From bdf440615cc152b1e0b7602464f9f166853acd5a Mon Sep 17 00:00:00 2001
From: Geos <1248414+G-eos@users.noreply.github.com>
Date: Sun, 8 Mar 2020 13:48:27 +0100
Subject: [PATCH 01/15] Parameter/NetworName/MoreInfo     Move parameter
 outside of scripts for easier confidenciality.     Add network name in email
 title to differenciate VPNs     Add information at latest disconnection to
 see duration and volume of data

---
 vpn-notifications/README.md                   | 36 ++++++++++++++++++-
 vpn-notifications/config-vpn-notifications.sh | 11 ++----
 .../notify-on-vpn-state-change.sh             | 24 +++++++++----
 3 files changed, 54 insertions(+), 17 deletions(-)

diff --git a/vpn-notifications/README.md b/vpn-notifications/README.md
index 35185a6..6e970a9 100644
--- a/vpn-notifications/README.md
+++ b/vpn-notifications/README.md
@@ -5,9 +5,29 @@
 The set of scripts in this directory will poll the USG's VPN connection list every minute and report any VPN connectivity changes.
 
 # Installation
-- Modify the settings at the top of both `config-vpn-notifications.sh` and `notify-on-vpn-state-change.sh`
+- Create a file parameter.env with the following content
+```
+# This script goes in /config/scripts/post-config.d
+
+# Variables you'll need to change config-vpn-notifications.sh
+HostName='myroutershostname.somedomain.local'  # Hostname of your USG
+RouterUser='admin'  # Default username for your USG
+MailServer='smtp.gmail.com'  # SMTP Server
+MailPort='587'  # SMTP Server Port
+EmailAddress='example.user@gmail.com'  # E-mail address to send as
+AuthUser='example.user'  # SMTP Username
+Password='SomeP@ssword12345'  # SMTP Password
+
+
+# Variables you'll need to change for notify-on-vpn-state-change.sh
+IPSegment='10.0'  # The IP address segment your VPN is located on (i.e. '10.0.' or '192.168.1.')
+DestinationEmail='user@example.com'  # Where to send e-mails to
+ClientsName='StringToDifferenciatNetworks'
+```
+
 - Push the scripts to your USG via `scp`, replacing the username and ip address with your own:
 ```
+scp parameter.env admin@192.168.0.1:/config/scripts/post-config.d/
 scp config-vpn-notifications.sh admin@192.168.0.1:/config/scripts/post-config.d/
 scp notify-on-vpn-state-change.sh admin@192.168.0.1:/config/scripts/post-config.d/
 ```
@@ -48,12 +68,17 @@ Subject: VPN activity detected
     VPN connection activity was detected on your network:
 
     Active remote access VPN sessions:
+     ---- Current active connection ----
 
 User       Time      Proto Iface   Remote IP       TX pkt/byte   RX pkt/byte  
 ---------- --------- ----- -----   --------------- ------ ------ ------ ------
 some.user  00h00m12s L2TP  l2tp0   10.0.0.1           56  11.6K     70   8.3K
 
 Total sessions: 1
+
+    ---- Previous status 1 min ago ----
+
+    No active remote access VPN sessions
 ```
 
 When the last user has disconnected:
@@ -65,5 +90,14 @@ Subject: VPN activity detected
 
     VPN connection activity was detected on your network:
 
+     ---- Current active connection ----
+
     No active remote access VPN sessions
+
+    ---- Previous status 1 min ago ----
+
+User       Time      Proto Iface   Remote IP       TX pkt/byte   RX pkt/byte  
+---------- --------- ----- -----   --------------- ------ ------ ------ ------
+some.user  01h00m12s L2TP  l2tp0   10.0.0.1          156  11.6G     90   8.3M
+
 ```
diff --git a/vpn-notifications/config-vpn-notifications.sh b/vpn-notifications/config-vpn-notifications.sh
index 9e7da9b..764a87f 100644
--- a/vpn-notifications/config-vpn-notifications.sh
+++ b/vpn-notifications/config-vpn-notifications.sh
@@ -1,15 +1,8 @@
 #!/bin/vbash
 # This script goes in /config/scripts/post-config.d
 
