我有一台使用 PPPoE 连接到 WAN 的 FreeBSD 服务器。我成功地在此 PPPoE WAN 连接上设置了 L2TP 和 PPTP VPN。问题是 L2TP 需要调用“set lt2p self”子句来开始监听 udp/1701 端口,因此当 WAN PPPoE 会话重新建立时,我需要动态设置 L2TP 配置部分。我使用一个 expect 脚本来执行此操作,它连接到 mpd5 网络控制台并加载配置部分,并按如下方式执行:
set timeout 2
spawn telnet localhost 5005
expect -re "Username: " {
send myc00ll0g1n\r
exp_continue -continue_timer
}
expect -re "Password: " {
send myc00lpa$$\r
exp_continue -continue_timer
}
# destroying the knob
send "destroy link l2tplink\r"
expect ".+"
send "destroy bundle l2tpbundle\r"
expect ".+"
# loading the full knob:
send "create bundle template l2tpbundle\r"
expect ".+"
send "set iface idle 1800\r"
expect ".+"
send "set iface enable tcpmssfix\r"
expect ".+"
send "set iface group vpn\r"
expect ".+"
expect ".+"
send "set ipcp yes vjcomp\r"
expect ".+"
send "set ipcp ranges 192.168.58.1/32 ippool vpn-pool\r"
expect ".+"
send "set ipcp dns 192.168.57.254\r"
expect ".+"
send "set bundle enable compression\r"
expect ".+"
send "create link template l2tplink l2tp\r"
expect ".+"
send "set link action bundle l2tpbundle\r"
expect ".+"
send "set link enable multilink\r"
expect ".+"
send "set link yes acfcomp protocomp\r"
expect ".+"
send "set link no pap chap eap chap-md5 chap-msv1 chap-msv2\r"
expect ".+"
send "set link enable chap\r"
expect ".+"
send "set link enable pap\r"
expect ".+"
send "set link enable chap-md5\r"
expect ".+"
send "set link enable chap-msv1\r"
expect ".+"
send "set link enable chap-msv2\r"
expect ".+"
send "set link enable eap\r"
expect ".+"
send "set eap no md5 radius-proxy\r"
expect ".+"
send "set eap enable eap\r"
expect ".+"
send "set eap enable radius-proxy\r"
expect ".+"
send "set link keep-alive 10 60\r"
expect ".+"
send "set link mtu 1360\r"
expect ".+"
send "set link enable incoming\r"
expect ".+"
send "set l2tp self 384.656.768.272\r"
expect ".+"
send "set link max-children 50\r"
expect ".+"
send "set radius server 127.0.0.1 myc00lradiuspa$$\r"
expect ".+"
send "set radius retries 3\r"
expect ".+"
send "set radius timeout 3\r"
expect ".+"
send "set radius me 127.0.0.1\r"
expect ".+"
send "set auth acct-update 300\r"
expect ".+"
send "set auth enable radius-auth\r"
expect ".+"
当我通过 ssh 交互调用它时,它完全正常工作。因此,我将其添加到 中,set iface up-script <expect wrapper>
并且期望包装器像 一样调用它expect -f myscript.exp
。但是,当它在 PPPoE 连接重新建立时执行此操作时,我在 mpd.log 中收到以下一系列错误:
Mar 21 17:42:23 ronin mpd[37412]: [wan] IFACE: Up event
Mar 21 17:42:23 ronin mpd[37412]: CONSOLE: Connect
Mar 21 17:42:23 ronin mpd[37412]: CONSOLE: Allocated new console session 0x802000010 from 127.0.0.1
Mar 21 17:42:23 ronin mpd[37412]: CONSOLE: Failed login attempt from 127.0.0.1
Mar 21 17:42:23 ronin syslogd: last message repeated 34 times
Mar 21 17:42:23 ronin mpd[37412]: CONSOLE: Error while reading: Connection reset by peer
这绝对是我的期望脚本(因为它确实发送了大约 34 行命令)。为什么?为什么当我手动调用它时它可以工作,而当 mpd5 调用它时它却不行?好的,我知道当我调用它时它有一个控制终端,而当 mpd5 调用它时它没有,但这重要吗?我该如何解决这个问题?或者问题的根源是别的?