- When suggesting to use Pi-hole, use the VPN server IP instead of the LAN IP to allow

DNS resolution even if the user does not route the local network through the tunnel.

- Format listCONF in a similar way as listOVPN

- Specifically look for a free octet in the last word of clients.txt and not just any word.
  Necessary otherwhise public keys starting with a number will match against an octet.
  Example: if line is 'name 5abcdefgh 4', then looking for ' 5' will match but '5$' will
  not (correctly).

- 'pivpn -c' will show the Connected Clients List for WireGuard too
This commit is contained in:
Orazio 2019-12-27 15:48:42 +01:00
parent 05b189486d
commit d17d381049
6 changed files with 58 additions and 12 deletions

View file

@ -978,7 +978,7 @@ askClientDNS(){
# Detect and offer to use Pi-hole
if command -v pihole &>/dev/null; then
if (whiptail --backtitle "Setup PiVPN" --title "Pi-hole" --yesno "We have detected a Pi-hole installation, do you want to use it as the DNS server for the VPN, so you get ad blocking on the go?" ${r} ${c}); then
pivpnDNS1="$IPv4addr"
pivpnDNS1="$vpnGw"
echo "interface=$pivpnDEV" | $SUDO tee /etc/dnsmasq.d/02-pivpn.conf > /dev/null
$SUDO pihole restartdns
echo "pivpnDNS1=${pivpnDNS1}" >> /tmp/setupVars.conf

39
scripts/wireguard/clientSTAT.sh Executable file
View file

@ -0,0 +1,39 @@
#!/bin/bash
cd /etc/wireguard/configs
if [ ! -s clients.txt ]; then
echo "::: There are no clients to list"
exit 1
fi
hr(){
numfmt --to=iec-i --suffix=B "$1"
}
DUMP="$(wg show wg0 dump | tail -n +2)"
printf "\e[1m::: Connected Clients List :::\e[0m\n"
{
printf "\e[4mName\e[0m \t \e[4mRemote IP\e[0m \t \e[4mVirtual IP\e[0m \t \e[4mBytes Received\e[0m \t \e[4mBytes Sent\e[0m \t \e[4mLast Seen\e[0m\n"
while IFS= read -r LINE; do
PUBLIC_KEY="$(awk '{ print $1 }' <<< "$LINE")"
REMOTE_IP="$(awk '{ print $3 }' <<< "$LINE")"
VIRTUAL_IP="$(awk '{ print $4 }' <<< "$LINE")"
BYTES_RECEIVED="$(awk '{ print $6 }' <<< "$LINE")"
BYTES_SENT="$(awk '{ print $7 }' <<< "$LINE")"
LAST_SEEN="$(awk '{ print $5 }' <<< "$LINE")"
CLIENT_NAME="$(grep "$PUBLIC_KEY" clients.txt | awk '{ print $1 }')"
if [ "$LAST_SEEN" -ne 0 ]; then
printf "%s \t %s \t %s \t %s \t %s \t %s\n" "$CLIENT_NAME" "$REMOTE_IP" "${VIRTUAL_IP/\/32/}" "$(hr "$BYTES_RECEIVED")" "$(hr "$BYTES_SENT")" "$(date -d @"$LAST_SEEN" '+%b %m %Y - %T')"
else
printf "%s \t %s \t %s \t %s \t %s \t %s\n" "$CLIENT_NAME" "$REMOTE_IP" "${VIRTUAL_IP/\/32/}" "$(hr "$BYTES_RECEIVED")" "$(hr "$BYTES_SENT")" "(not yet)"
fi
done <<< "$DUMP"
printf "\n"
} | column -t -s $'\t'

View file

@ -6,18 +6,23 @@ if [ ! -s clients.txt ]; then
exit 1
fi
printf "\e[1m::: Clients Summary :::\e[0m\n"
# Present the user with a summary of the clients, fetching info from dates.
FORMATTED+=": \e[4mClient\e[0m&\e[4mCreation date\e[0m :\n"
{
echo -e "\e[4mClient\e[0m \t \e[4mPublic key\e[0m \t \e[4mCreation date\e[0m"
while read -r LINE; do
CLIENT_NAME="$(awk '{print $1}' <<< "$LINE")"
CREATION_DATE="$(awk '{print $2}' <<< "$LINE")"
PUBLIC_KEY="$(awk '{print $2}' <<< "$LINE")"
CREATION_DATE="$(awk '{print $3}' <<< "$LINE")"
# Dates are converted from UNIX time to human readable.
CD_FORMAT="$(date -d @"$CREATION_DATE" +'%d %b %Y, %H:%M, %Z')"
FORMATTED+="$CLIENT_NAME&$CD_FORMAT\n"
echo -e "$CLIENT_NAME \t $PUBLIC_KEY \t $CD_FORMAT"
done < clients.txt
echo -e "$FORMATTED" | column -t -s '&'
} | column -t -s $'\t'

View file

@ -79,9 +79,9 @@ echo "::: Client Keys generated"
# Find an unused number for the last octet of the client IP
for i in {2..254}; do
if ! grep -q " $i" configs/clients.txt; then
if ! grep -q " $i$" configs/clients.txt; then
COUNT="$i"
echo "${CLIENT_NAME} $(date +%s) ${COUNT}" >> configs/clients.txt
echo "${CLIENT_NAME} $(<keys/${CLIENT_NAME}_pub) $(date +%s) ${COUNT}" >> configs/clients.txt
break
fi
done

View file

@ -17,7 +17,7 @@ makeConf(){
}
listConnected(){
$SUDO wg show
$SUDO /opt/pivpn/clientSTAT.sh
exit 0
}

View file

@ -73,12 +73,14 @@ for CLIENT_NAME in "${CLIENTS_TO_REMOVE[@]}"; do
if [[ $REPLY =~ ^[Yy]$ ]]; then
# Grab the least significant octed of the client IP address
COUNT=$(grep "${CLIENT_NAME}" configs/clients.txt | awk '{print $3}')
# And the creation date of the client
CREATION_DATE="$(grep "${CLIENT_NAME}" configs/clients.txt | awk '{print $2}')"
COUNT=$(grep "${CLIENT_NAME}" configs/clients.txt | awk '{print $4}')
# The creation date of the client
CREATION_DATE="$(grep "${CLIENT_NAME}" configs/clients.txt | awk '{print $3}')"
# And its public key
PUBLIC_KEY="$(grep "${CLIENT_NAME}" configs/clients.txt | awk '{print $2}')"
# Then remove the client matching the variables above
sed "/${CLIENT_NAME} ${CREATION_DATE} ${COUNT}/d" -i configs/clients.txt
sed "\#${CLIENT_NAME} ${PUBLIC_KEY} ${CREATION_DATE} ${COUNT}#d" -i configs/clients.txt
# Remove the peer section from the server config
sed "/# begin ${CLIENT_NAME}/,/# end ${CLIENT_NAME}/d" -i wg0.conf