnipaddr, *vpnipmask, *remipaddr, *remport; - const char *bytes_sent, *bytes_rec; + const char *bytes_sent, *bytes_rec, *duration; int ret = 0; eurephia_log(ctx, LOG_DEBUG, 21, "** Function call: eurephia_disconnect(...)"); @@ -371,6 +371,7 @@ int eurephia_disconnect(eurephiaCTX *ctx, const char **env) { remport = get_env(ctx, env, "trusted_port"); bytes_sent= get_env(ctx, env, "bytes_sent"); bytes_rec = get_env(ctx, env, "bytes_received"); + duration = get_env(ctx, env, "time_duration"); // Get a session ticket session = eDBopen_session_seed(ctx, digest, cname, uname, vpnipaddr, vpnipmask, remipaddr, remport); diff --git a/eurephiadb_driver.h b/eurephiadb_driver.h index a48eb6c..567706b 100644 --- a/eurephiadb_driver.h +++ b/eurephiadb_driver.h @@ -62,7 +62,7 @@ int (*eDBregister_login) (eurephiaCTX *ctx, eurephiaSESSION *skey, const int cer int (*eDBregister_vpnmacaddr) (eurephiaCTX *ctx, eurephiaSESSION *skey, const char *macaddr); int (*eDBregister_logout) (eurephiaCTX *ctx, eurephiaSESSION *skey, - const char *bytes_sent, const char *bytes_received); + const char *bytes_sent, const char *bytes_received, const char *duration); /* firewall functions */ char *(*eDBget_firewall_profile) (eurephiaCTX *ctx, eurephiaSESSION *session); |