This may work on Leopard Server as well, but I haven't tested it. There are several brute-force VPN protocol attacks rampant on the internet, and they may leave your VPN service in an unusable state by flooding it with connection requests.
Read on for a solution…
The best answer to this is to turn off the built-in VPN service and use OpenVPN instead, but PPTP remains the de facto standard for VPN connections–there's probably a PPTP client for your refrigerator, for crying out loud. You want to reset the VPN service periodically in order to clear these connections, but you don't want to disconnect any valid VPN users in the process. This script does it for you. I set it up as a cron job to run every six hours or so, although once a day would probably suffice.
#!/bin/sh<br /> #<br /> # checkvpn.sh Jon Gardner 01 Jan 2009<br /> #<br /> # This script resets the VPN service to clear malware attack connections, but only if there<br /> # are no valid user connections in progress.<br /> #<br /> CONN=`/usr/sbin/serveradmin fullstatus vpn|grep CurrentConnections|grep pptp|cut -f2 -d'='`<br /> echo Active VPN connections: $CONN<br /> if [ `expr $CONN` -gt 0 ]<br /> then<br /> USERS=`/usr/sbin/serveradmin command vpn:command = getConnectedUsers | grep name | cut -f2 -d'='|sed -e"s/"//g"`<br /> if [ "$USERS" != "" ]<br /> then<br /> echo Active VPN users: $USERS<br /> else<br /> echo No authorized VPN users connected. Restarting VPN service...<br /> /usr/sbin/serveradmin stop vpn<br /> sleep 5<br /> /usr/sbin/serveradmin start vpn<br /> fi<br /> fi<br />