-# Variables you'll need to change
-HostName='myroutershostname.somedomain.local'  # Hostname of your USG
-RouterUser='admin'  # Default username for your USG
-MailServer='smtp.gmail.com'  # SMTP Server
-MailPort='587'  # SMTP Server Port
-EmailAddress='example.user@gmail.com'  # E-mail address to send as
-AuthUser='example.user'  # SMTP Username
-Password='SomeP@ssword12345'  # SMTP Password
-
+# Variables you'll need to change are in parameter.env
+source parameter.env
 
 #################################################################################
 ### Don't change anything beyond this point unless you know what you're doing ###
diff --git a/vpn-notifications/notify-on-vpn-state-change.sh b/vpn-notifications/notify-on-vpn-state-change.sh
index 7474648..16993a5 100644
--- a/vpn-notifications/notify-on-vpn-state-change.sh
+++ b/vpn-notifications/notify-on-vpn-state-change.sh
@@ -1,10 +1,8 @@
 #!/bin/vbash
 # This script goes in /config/scripts/post-config.d
 
-# Variables you'll need to change
-IPSegment='10.0.'  # The IP address segment your VPN is located on (i.e. '10.0.' or '192.168.1.')
-DestinationEmail='user@example.com'  # Where to send e-mails to
-
+# Variables you'll need to change are in parameter.env
+source parameter.env
 
 #################################################################################
 ### Don't change anything beyond this point unless you know what you're doing ###
@@ -18,6 +16,9 @@ run=/opt/vyatta/bin/vyatta-op-cmd-wrapper
 touch /tmp/temp.vpnconnections
 touch /tmp/temp.vpnconnections2
 
+touch /tmp/temp.vpnfulllist
+touch /tmp/temp.vpnfulllist2
+
 # Grab the full list of VPN connections
 $run show vpn remote-access > /tmp/temp.vpnfulllist
 
@@ -30,13 +31,20 @@ then
     echo "VPN Activity detected!  Sending e-mail..."
 
     # Someone connected to/disconnected from the VPN!  Send an e-mail notification
-    connInfo=$(</tmp/temp.vpnfulllist)
+    connInfo="$(</tmp/temp.vpnfulllist)"
+    connInfo2="$(</tmp/temp.vpnfulllist2)"
 
-    echo "Subject: VPN activity detected
+    echo "Subject: VPN activity detected on $ClientsName's network!
 
     VPN connection activity was detected on your network:
+    ---- Current active connection ----
 
     $connInfo
+
+    ---- Previous status 1 min ago ----
+
+    $connInfo2
+
     " > /tmp/temp.vpnemail
 
     /usr/sbin/ssmtp $DestinationEmail < /tmp/temp.vpnemail
@@ -45,4 +53,6 @@ then
 
     # Back up this run so we can compare later
     cp /tmp/temp.vpnconnections /tmp/temp.vpnconnections2
-fi
\ No newline at end of file
+fi
+# Back up this run to use it later for stat
+cp /tmp/temp.vpnfulllist /tmp/temp.vpnfulllist2

From 163a2ef9989442efb7beeddd3c6a7bc78e35e5de Mon Sep 17 00:00:00 2001
From: Geos <1248414+G-eos@users.noreply.github.com>
Date: Sun, 8 Mar 2020 21:02:04 +0100
Subject: [PATCH 02/15] Fix path for source env.

---
 vpn-notifications/config-vpn-notifications.sh   | 2 +-
 vpn-notifications/notify-on-vpn-state-change.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/vpn-notifications/config-vpn-notifications.sh b/vpn-notifications/config-vpn-notifications.sh
index 764a87f..d66ff19 100644
--- a/vpn-notifications/config-vpn-notifications.sh
+++ b/vpn-notifications/config-vpn-notifications.sh
@@ -2,7 +2,7 @@
 # This script goes in /config/scripts/post-config.d
 
 # Variables you'll need to change are in parameter.env
-source parameter.env
+source /config/scripts/post-config.d/parameter.env
 
 #################################################################################
 ### Don't change anything beyond this point unless you know what you're doing ###
diff --git a/vpn-notifications/notify-on-vpn-state-change.sh b/vpn-notifications/notify-on-vpn-state-change.sh
index 16993a5..145a64f 100644
--- a/vpn-notifications/notify-on-vpn-state-change.sh
+++ b/vpn-notifications/notify-on-vpn-state-change.sh
@@ -2,7 +2,7 @@
 # This script goes in /config/scripts/post-config.d
 
 # Variables you'll need to change are in parameter.env
-source parameter.env
+source /config/scripts/post-config.d/parameter.env
 
