AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Get Linux IPSec tunnel status

Browse source
This commit is contained in:
Mykola Baibuz 2024-08-30 21:44:47 +03:00
parent 3cec0dc2a7
commit 052261c2b4
4 changed files with 78 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

64
client/protocols/ikev2_vpn_protocol_linux.cpp
View file

@ -71,8 +71,6 @@ ErrorCode Ikev2Protocol::start()
BIO_get_mem_ptr(bio, &mem); BIO_get_mem_ptr(bio, &mem);
std::string pem(mem->data, mem->length); std::string pem(mem->data, mem->length);
qDebug() << pem;
QString alias(pem.c_str()); QString alias(pem.c_str());
IpcClient::Interface()->writeIPsecUserCert(alias, m_config[config_key::userName].toString()); IpcClient::Interface()->writeIPsecUserCert(alias, m_config[config_key::userName].toString());
@ -83,7 +81,54 @@ ErrorCode Ikev2Protocol::start()
m_config[config_key::userName].toString()); m_config[config_key::userName].toString());
connect_to_vpn("ikev2-vpn"); connect_to_vpn("ikev2-vpn");
setConnectionState(Vpn::ConnectionState::Connected);
if (!IpcClient::Interface()) {
return ErrorCode::AmneziaServiceConnectionFailed;
}
QString connectionStatus;
auto futureResult = IpcClient::Interface()->getTunnelStatus("ikev2-vpn");
futureResult.waitForFinished();
if (futureResult.returnValue().isEmpty()) {
auto futureResult = IpcClient::Interface()->getTunnelStatus("ikev2-vpn");
futureResult.waitForFinished();
}
connectionStatus = futureResult.returnValue();
if (connectionStatus.contains("ESTABLISHED")) {
QStringList lines = connectionStatus.split('\n');
for (auto iter = lines.begin(); iter!=lines.end(); iter++)
{
if (iter->contains("0.0.0.0/0")) {
m_routeGateway = iter->split("===", Qt::SkipEmptyParts).first();
m_routeGateway = m_routeGateway.split(" ").at(2);
m_routeGateway = m_routeGateway.split("/").first();
qDebug() << "m_routeGateway " << m_routeGateway;
// killSwitch toggle
if (QVariant(m_config.value(config_key::killSwitchOption).toString()).toBool()) {
IpcClient::Interface()->enableKillSwitch(m_config, 0);
}
if (m_routeMode == 0) {
IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "0.0.0.0/1");
IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "128.0.0.0/1");
IpcClient::Interface()->routeAddList(m_routeGateway, QStringList() << m_remoteAddress);
}
IpcClient::Interface()->StopRoutingIpv6();
}
}
setConnectionState(Vpn::ConnectionState::Connected);
} else {
setConnectionState(Vpn::ConnectionState::Disconnected);
}
return ErrorCode::NoError; return ErrorCode::NoError;
} }
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@ -102,19 +147,6 @@ bool Ikev2Protocol::connect_to_vpn(const QString &vpn_name) {
IpcClient::Interface()->startIPsec(vpn_name); IpcClient::Interface()->startIPsec(vpn_name);
QThread::msleep(3000); QThread::msleep(3000);
#if defined(Q_OS_LINUX) || defined(Q_OS_MACOS)
// killSwitch toggle
if (QVariant(m_config.value(config_key::killSwitchOption).toString()).toBool()) {
IpcClient::Interface()->enableKillSwitch(m_config, 0);
}
#endif
if (m_routeMode == 0) {
IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "0.0.0.0/1");
IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "128.0.0.0/1");
IpcClient::Interface()->routeAddList(m_routeGateway, QStringList() << m_remoteAddress);
}
IpcClient::Interface()->StopRoutingIpv6();
return true; return true;
} }
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2
ipc/ipc_interface.rep
View file

@ -42,5 +42,7 @@ class IpcInterface
SLOT( bool stopIPsec(QString tunnelName) ); SLOT( bool stopIPsec(QString tunnelName) );
SLOT( bool startIPsec(QString tunnelName) ); SLOT( bool startIPsec(QString tunnelName) );
SLOT( QString getTunnelStatus(QString tunnelName) );
}; };

28
ipc/ipcserver.cpp
View file

@ -467,11 +467,37 @@ bool IpcServer::writeIPsecPrivatePass(QString pass, QString host, QString uuid)
secretsFile.write(P12.toUtf8()); secretsFile.write(P12.toUtf8());
secretsFile.close(); secretsFile.close();
} }
#endif #endif
return true; return true;
} }
QString IpcServer::getTunnelStatus(QString tunnelName)
{
#ifdef Q_OS_LINUX
QProcess process;
QStringList commands;
commands << "ipsec" << "status" << QString("%1").arg(tunnelName);
process.start("sudo", commands);
if (!process.waitForStarted(1000))
{
qDebug().noquote() << "Could not stop ipsec tunnel\n";
return "";
}
else if (!process.waitForFinished(2000))
{
qDebug().noquote() << "Could not stop ipsec tunnel\n";
return "";
}
commands.clear();
QString status = process.readAll();
return status;
#endif
return QString();
}
bool IpcServer::enablePeerTraffic(const QJsonObject &configStr) bool IpcServer::enablePeerTraffic(const QJsonObject &configStr)
{ {
#ifdef Q_OS_WIN #ifdef Q_OS_WIN

1
ipc/ipcserver.h
View file

@ -42,6 +42,7 @@ public:
virtual bool writeIPsecPrivatePass(QString pass, QString host, QString uuid) override; virtual bool writeIPsecPrivatePass(QString pass, QString host, QString uuid) override;
virtual bool stopIPsec(QString tunnelName) override; virtual bool stopIPsec(QString tunnelName) override;
virtual bool startIPsec(QString tunnelName) override; virtual bool startIPsec(QString tunnelName) override;
virtual QString getTunnelStatus(QString tunnelName) override;
private: private:
int m_localpid = 0; int m_localpid = 0;