原文http://www.cnblogs.com/niusys/p/4204360.html
原文不足之一已经有人吐槽了
这个单用户的实现方法造成的结果是,两个人踢来踢去的~~
不足之二是断线之后不会清理pptpd-users下面的用户,
可能会导致用户登录之后会kill掉原pid,
假如该pid已经分配给其它进程使用了的话,无辜的进程就会被关掉
改进了上面两个问题,并把网上的登录日志功能添加了进来
vi /etc/ppp/auth-up
#!/bin/sh # get the username/ppp line number from the parameters REALDEVICE=$1 USER=$2 # create the directory to keep pid files per user test -d /var/run/pptpd-users |mkdir -p /var/run/pptpd-users restrict_mode=2 # mode 1 : # if there is a session already for this user, terminate the old one # mode 2 : # prevent a new login for same user if [ -f /var/run/pptpd-users/$USER ]; then case $restrict_mode in 1) kill -HUP `cat /var/run/pptpd-users/$USER`;; 2) kill -HUP `cat /var/run/$REALDEVICE.pid` ;; *) : ;; esac fi |
vi /etc/ppp/ip-up.local
#!/bin/sh # copy the pid file of current user to /var/run/pptpd-users cp "/var/run/$1.pid" /var/run/pptpd-users/$PEERNAME echo "##################################" >> /var/log/pptpd.log echo "Now User $PEERNAME is connected!!!" >> /var/log/pptpd.log echo "##################################" >> /var/log/pptpd.log echo "time: `date -d today +%F_%T`" >> /var/log/pptpd.log echo "clientIP: $6" >> /var/log/pptpd.log echo "username: $PEERNAME" >> /var/log/pptpd.log echo "device: $1" >> /var/log/pptpd.log echo "vpnIP: $4" >> /var/log/pptpd.log echo "assignIP: $5" >> /var/log/pptpd.log |
vi /etc/ppp/ip-down.local
#!/bin/sh echo "#####################################" >> /var/log/pptpd.log echo "Now User $PEERNAME is disconnected!!!" >> /var/log/pptpd.log echo "#####################################" >> /var/log/pptpd.log echo "time: `date -d today +%F_%T`" >> /var/log/pptpd.log echo "clientIP: $6" >> /var/log/pptpd.log echo "username: $PEERNAME" >> /var/log/pptpd.log echo "device: $1" >> /var/log/pptpd.log echo "vpnIP: $4" >> /var/log/pptpd.log echo "assignIP: $5" >> /var/log/pptpd.log echo "connect time: $CONNECT_TIME s" >> /var/log/pptpd.log echo "bytes sent: $BYTES_SENT B" >> /var/log/pptpd.log echo "bytes rcvd: $BYTES_RCVD B" >> /var/log/pptpd.log sum_bytes=$(($BYTES_SENT+$BYTES_RCVD)) sum=`echo "scale=2;$sum_bytes/1024/1024"|bc` echo "bytes sum: $sum MB" >> /var/log/pptpd.log ave=`echo "scale=2;$sum_bytes/1024/$CONNECT_TIME"|bc` echo "average speed: $ave KB/s" >> /var/log/pptpd.log rm -f /var/run/pptpd-users/$PEERNAME |
chmoda+x /etc/ppp/*
流程如下:
1.用户登录判断是否有/var/run/pptpd-users/用户名的文件
2.如果有平滑重启这个vpn用户进程,如果没有创建这个文件,文本里面有用户进程ID
3. ( 可选模式1或模式2)
模式1 老的连接被踢掉,新的连接可以使用
模式2 先登录的session保持在线,之后阻止登录
linux pptpd 限制单账号session限制及登录日志(改进版)
原文地址:http://itest.blog.51cto.com/3511959/1812225
