18. pptp Server Administration

This section covers a few tricks on pptp server management. It is far from a complete guide. Any suggestions are welcome.

The packages psacct and SysVinit are required for the utilities used in here. They should be installed by default. If they are not, please install them through yum.

[root@pptp ~]# yum install psacct SysVinit 

18.1 Who is Online?

To check who is online, the "last" command is used:

[root@pptp ~]# last | grep ppp | grep still
James ppp3 202.xx.xxx.xxx Sat Nov 19 17:38 still logged in
Andrew ppp1 220.xxx.xxx.xx Sat Nov 19 17:23 still logged in
Mary ppp2 1.2.3.4 Sat Nov 19 16:59 still logged in
Sue ppp0 202.xx.xxx.xxx Sat Nov 19 16:43 still logged in
Mark ppp7 203.xxx.xxx.xxx Sat Nov 19 14:59 still logged in

last is from SysVinit. It reads the information from /var/log/wtmp.

Note: for last to work properly, the logwtmp option in the /etc/pptpd.conf must be enabled. If you are sure there are pptp connections but see no output from the above mentioned command, check the logwtmp option in the pptpd.conf file is enabled.


18.2 Accounting

The "ac" utility from package psacct will provide a report on the connection time.

[root@pptp ~]# ac -d -p
Amy 3.77
George 0.08
Mark 1.78
Richard 0.35
Lee 3.66
Simon 5.78
Nicole 1.05
Nov 1 total 16.46
Amy 2.43
Nicole 8.61
Richard 4.77
Mark 0.90
Lee 4.68
Keith 1.84
Nov 2 total 23.23

The ac command reads the information from /var/log/wtmp. It has a lot of options. Read the man page for details.

Note:
1.
If you want the statistics from older version of wtmp, use the -f parameter in "ac" to specify the file.
2. If users use shell to log in the server as well, the ac will return the connection time of both pptp and shell connections.


18.3 Disconnect a User

To disconnect an active connection, you will have to kill the pppd process associate with it. Firstly, run the command in section 16.1 to find out the remote ip address of the user. Say you want to disconnect Mary, her ip address in the above example is 1.2.3.4. Then, find the PID of the pppd process.

[root@pptp /]# ps -ef | grep 1.2.3.4 | grep pppd
root 8672 8671 0 16:59 ? 00:00:00 /usr/sbin/pppd local file /etc/ppp/options.pptpd 115200
10.0.0.10:10.0.0.124 ipparam 1.2.3.4.
plugin /usr/lib/pptpd/pptpd-logwtmp.so
pptpd-original-ip 1.2.3.4

The second field of the output, 8672 in our example, is the PID of the pppd process. Kill the process will disconnect the user.

[root@pptp /]# kill 8672

18.4 Allow Only One Connection per User

By default, a user can make multiple connections to the pptpd server. To restrict one connection per user, create two script files in the /etc/ppp directory. When the same user logs in twice, the first connection will be disconnected. This is actually done on the ppp level, not with the pptpd.

The first file is /etc/ppp/auth-up

  #!/bin/sh
# get the username/ppp line number from the parameters
PPPLINE=$1
USER=$2
# create the directory to keep pid files per user
mkdir -p /var/run/pptpd-users
# if there is a session already for this user, terminate the old one
if [ -f /var/run/pptpd-users/$USER ]; then
kill -HUP `cat /var/run/pptpd-users/$USER`
rm /var/run/pptpd-users/$USER
fi
# write down the username in the ppp line file
echo $USER > /var/run/pptpd-users/$PPPLINE.new

The second file is /etc/ppp/ip-up.local

  #!/bin/sh
REALDEVICE=$1
# Get the username from the ppp line record file
USER=`cat /var/run/pptpd-users/$REALDEVICE.new`
# Copy the ppp line pid
cp "/var/run/$REALDEVICE.pid" /var/run/pptpd-users/$USER
# remove the ppp line record file
rm "/var/run/pptpd-users/$REALDEVICE.new"

The method presented here may not be the best one, but it works for me. (If you have a better way, please let me know.)


Next   Previous  Content

pptpd的更多相关文章

  1. CentOS 6.5 PPTPD VPN服务器安装,解决807等问题。

    需要两个组件: ppp pptpd 需要配置的地方有三处: /etc/pptpd.conf /etc/ppp/options.pptpd /etc/ppp/chap-secrets 需要开启IP转发: ...

  2. CentOS 一键搭建pptpd

    rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm yum -y insta ...

