From d17d381049dac5245e3f107bb75f95cbce5414ef Mon Sep 17 00:00:00 2001 From: Orazio Date: Fri, 27 Dec 2019 15:48:42 +0100 Subject: [PATCH] - When suggesting to use Pi-hole, use the VPN server IP instead of the LAN IP to allow DNS resolution even if the user does not route the local network through the tunnel. - Format listCONF in a similar way as listOVPN - Specifically look for a free octet in the last word of clients.txt and not just any word. Necessary otherwhise public keys starting with a number will match against an octet. Example: if line is 'name 5abcdefgh 4', then looking for ' 5' will match but '5$' will not (correctly). - 'pivpn -c' will show the Connected Clients List for WireGuard too --- auto_install/install.sh | 2 +- scripts/wireguard/clientSTAT.sh | 39 +++++++++++++++++++++++++++++++++ scripts/wireguard/listCONF.sh | 13 +++++++---- scripts/wireguard/makeCONF.sh | 4 ++-- scripts/wireguard/pivpn | 2 +- scripts/wireguard/removeCONF.sh | 10 +++++---- 6 files changed, 58 insertions(+), 12 deletions(-) create mode 100755 scripts/wireguard/clientSTAT.sh diff --git a/auto_install/install.sh b/auto_install/install.sh index cdbd8f5..34a72f5 100755 --- a/auto_install/install.sh +++ b/auto_install/install.sh @@ -978,7 +978,7 @@ askClientDNS(){ # Detect and offer to use Pi-hole if command -v pihole &>/dev/null; then if (whiptail --backtitle "Setup PiVPN" --title "Pi-hole" --yesno "We have detected a Pi-hole installation, do you want to use it as the DNS server for the VPN, so you get ad blocking on the go?" ${r} ${c}); then - pivpnDNS1="$IPv4addr" + pivpnDNS1="$vpnGw" echo "interface=$pivpnDEV" | $SUDO tee /etc/dnsmasq.d/02-pivpn.conf > /dev/null $SUDO pihole restartdns echo "pivpnDNS1=${pivpnDNS1}" >> /tmp/setupVars.conf diff --git a/scripts/wireguard/clientSTAT.sh b/scripts/wireguard/clientSTAT.sh new file mode 100755 index 0000000..d8c94cd --- /dev/null +++ b/scripts/wireguard/clientSTAT.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +cd /etc/wireguard/configs +if [ ! -s clients.txt ]; then + echo "::: There are no clients to list" + exit 1 +fi + +hr(){ + numfmt --to=iec-i --suffix=B "$1" +} + +DUMP="$(wg show wg0 dump | tail -n +2)" + +printf "\e[1m::: Connected Clients List :::\e[0m\n" + +{ +printf "\e[4mName\e[0m \t \e[4mRemote IP\e[0m \t \e[4mVirtual IP\e[0m \t \e[4mBytes Received\e[0m \t \e[4mBytes Sent\e[0m \t \e[4mLast Seen\e[0m\n" + +while IFS= read -r LINE; do + + PUBLIC_KEY="$(awk '{ print $1 }' <<< "$LINE")" + REMOTE_IP="$(awk '{ print $3 }' <<< "$LINE")" + VIRTUAL_IP="$(awk '{ print $4 }' <<< "$LINE")" + BYTES_RECEIVED="$(awk '{ print $6 }' <<< "$LINE")" + BYTES_SENT="$(awk '{ print $7 }' <<< "$LINE")" + LAST_SEEN="$(awk '{ print $5 }' <<< "$LINE")" + CLIENT_NAME="$(grep "$PUBLIC_KEY" clients.txt | awk '{ print $1 }')" + + if [ "$LAST_SEEN" -ne 0 ]; then + printf "%s \t %s \t %s \t %s \t %s \t %s\n" "$CLIENT_NAME" "$REMOTE_IP" "${VIRTUAL_IP/\/32/}" "$(hr "$BYTES_RECEIVED")" "$(hr "$BYTES_SENT")" "$(date -d @"$LAST_SEEN" '+%b %m %Y - %T')" + else + printf "%s \t %s \t %s \t %s \t %s \t %s\n" "$CLIENT_NAME" "$REMOTE_IP" "${VIRTUAL_IP/\/32/}" "$(hr "$BYTES_RECEIVED")" "$(hr "$BYTES_SENT")" "(not yet)" + fi + +done <<< "$DUMP" + +printf "\n" +} | column -t -s $'\t' \ No newline at end of file diff --git a/scripts/wireguard/listCONF.sh b/scripts/wireguard/listCONF.sh index 02e5224..6f8e198 100755 --- a/scripts/wireguard/listCONF.sh +++ b/scripts/wireguard/listCONF.sh @@ -6,18 +6,23 @@ if [ ! -s clients.txt ]; then exit 1 fi +printf "\e[1m::: Clients Summary :::\e[0m\n" + # Present the user with a summary of the clients, fetching info from dates. -FORMATTED+=": \e[4mClient\e[0m&\e[4mCreation date\e[0m :\n" +{ +echo -e "\e[4mClient\e[0m \t \e[4mPublic key\e[0m \t \e[4mCreation date\e[0m" while read -r LINE; do CLIENT_NAME="$(awk '{print $1}' <<< "$LINE")" - CREATION_DATE="$(awk '{print $2}' <<< "$LINE")" + PUBLIC_KEY="$(awk '{print $2}' <<< "$LINE")" + + CREATION_DATE="$(awk '{print $3}' <<< "$LINE")" # Dates are converted from UNIX time to human readable. CD_FORMAT="$(date -d @"$CREATION_DATE" +'%d %b %Y, %H:%M, %Z')" - FORMATTED+="• $CLIENT_NAME&$CD_FORMAT\n" + echo -e "$CLIENT_NAME \t $PUBLIC_KEY \t $CD_FORMAT" done < clients.txt -echo -e "$FORMATTED" | column -t -s '&' \ No newline at end of file +} | column -t -s $'\t' \ No newline at end of file diff --git a/scripts/wireguard/makeCONF.sh b/scripts/wireguard/makeCONF.sh index e0378cd..561aa69 100755 --- a/scripts/wireguard/makeCONF.sh +++ b/scripts/wireguard/makeCONF.sh @@ -79,9 +79,9 @@ echo "::: Client Keys generated" # Find an unused number for the last octet of the client IP for i in {2..254}; do - if ! grep -q " $i" configs/clients.txt; then + if ! grep -q " $i$" configs/clients.txt; then COUNT="$i" - echo "${CLIENT_NAME} $(date +%s) ${COUNT}" >> configs/clients.txt + echo "${CLIENT_NAME} $(> configs/clients.txt break fi done diff --git a/scripts/wireguard/pivpn b/scripts/wireguard/pivpn index bd89d43..3f96004 100755 --- a/scripts/wireguard/pivpn +++ b/scripts/wireguard/pivpn @@ -17,7 +17,7 @@ makeConf(){ } listConnected(){ - $SUDO wg show + $SUDO /opt/pivpn/clientSTAT.sh exit 0 } diff --git a/scripts/wireguard/removeCONF.sh b/scripts/wireguard/removeCONF.sh index 263fde3..b00deb6 100755 --- a/scripts/wireguard/removeCONF.sh +++ b/scripts/wireguard/removeCONF.sh @@ -73,12 +73,14 @@ for CLIENT_NAME in "${CLIENTS_TO_REMOVE[@]}"; do if [[ $REPLY =~ ^[Yy]$ ]]; then # Grab the least significant octed of the client IP address - COUNT=$(grep "${CLIENT_NAME}" configs/clients.txt | awk '{print $3}') - # And the creation date of the client - CREATION_DATE="$(grep "${CLIENT_NAME}" configs/clients.txt | awk '{print $2}')" + COUNT=$(grep "${CLIENT_NAME}" configs/clients.txt | awk '{print $4}') + # The creation date of the client + CREATION_DATE="$(grep "${CLIENT_NAME}" configs/clients.txt | awk '{print $3}')" + # And its public key + PUBLIC_KEY="$(grep "${CLIENT_NAME}" configs/clients.txt | awk '{print $2}')" # Then remove the client matching the variables above - sed "/${CLIENT_NAME} ${CREATION_DATE} ${COUNT}/d" -i configs/clients.txt + sed "\#${CLIENT_NAME} ${PUBLIC_KEY} ${CREATION_DATE} ${COUNT}#d" -i configs/clients.txt # Remove the peer section from the server config sed "/# begin ${CLIENT_NAME}/,/# end ${CLIENT_NAME}/d" -i wg0.conf