 #################################################################################
 ### Don't change anything beyond this point unless you know what you're doing ###

From 5aa54edc8288049c1d9e4559481b636069684e3d Mon Sep 17 00:00:00 2001
From: Geos <1248414+G-eos@users.noreply.github.com>
Date: Sun, 8 Mar 2020 21:34:40 +0100
Subject: [PATCH 03/15] Add bad login trial notification

---
 .../notify-on-vpn-state-change.sh             |  4 ++
 vpn-notifications/search-login-trial.sh       | 45 +++++++++++++++++++
 2 files changed, 49 insertions(+)
 create mode 100755 vpn-notifications/search-login-trial.sh

diff --git a/vpn-notifications/notify-on-vpn-state-change.sh b/vpn-notifications/notify-on-vpn-state-change.sh
index 145a64f..399fb39 100644
--- a/vpn-notifications/notify-on-vpn-state-change.sh
+++ b/vpn-notifications/notify-on-vpn-state-change.sh
@@ -56,3 +56,7 @@ then
 fi
 # Back up this run to use it later for stat
 cp /tmp/temp.vpnfulllist /tmp/temp.vpnfulllist2
+
+# Call bad login
+source /config/scripts/post-config.d/search-login-trial.sh
+
diff --git a/vpn-notifications/search-login-trial.sh b/vpn-notifications/search-login-trial.sh
new file mode 100755
index 0000000..214cd10
--- /dev/null
+++ b/vpn-notifications/search-login-trial.sh
@@ -0,0 +1,45 @@
+#!/bin/vbash
+# This script goes in /config/scripts/post-config.d
+
+# Variables you'll need to change are in parameter.env
+source /config/scripts/post-config.d/parameter.env
+
+#################################################################################
+### Don't change anything beyond this point unless you know what you're doing ###
+#################################################################################
+
+# Include some of the vyatta commands we'll need
+source /opt/vyatta/etc/functions/script-template
+run=/opt/vyatta/bin/vyatta-op-cmd-wrapper
+
+# Init the temp files
+touch /tmp/temp.vpnpeer
+touch /tmp/temp.vpnpeer2
+
+# Grab the list of vpn login trial without success  of VPN connections
+# Limit to 1000 line to ensure not flood  /tmp filesystem
+grep Peer /var/log/messages* | head -n 1000 > /tmp/temp.vpnpeer
+
+# Check if they differ from the last time we checked
+if ! cmp -s /tmp/temp.vpnpeer /tmp/temp.vpnpeer2
+then
+    echo "WARNING: VPN Activity detected!  Sending e-mail..."
+
+    # Someone try to connect without success
+    connInfo="$(</tmp/temp.vpnpeer)"
+
+    echo "Subject: WARNING VPN activity login without success detected on $ClientsName's network!
+
+    VPN connection trial without sucess was detected on your network:
+
+    $connInfo
+
+    " > /tmp/temp.vpnpeeremail
+
+    /usr/sbin/ssmtp $DestinationEmail < /tmp/temp.vpnpeeremail
+
+    echo "Done!"
+
+    # Back up this run so we can compare later
+    cp /tmp/temp.vpnpeer /tmp/temp.vpnpeer2
+fi

From 3ffae6d25f8f7f4b230bcae89263bb9be5e32889 Mon Sep 17 00:00:00 2001
From: G-eos <1248414+G-eos@users.noreply.github.com>
Date: Sat, 21 Mar 2020 13:17:48 +0100
Subject: [PATCH 04/15] Create blank.yml

try shellcheck
---
 .github/workflows/blank.yml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 .github/workflows/blank.yml

diff --git a/.github/workflows/blank.yml b/.github/workflows/blank.yml
new file mode 100644
index 0000000..7d8b605
--- /dev/null
+++ b/.github/workflows/blank.yml
@@ -0,0 +1,36 @@
+# This is a basic workflow to help you get started with Actions
+
+name: CI
+
+# Controls when the action will run. Triggers the workflow on push or pull request 
+# events but only for the master branch
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  build:
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+    - uses: actions/checkout@v2
+
+    # Runs a single command using the runners shell
+    - name: Run a one-line script
+      run: echo Hello, world!
+
+    # Runs a set of commands using the runners shell
+    - name: Run a multi-line script
+      run: |
+        echo Add other actions to build,
+        echo test, and deploy your project.
+    - script:
+    # Fail if any of these files have warnings
+      - shellcheck vpn-notifications/*.sh