  3. Linux_VPN—pptpd构架方法

    以下是由本人测试可用的pptpd构架方法 按步骤: 运行环境Centeros 6 *首先运行如下命令: cat /dev/net/tun 返回的必须是: cat: /dev/net/tun: File ...

  4. linux pptpd账号同时登录的问题

    最近搞了个云主机搭建个VPN服务器给自己用, 特别是在公共场所的wifi上网时, 很多APP, 或者网站是没有https的, 所以为了保证信息(主要是账号密码)的安全, 搭个私有vpn还是很有必要的. ...

  5. ArchLinux 下架设PPTPD VPN服务

    直接上命令吧: 安装: pacman -Sy pacman -S pptpd 配置: vim /etc/pptpd.conf option /etc/ppp/options.pptpd stimeou ...

  6. [Ubuntu] Ubuntu搭建VPN服务器pptpd

    在 Ubuntu 上搭建 VPN 服务器的方法非常多,比较著名的有 PPTP, L2TP/IPSec 和 OpenVPN. 这三种方式中后两者的安全性比较好,但配置较麻烦.其中 OpenVPN 在 W ...

  7. CENTOS6 安装配置 pptpd 心得

    1.你所需要的软件 pppd    ppp拨号服务器pptpd   在pppd拨号的基础上增加pptpd的支持 2.确定你的内核是否支持mppe modprobe ppp-compress-18 &a ...

  8. Linux ---pptpd部署

    PPTP 全称为 Point to Point Tunneling Protocol -- 点到点隧道协议,是VPN协议中的一种. 一.CentOS 6.2 下 PPTP VPN 服务器安装 1.安装 ...

  9. ubuntun pptpd

    apt-get install pptpd 3.编辑pptpd.conf文件 vi /etc/pptpd.conf 取消注释下面内容 option /etc/ppp/pptpd-options loc ...

随机推荐

  1. Android内存泄漏

    Java是垃圾回收语言的一种,其优点是开发者无需特意管理内存分配,降低了应用由于局部故障(segmentation fault)导致崩溃,同时防止未释放的内存把堆栈(heap)挤爆的可能,所以写出来的 ...

  2. Linux SendMail发送邮件失败诊断案例(二)

    Linux上Sendmail经常由于一些配置问题,导致邮件发送失败,下面整理.收集了一些邮件发送失败.异常的案例. 案例1:在新服务器上测试sendmail发送邮件时,发现邮件发送不成功,检查/var ...

  3. SQL SERVER 2005删除维护作业报错:The DELETE statement conflicted with the REFERENCE constraint "FK_subplan_job_id"

    案例环境: 数据库版本: Microsoft SQL Server 2005 (Microsoft SQL Server 2005 - 9.00.5000.00 (X64) ) 案例介绍: 对一个数据 ...

  4. 【转】SpringMVC中DispatcherServlet配置中url-pattern 配置/*和/的区别

    原文地址:http://m.blog.csdn.net/blog/liuxiao723846/43733287 在使用springmvc时,都会在web.xml中配置一个dispatchservlet ...

  5. java实现串口通讯

    一. 准备工作 1. 点击此下载java串口通讯相关工具 2. 将RXTXcomm.jar放到  %JAVA_HOME%\jre\lib\ext\  目录下,工程中引入该jar包 3. 将rxtxSe ...

  6. JS导出PDF插件(支持中文、图片使用路径)

    在WEB上想做一个导出PDF的功能,发现jsPDF比较多人推荐,遗憾的是不支持中文,最后找到pdfmake,很好地解决了此问题.它的效果可以先到http://pdfmake.org/playgroun ...

  7. java中设置代理的两种方式

    1 前言 有时候我们的程序中要提供可以使用代理访问网络,代理的方式包括http.https.ftp.socks代理.比如在IE浏览器设置代理. 那我们在我们的java程序中使用代理呢,有如下两种方式. ...

  8. LLVM 笔记(二)—— PHI node

    ilocker:关注 Android 安全(新手) QQ: 2597294287 什么是 PHI node? 所有 LLVM 指令都使用 SSA (Static Single Assignment,静 ...

  9. Ubuntu安装Maven3

    先增加Maven3的源,在/etc/apt/sources.list中添加以下信息 deb http://ppa.launchpad.net/natecarlson/maven3/ubuntu pre ...

  10. 【Windows编程】系列第四篇:使用Unicode编程

    上一篇我们学习了Windows编程的文本及字体输出,在以上几篇的实例中也出现了一些带有“TEXT”的Windows宏定义,有朋友留言想了解一些ANSI和Unicode编程方面的内容,本章就来了解和学习 ...