18. pptp Server Administration

This section covers a few tricks on pptp server management. It is far from a complete guide. Any suggestions are welcome.

The packages psacct and SysVinit are required for the utilities used in here. They should be installed by default. If they are not, please install them through yum.

[root@pptp ~]# yum install psacct SysVinit

18.1 Who is Online?

To check who is online, the "last" command is used:

[root@pptp ~]# last | grep ppp | grep still

James    ppp3         202.xx.xxx.xxx   Sat Nov 19 17:38   still logged in   
Andrew   ppp1         220.xxx.xxx.xx   Sat Nov 19 17:23   still logged in   
Mary     ppp2         1.2.3.4          Sat Nov 19 16:59   still logged in   
Sue      ppp0         202.xx.xxx.xxx   Sat Nov 19 16:43   still logged in   
Mark     ppp7         203.xxx.xxx.xxx  Sat Nov 19 14:59   still logged in

last is from SysVinit. It reads the information from /var/log/wtmp.

Note: for last to work properly, the logwtmp option in the /etc/pptpd.conf must be enabled. If you are sure there are pptp connections but see no output from the above mentioned command, check the logwtmp option in the pptpd.conf file is enabled.

18.2 Accounting

The "ac" utility from package psacct will provide a report on the connection time.

[root@pptp ~]# ac -d -p

        Amy                                  3.77

        George                               0.08

        Mark                                 1.78

        Richard                              0.35

        Lee                                  3.66

        Simon                                5.78

        Nicole                               1.05

Nov  1  total       16.46

        Amy                                  2.43

        Nicole                               8.61

        Richard                              4.77

        Mark                                 0.90

        Lee                                  4.68

        Keith                                1.84

Nov  2  total       23.23

The ac command reads the information from /var/log/wtmp. It has a lot of options. Read the man page for details.

Note:
1.
If you want the statistics from older version of wtmp, use the -f parameter in "ac" to specify the file.
2. If users use shell to log in the server as well, the ac will return the connection time of both pptp and shell connections.

18.3 Disconnect a User

To disconnect an active connection, you will have to kill the pppd process associate with it. Firstly, run the command in section 16.1 to find out the remote ip address of the user. Say you want to disconnect Mary, her ip address in the above example is 1.2.3.4. Then, find the PID of the pppd process.

[root@pptp /]# ps -ef | grep 1.2.3.4 | grep pppd

root   8672  8671  0 16:59 ?      00:00:00 /usr/sbin/pppd local file /etc/ppp/options.pptpd 115200

                                               10.0.0.10:10.0.0.124 ipparam 1.2.3.4.

                                               plugin /usr/lib/pptpd/pptpd-logwtmp.so

                                               pptpd-original-ip 1.2.3.4

The second field of the output, 8672 in our example, is the PID of the pppd process. Kill the process will disconnect the user.

[root@pptp /]# kill 8672

18.4 Allow Only One Connection per User

By default, a user can make multiple connections to the pptpd server. To restrict one connection per user, create two script files in the /etc/ppp directory. When the same user logs in twice, the first connection will be disconnected. This is actually done on the ppp level, not with the pptpd.

The first file is /etc/ppp/auth-up

  #!/bin/sh

  # get the username/ppp line number from the parameters

  PPPLINE=$1

  USER=$2

  # create the directory to keep pid files per user

  mkdir -p /var/run/pptpd-users

  # if there is a session already for this user, terminate the old one

  if [ -f /var/run/pptpd-users/$USER ]; then

    kill -HUP `cat /var/run/pptpd-users/$USER`

    rm /var/run/pptpd-users/$USER

  fi

  # write down the username in the ppp line file

  echo $USER > /var/run/pptpd-users/$PPPLINE.new

The second file is /etc/ppp/ip-up.local

  #!/bin/sh

  REALDEVICE=$1

  # Get the username from the ppp line record file

  USER=`cat /var/run/pptpd-users/$REALDEVICE.new`

  # Copy the ppp line pid

  cp "/var/run/$REALDEVICE.pid" /var/run/pptpd-users/$USER

  # remove the ppp line record file

  rm "/var/run/pptpd-users/$REALDEVICE.new"

The method presented here may not be the best one, but it works for me. (If you have a better way, please let me know.)

Next   Previous  Content

pptpd的更多相关文章

  1. CentOS 6.5 PPTPD VPN服务器安装,解决807等问题。

    需要两个组件: ppp pptpd 需要配置的地方有三处: /etc/pptpd.conf /etc/ppp/options.pptpd /etc/ppp/chap-secrets 需要开启IP转发: ...

  2. CentOS 一键搭建pptpd

    rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm yum -y insta ...