From a4e4ad4338da0798648235a7e0dfee8e0ed36350 Mon Sep 17 00:00:00 2001
From: G-eos <1248414+G-eos@users.noreply.github.com>
Date: Sat, 21 Mar 2020 13:30:20 +0100
Subject: [PATCH 05/15] Delete blank.yml

---
 .github/workflows/blank.yml | 36 ------------------------------------
 1 file changed, 36 deletions(-)
 delete mode 100644 .github/workflows/blank.yml

diff --git a/.github/workflows/blank.yml b/.github/workflows/blank.yml
deleted file mode 100644
index 7d8b605..0000000
--- a/.github/workflows/blank.yml
+++ /dev/null
@@ -1,36 +0,0 @@
-# This is a basic workflow to help you get started with Actions
-
-name: CI
-
-# Controls when the action will run. Triggers the workflow on push or pull request 
-# events but only for the master branch
-on:
-  push:
-    branches: [ master ]
-  pull_request:
-    branches: [ master ]
-
-# A workflow run is made up of one or more jobs that can run sequentially or in parallel
-jobs:
-  # This workflow contains a single job called "build"
-  build:
-    # The type of runner that the job will run on
-    runs-on: ubuntu-latest
-
-    # Steps represent a sequence of tasks that will be executed as part of the job
-    steps:
-    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-    - uses: actions/checkout@v2
-
-    # Runs a single command using the runners shell
-    - name: Run a one-line script
-      run: echo Hello, world!
-
-    # Runs a set of commands using the runners shell
-    - name: Run a multi-line script
-      run: |
-        echo Add other actions to build,
-        echo test, and deploy your project.
-    - script:
-    # Fail if any of these files have warnings
-      - shellcheck vpn-notifications/*.sh

From 7e35c0716bb073e48a501f53cf96e539345820dd Mon Sep 17 00:00:00 2001
From: G-eos <1248414+G-eos@users.noreply.github.com>
Date: Sat, 21 Mar 2020 13:31:29 +0100
Subject: [PATCH 06/15] Create .travis.yml

Add shellcheck
---
 .travis.yml | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 .travis.yml

diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..1726f9c
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,3 @@
+script:
+  # Fail if any of these files have warnings
+  - shellcheck vpn-notifications/*.sh

From d06b8fe2525928741b8b498c14cac17369d2d2f4 Mon Sep 17 00:00:00 2001
From: G-eos <1248414+G-eos@users.noreply.github.com>
Date: Sat, 21 Mar 2020 13:37:03 +0100
Subject: [PATCH 07/15] Update .travis.yml

---
 .travis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index 1726f9c..bcae99f 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,3 +1,3 @@
 script:
   # Fail if any of these files have warnings
-  - shellcheck vpn-notifications/*.sh
+  - shellcheck -x vpn-notifications/parameter.env vpn-notifications/*.sh

From 4534e72cea3eb1070eac344b7a2934bdabace59c Mon Sep 17 00:00:00 2001
From: G-eos <1248414+G-eos@users.noreply.github.com>
Date: Sat, 21 Mar 2020 13:37:42 +0100
Subject: [PATCH 08/15] Create parameter.env

---
 vpn-notifications/parameter.env | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 vpn-notifications/parameter.env

diff --git a/vpn-notifications/parameter.env b/vpn-notifications/parameter.env
new file mode 100644
index 0000000..66bf9ff
--- /dev/null
+++ b/vpn-notifications/parameter.env
@@ -0,0 +1,14 @@
+# Variables you'll need to change config-vpn-notifications.sh
+HostName='myroutershostname.somedomain.local'  # Hostname of your USG
+RouterUser='admin'  # Default username for your USG
+MailServer='smtp.gmail.com'  # SMTP Server
+MailPort='587'  # SMTP Server Port
+EmailAddress='example.user@gmail.com'  # E-mail address to send as
+AuthUser='example.user'  # SMTP Username
+Password='SomeP@ssword12345'  # SMTP Password
+
+
+# Variables you'll need to change for notify-on-vpn-state-change.sh
+IPSegment='10.0'  # The IP address segment your VPN is located on (i.e. '10.0.' or '192.168.1.')
+DestinationEmail='user@example.com'  # Where to send e-mails to
+ClientsName='StringToDifferenciatNetworks'

From 84f9f15164aa3671e0fe9dc764eba91905d53bb6 Mon Sep 17 00:00:00 2001
From: G-eos <1248414+G-eos@users.noreply.github.com>
Date: Sun, 22 Mar 2020 18:18:04 +0100
Subject: [PATCH 09/15] Update .travis.yml

---
 .travis.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index bcae99f..09a14b2 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,3 +1,4 @@
 script:
-  # Fail if any of these files have warnings
-  - shellcheck -x vpn-notifications/parameter.env vpn-notifications/*.sh
+  # Fail if any of these files have warnings.
+  # use bash even if in ubnt USG vbash is used
+  - shellcheck --shell=bash -x vpn-notifications/parameter.env vpn-notifications/*.sh

From f4f6af31ba5b0460ec6cf3a811b712a6b4997fdb Mon Sep 17 00:00:00 2001
From: Geos <1248414+G-eos@users.noreply.github.com>
Date: Sun, 22 Mar 2020 18:23:14 +0100
Subject: [PATCH 10/15] Prepare for cron configured by gateway.json

Move SSMTP config into cron ran file through cheking that SSMTP files are available.
---
 vpn-notifications/config-vpn-notifications.sh | 42 ---------------
 .../notify-on-vpn-state-change.sh             | 53 +++++++++++++++++++
 2 files changed, 53 insertions(+), 42 deletions(-)

diff --git a/vpn-notifications/config-vpn-notifications.sh b/vpn-notifications/config-vpn-notifications.sh
index d66ff19..6732128 100644
--- a/vpn-notifications/config-vpn-notifications.sh
+++ b/vpn-notifications/config-vpn-notifications.sh
@@ -12,48 +12,6 @@ source /config/scripts/post-config.d/parameter.env
 source /opt/vyatta/etc/functions/script-template
 readonly logFile="/var/log/config-smtp.log"
 
-# Write aliases config
-cat > /etc/ssmtp/revaliases <<EOF
-# sSMTP aliases
-# 
-# Format:	local_account:outgoing_address:mailhub
-#
-# Example: root:your_login@your.domain:mailhub.your.domain[:port]
-# where [:port] is an optional port number that defaults to 25.
-root:$EmailAddress:$MailServer:$MailPort
-$RouterUser:$EmailAddress:$MailServer:$MailPort
-www-data:$EmailAddress:$MailServer:$MailPort
-EOF
-
-# Write SMTP config
-cat > /etc/ssmtp/ssmtp.conf <<EOF
-#
-# Config file for sSMTP sendmail
-#
-# The person who gets all mail for userids < 1000
-# Make this empty to disable rewriting.
-root=$EmailAddress
-
-# The place where the mail goes. The actual machine name is required no 
-# MX records are consulted. Commonly mailhosts are named mail.domain.com
-mailhub=$MailServer:$MailPort
-
-AuthUser=$AuthUser
-AuthPass=$Password
-UseSTARTTLS=YES
-
-# Where will the mail seem to come from?
-rewriteDomain=
-
-# The full hostname
-hostname=$HostName
-
-# Are users allowed to set their own From: address?
-# YES - Allow the user to specify their own From: address
-# NO - Use the system generated From: address
-FromLineOverride=YES
-EOF
-
 # Add a scheduled task to send the e-mails every minute
 configure
 set system task-scheduler task check-vpn-connections executable path "/config/scripts/post-config.d/notify-on-vpn-state-change.sh"
diff --git a/vpn-notifications/notify-on-vpn-state-change.sh b/vpn-notifications/notify-on-vpn-state-change.sh
index 399fb39..e5c60a6 100644
--- a/vpn-notifications/notify-on-vpn-state-change.sh
+++ b/vpn-notifications/notify-on-vpn-state-change.sh
@@ -12,6 +12,59 @@ source /config/scripts/post-config.d/parameter.env
 source /opt/vyatta/etc/functions/script-template
 run=/opt/vyatta/bin/vyatta-op-cmd-wrapper
 