  3. Linux_VPN—pptpd构架方法

    以下是由本人测试可用的pptpd构架方法 按步骤: 运行环境Centeros 6 *首先运行如下命令: cat /dev/net/tun 返回的必须是: cat: /dev/net/tun: File ...

  4. linux pptpd账号同时登录的问题

    最近搞了个云主机搭建个VPN服务器给自己用, 特别是在公共场所的wifi上网时, 很多APP, 或者网站是没有https的, 所以为了保证信息(主要是账号密码)的安全, 搭个私有vpn还是很有必要的. ...

  5. ArchLinux 下架设PPTPD VPN服务

    直接上命令吧: 安装: pacman -Sy pacman -S pptpd 配置: vim /etc/pptpd.conf option /etc/ppp/options.pptpd stimeou ...

  6. [Ubuntu] Ubuntu搭建VPN服务器pptpd

    在 Ubuntu 上搭建 VPN 服务器的方法非常多,比较著名的有 PPTP, L2TP/IPSec 和 OpenVPN. 这三种方式中后两者的安全性比较好,但配置较麻烦.其中 OpenVPN 在 W ...

  7. CENTOS6 安装配置 pptpd 心得

    1.你所需要的软件 pppd    ppp拨号服务器pptpd   在pppd拨号的基础上增加pptpd的支持 2.确定你的内核是否支持mppe modprobe ppp-compress-18 &a ...

  8. Linux ---pptpd部署

    PPTP 全称为 Point to Point Tunneling Protocol -- 点到点隧道协议,是VPN协议中的一种. 一.CentOS 6.2 下 PPTP VPN 服务器安装 1.安装 ...

  9. ubuntun pptpd

    apt-get install pptpd 3.编辑pptpd.conf文件 vi /etc/pptpd.conf 取消注释下面内容 option /etc/ppp/pptpd-options loc ...

随机推荐

  1. Android中的AlertDialog使用示例四(多项选择确定对话框)

    在Android开发中,我们经常会需要在Android界面上弹出一些对话框,比如询问用户或者让用户选择.这些功能我们叫它Android Dialog对话框,AlertDialog实现方法为建造者模式. ...

  2. Android开发的小技巧,在Android Studio中使用Designtime Layout Attributes

    在编写xml文件时,为了预览效果,经常会使用默认填上一些内容,比如TextView时,随便写上一个text <TextView ... android:text="Name:" ...

  3. android:使用RemoteView自定义Notification

    //网上相关内容较少,遂记录下来,备忘. //依然以音乐播放器demo为例. 效果截图 //锤子手机上的效果 step1 准备自定义layout 常规的实现方式,并不会因为是用于notificatio ...

  4. Unix Linux 通用vi命令,使用帮助手册【珍藏版】

    Vi 简介 Vi 是 Unix 世界里极为普遍的全萤幕文书编辑器,几乎可以说任何一台 Unix 机器都会提供这套软体.Linux 当然也有,它的 vi 其实是 elvis(版权问题),不过它们都差不多 ...

  5. Win7 安装SQL SERVER 2012需要SP1补丁

    在操作系统Win7上安装SQL Server 2012时,报如下错误: 也就是说SQL Server 2012如要要安装在Windows 7 上,则至少需要安装SP1补丁.否则就会弹出上面提示信息.关 ...

  6. SQL Server性能调优系列

    这是关于SQL Server调优系列文章,以下内容基本涵盖我们日常中所写的查询运算的分解以及调优内容项,皆为原创........ 第一个基础模块注重基础内容的掌握,共分7篇文章完成,内容涵盖一系列基础 ...

  7. Xcode 6、7 打包

    从 Xcode 6 开始,打包需要开发者帐号添加到授权帐号列表里. 现实情况是作为公司开发工作者,很少能获此殊荣. 解决之道: 用 Xcode 6/7 照常打包,生成 *.xcarchive 文件,然 ...

  8. nginx下配置404错误页面

    1.创建自己的404.html页面,并放于网站根目录. 2.更改nginx.conf在http定义区域加入: fastcgi_intercept_errors on; 3.更改nginx.conf(或 ...

  9. Apache2.4部署django出现403 Forbidden错误解决办法

    前言:Apache2.4部署django出现403 Forbidden错误最好要结合apache中的错误日志来观察出现何种错误导致出现403错误 下午百度了一下午没找到解决办法,试了n种方法,简直坑爹 ...

  10. 报表软件JS开发引用HTML DOM的windows对象

    HTML DOM是W3C标准(是HTML文档对象模型的英文缩写,Document Object Model for HTML). HTML DOM定义了用于HTML的一些列标准的对象,以及访问和处理H ...