+
+# Verify and prepare SSMTP configuration
+if [ ! -f "/etc/ssmtp/revaliases" ]; 
+then
+# Write aliases config
+cat > /etc/ssmtp/revaliases <<EOF
+# sSMTP aliases
+# 
+# Format:       local_account:outgoing_address:mailhub
+#
+# Example: root:your_login@your.domain:mailhub.your.domain[:port]
+# where [:port] is an optional port number that defaults to 25.
+root:$EmailAddress:$MailServer:$MailPort
+$RouterUser:$EmailAddress:$MailServer:$MailPort
+www-data:$EmailAddress:$MailServer:$MailPort
+EOF
+
+fi
+
+if [ ! -f "/etc/ssmtp/ssmtp.conf" ];
+then
+
+# Write SMTP config
+cat > /etc/ssmtp/ssmtp.conf <<EOF
+#
+# Config file for sSMTP sendmail
+#
+# The person who gets all mail for userids < 1000
+# Make this empty to disable rewriting.
+root=$EmailAddress
+
+# The place where the mail goes. The actual machine name is required no 
+# MX records are consulted. Commonly mailhosts are named mail.domain.com
+mailhub=$MailServer:$MailPort
+
+AuthUser=$AuthUser
+AuthPass=$Password
+UseSTARTTLS=YES
+
+# Where will the mail seem to come from?
+rewriteDomain=
+
+# The full hostname
+hostname=$HostName
+
+# Are users allowed to set their own From: address?
+# YES - Allow the user to specify their own From: address
+# NO - Use the system generated From: address
+FromLineOverride=YES
+EOF
+
+fi	
+
 # Init the temp files
 touch /tmp/temp.vpnconnections
 touch /tmp/temp.vpnconnections2

From ab5c5acf1af2b72d22b748e316c2623743305444 Mon Sep 17 00:00:00 2001
From: Geos <1248414+G-eos@users.noreply.github.com>
Date: Sun, 22 Mar 2020 19:04:20 +0100
Subject: [PATCH 11/15] Clean up travais & spellcheck

It does not work well enough
---
 .travis.yml | 4 ----
 1 file changed, 4 deletions(-)
 delete mode 100644 .travis.yml

diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 09a14b2..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-script:
-  # Fail if any of these files have warnings.
-  # use bash even if in ubnt USG vbash is used
-  - shellcheck --shell=bash -x vpn-notifications/parameter.env vpn-notifications/*.sh

From ccc0c5c2bfae09f60090a01bc0a4afd0a7d0c999 Mon Sep 17 00:00:00 2001
From: Geos <1248414+G-eos@users.noreply.github.com>
Date: Sat, 4 Apr 2020 12:00:57 +0200
Subject: [PATCH 12/15] Fix ssmtp autoconfiguration if file already exist

---
 vpn-notifications/notify-on-vpn-state-change.sh | 17 +++++++++--------
 vpn-notifications/search-login-trial.sh         |  2 +-
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/vpn-notifications/notify-on-vpn-state-change.sh b/vpn-notifications/notify-on-vpn-state-change.sh
index e5c60a6..ce40f4e 100644
--- a/vpn-notifications/notify-on-vpn-state-change.sh
+++ b/vpn-notifications/notify-on-vpn-state-change.sh
@@ -13,10 +13,11 @@ source /opt/vyatta/etc/functions/script-template
 run=/opt/vyatta/bin/vyatta-op-cmd-wrapper
 
 
-# Verify and prepare SSMTP configuration
-if [ ! -f "/etc/ssmtp/revaliases" ]; 
+# Verify and prepare SSMTP configuration if necessary
+rev_search=$(grep ":$MailServer:$MailPort" "/etc/ssmtp/revaliases")
+if [ -z "$rev_search" ];
 then
-# Write aliases config
+# Write aliases config as config does not include what is expected
 cat > /etc/ssmtp/revaliases <<EOF
 # sSMTP aliases
 # 
@@ -31,10 +32,10 @@ EOF
 
 fi
 
-if [ ! -f "/etc/ssmtp/ssmtp.conf" ];
+ssmtp_search:=$(grep "mailhub=$MailServer:$MailPort" "/etc/ssmtp/ssmtp.conf")
+if [ -z "$ssmtp_search" ];
 then
-
-# Write SMTP config
+# Write SMTP config as ssmtp not configured
 cat > /etc/ssmtp/ssmtp.conf <<EOF
 #
 # Config file for sSMTP sendmail
@@ -76,7 +77,7 @@ touch /tmp/temp.vpnfulllist2
 $run show vpn remote-access > /tmp/temp.vpnfulllist
 
 # Parse out just the user and ip address
-cat /tmp/temp.vpnfulllist|grep $IPSegment|awk -F' ' '{printf "%s %s\n", $1, $5}' > /tmp/temp.vpnconnections
+grep "$IPSegment" /tmp/temp.vpnfulllist | awk -F' ' '{printf "%s %s\n", $1, $5}' > /tmp/temp.vpnconnections
 
 # Check if they differ from the last time we checked
 if ! cmp -s /tmp/temp.vpnconnections /tmp/temp.vpnconnections2
@@ -100,7 +101,7 @@ then
 
     " > /tmp/temp.vpnemail
 
-    /usr/sbin/ssmtp $DestinationEmail < /tmp/temp.vpnemail
+    /usr/sbin/ssmtp "$DestinationEmail" < /tmp/temp.vpnemail
 
     echo "Done!"
 
diff --git a/vpn-notifications/search-login-trial.sh b/vpn-notifications/search-login-trial.sh
index 214cd10..6be7f96 100755
--- a/vpn-notifications/search-login-trial.sh
+++ b/vpn-notifications/search-login-trial.sh
@@ -36,7 +36,7 @@ then
 
     " > /tmp/temp.vpnpeeremail
 
-    /usr/sbin/ssmtp $DestinationEmail < /tmp/temp.vpnpeeremail
+    /usr/sbin/ssmtp "$DestinationEmail" < /tmp/temp.vpnpeeremail
 
     echo "Done!"
 

From 55d3c28c42bb0919efa40954850f626e49c1c434 Mon Sep 17 00:00:00 2001
From: Geos <1248414+G-eos@users.noreply.github.com>
Date: Sat, 4 Apr 2020 12:37:50 +0200
Subject: [PATCH 13/15] Better manage log rotate.

---
 vpn-notifications/search-login-trial.sh | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/vpn-notifications/search-login-trial.sh b/vpn-notifications/search-login-trial.sh
index 6be7f96..9de91bd 100755
--- a/vpn-notifications/search-login-trial.sh
+++ b/vpn-notifications/search-login-trial.sh
@@ -16,13 +16,23 @@ run=/opt/vyatta/bin/vyatta-op-cmd-wrapper
 touch /tmp/temp.vpnpeer
 touch /tmp/temp.vpnpeer2
 
-# Grab the list of vpn login trial without success  of VPN connections
-# Limit to 1000 line to ensure not flood  /tmp filesystem
-grep Peer /var/log/messages* | head -n 1000 > /tmp/temp.vpnpeer
+# Grab the list of vpn login trial without success of VPN connections
+# Limit to 1000 line to ensure not flood /tmp filesystem
+# Remove /var/log/messages?? in order to avoid change when log rotate occurs :) and notif again
+# Filter only today trial to avoid notification several day later. Prefer notif sooner. 
+# Note: There is a short time window of a trials of login 1 min before 00:00 where it will not be
+# reported. The risk is very small as not lot of user/log cannot be tested during this time frame.
+# FIXME: A notification will occurs when log will disapear. This is better than not being notified
+today_filter="$(date | cut -d " " -f2-4)"
+grep Peer /var/log/messages* | head -n 1000 | cut -d':' -f2- | grep "$($today_filter)"> /tmp/temp.vpnpeer
 
 # Check if they differ from the last time we checked
 if ! cmp -s /tmp/temp.vpnpeer /tmp/temp.vpnpeer2
 then
+    #Filter empty file (no more connection found) and so avoid false notif (mitigate above FIXME).
+    if [ -s /tmp/temp.vpnpeer ];
+    then
+
     echo "WARNING: VPN Activity detected!  Sending e-mail..."
 
     # Someone try to connect without success
@@ -30,9 +40,9 @@ then
 
     echo "Subject: WARNING VPN activity login without success detected on $ClientsName's network!
 
-    VPN connection trial without sucess was detected on your network:
+VPN connection trial without sucess was detected on your network:
 
-    $connInfo
+$connInfo
 
     " > /tmp/temp.vpnpeeremail
 
@@ -40,6 +50,8 @@ then
 
     echo "Done!"
 
+    fi
     # Back up this run so we can compare later
     cp /tmp/temp.vpnpeer /tmp/temp.vpnpeer2
 fi
+

From 8d0993c675783d40bc30e6a7a799343a30485ff4 Mon Sep 17 00:00:00 2001
From: Geos <1248414+G-eos@users.noreply.github.com>
Date: Sat, 4 Apr 2020 12:53:06 +0200
Subject: [PATCH 14/15] Document CloudKey persistent to provisioning.

---
 vpn-notifications/README.md | 35 +++++++++++++++++++++++++++++++++--
 1 file changed, 33 insertions(+), 2 deletions(-)

diff --git a/vpn-notifications/README.md b/vpn-notifications/README.md
index 6e970a9..311c22f 100644
--- a/vpn-notifications/README.md
+++ b/vpn-notifications/README.md
@@ -25,13 +25,44 @@ DestinationEmail='user@example.com'  # Where to send e-mails to
 ClientsName='StringToDifferenciatNetworks'
 ```
 
+- To start the scripts two options:
+
+- Option1: Prefered which remain active when new provision occurs: In CloudKey
 - Push the scripts to your USG via `scp`, replacing the username and ip address with your own:
 ```
 scp parameter.env admin@192.168.0.1:/config/scripts/post-config.d/
 scp config-vpn-notifications.sh admin@192.168.0.1:/config/scripts/post-config.d/
 scp notify-on-vpn-state-change.sh admin@192.168.0.1:/config/scripts/post-config.d/
 ```
-- To start the scripts, you'll need to log in via SSH, change the scripts to executable, and execute `config-vpn-notifications.sh` for the first time via `sudo`.  After that, the script will be set up as a scheduled task, and will persist after reboots.  On upgrades, both scripts will be executed once the upgrade is complete, re-establishing the scheduled task:
+
+Follow to find where the gateway.json is in your CloudKey https://help.ubnt.com/hc/en-us/articles/215458888-UniFi-How-to-further-customize-USG-configuration-with-config-gateway-json 
+with the following content added to your gateway.json
+```{
+	"system": {
+		"task-scheduler": {
+			"task": {
+				"check-vpn-connections": {
+					"executable": {
+						"path": "/config/scripts/post-config.d/notify-on-vpn-state-change.sh"
+					},
+				"interval": "1m"
+				}
+			}
+		}
+	}
+}
+```
+Log into USG and render scripts executable.
+
+Option 2: By "hand"
+- Push the scripts to your USG via `scp`, replacing the username and ip address with your own:
+```
+scp parameter.env admin@192.168.0.1:/config/scripts/post-config.d/
+scp config-vpn-notifications.sh admin@192.168.0.1:/config/scripts/post-config.d/
+scp notify-on-vpn-state-change.sh admin@192.168.0.1:/config/scripts/post-config.d/
+scp config-vpn-notifications.sh admin@192.168.0.1:/config/scripts/post-config.d/
+```
+Then you'll need to log in via SSH, change the scripts to executable, and execute `config-vpn-notifications.sh` for the first time via `sudo`.  After that, the script will be set up as a scheduled task, and will persist after reboots.  On upgrades, both scripts will be executed once the upgrade is complete, re-establishing the scheduled task:
 ```
 cd /config/scripts/post-config.d
 chmod a+x config-vpn-notifications.sh
@@ -39,7 +70,7 @@ chmod a+x notify-on-vpn-state-change.sh
 sudo ./config-vpn-notifications.sh
 ```
 
-# Removal
+# Removal For option 2
 - Connect to the USG via SSH, and run the following commands:
 ```
 configure

From 7b6724a8ea972bfec299062bf583b1295b2d63c0 Mon Sep 17 00:00:00 2001
From: G-eos <1248414+G-eos@users.noreply.github.com>
Date: Sat, 4 Apr 2020 12:55:07 +0200
Subject: [PATCH 15/15] Update README.md

Better formating
---
 vpn-notifications/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/vpn-notifications/README.md b/vpn-notifications/README.md
index 311c22f..b958d13 100644
--- a/vpn-notifications/README.md
+++ b/vpn-notifications/README.md
@@ -27,7 +27,7 @@ ClientsName='StringToDifferenciatNetworks'
 
 - To start the scripts two options:
 
-- Option1: Prefered which remain active when new provision occurs: In CloudKey
+## Option1: Prefered which remain active when new provision occurs: In CloudKey
 - Push the scripts to your USG via `scp`, replacing the username and ip address with your own:
 ```
 scp parameter.env admin@192.168.0.1:/config/scripts/post-config.d/
@@ -54,7 +54,7 @@ with the following content added to your gateway.json
 ```
 Log into USG and render scripts executable.
 
-Option 2: By "hand"
+## Option 2: By "hand"
 - Push the scripts to your USG via `scp`, replacing the username and ip address with your own:
 ```
 scp parameter.env admin@192.168.0.1:/config/scripts/post-config.d/