Permit openvpn to use same port on different interfaces. It should fix #814

author: Renato Botelho <garga@FreeBSD.org> 2013-01-29 15:30:35 -0200
committer: Renato Botelho <garga@FreeBSD.org> 2013-01-29 15:30:35 -0200
commit: 49b76122af0846474f65eaf73e0e879e24fb554c (patch)
tree: fbbe81e53b550d12c485d1071a99e87f54aa1dac
parent: d12ae2414c7e3bfd239699309ff571c716d070c9 (diff)
download: pfsense-49b76122af0846474f65eaf73e0e879e24fb554c.zip
pfsense-49b76122af0846474f65eaf73e0e879e24fb554c.tar.gz
4 files changed, 32 insertions, 14 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc
index 45a3ab4..0f3febc 100644
--- a/etc/inc/openvpn.inc
+++ b/etc/inc/openvpn.inc
@@ -137,28 +137,46 @@ function openvpn_vpnid_next() {
 	return $vpnid;
 }
 
-function openvpn_port_used($prot, $port) {
+function openvpn_port_used($prot, $interface, $port, $curvpnid = 0) {
 	global $config;
 
-	if (is_array($config['openvpn']['openvpn-server']))
-		foreach ($config['openvpn']['openvpn-server'] as & $settings)
-			if ($port == $settings['local_port'] &&
-				$prot == $settings['protocol'] && !isset($settings['disable']))
+	if (is_array($config['openvpn']['openvpn-server'])) {
+		foreach ($config['openvpn']['openvpn-server'] as & $settings) {
+			if (isset($settings['disable']))
+				continue;
+
+			if ($curvpnid != 0 && $curvpnid == $settings['vpnid'])
+				continue;
+
+			if ($port == $settings['local_port'] && $prot == $settings['protocol'] &&
+				($interface == $settings['interface'] || $interface == "any" || $settings['interface'] == "any"))
 				return $settings['vpnid'];
+		}
+	}
 
-	if (is_array($config['openvpn']['openvpn-client']))
-		foreach ($config['openvpn']['openvpn-client'] as & $settings)
-			if ($port == $settings['local_port'] &&
-				$prot == $settings['protocol'] && !isset($settings['disable']))
+	if (is_array($config['openvpn']['openvpn-client'])) {
+		foreach ($config['openvpn']['openvpn-client'] as & $settings) {
+			if (isset($settings['disable']))
+				continue;
+
+			if ($curvpnid != 0 && $curvpnid == $settings['vpnid'])
+				continue;
+
+			if ($port == $settings['local_port'] && $prot == $settings['protocol'] &&
+				($interface == $settings['interface'] || $interface == "any" || $settings['interface'] == "any"))
 				return $settings['vpnid'];
+		}
+	}
 
 	return 0;
 }
 
-function openvpn_port_next($prot) {
+function openvpn_port_next($prot, $interface = "wan") {
 
 	$port = 1194;
-	while(openvpn_port_used($prot, $port))
+	while(openvpn_port_used($prot, $interface, $port))
+		$port++;
+	while(openvpn_port_used($prot, "any", $port))
 		$port++;
 
 	return $port;
diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php
index 916b9fb..6452895 100644
--- a/usr/local/www/vpn_openvpn_client.php
+++ b/usr/local/www/vpn_openvpn_client.php
@@ -177,7 +177,7 @@ if ($_POST) {
 		if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port'))
 			$input_errors[] = $result;
 
-		$portused = openvpn_port_used($pconfig['protocol'], $pconfig['local_port']);
+		$portused = openvpn_port_used($pconfig['protocol'], $pconfig['interface'], $pconfig['local_port'], $vpnid);
 		if (($portused != $vpnid) && ($portused != 0))
 			$input_errors[] = gettext("The specified 'Local port' is in use. Please select another value");
 	}
diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php
index 6946270..10d6511 100644
--- a/usr/local/www/vpn_openvpn_server.php
+++ b/usr/local/www/vpn_openvpn_server.php
@@ -249,7 +249,7 @@ if ($_POST) {
 	if ($result = openvpn_validate_cidr($pconfig['local_networkv6'], 'IPv6 Local Network', true, "ipv6"))
 		$input_errors[] = $result;
 
-	$portused = openvpn_port_used($pconfig['protocol'], $pconfig['local_port']);
+	$portused = openvpn_port_used($pconfig['protocol'], $pconfig['interface'], $pconfig['local_port'], $vpnid);
 	if (($portused != $vpnid) && ($portused != 0))
 		$input_errors[] = gettext("The specified 'Local port' is in use. Please select another value");
 
diff --git a/usr/local/www/wizards/openvpn_wizard.inc b/usr/local/www/wizards/openvpn_wizard.inc
index 006ee32..86dec52 100644
--- a/usr/local/www/wizards/openvpn_wizard.inc
+++ b/usr/local/www/wizards/openvpn_wizard.inc
@@ -366,7 +366,7 @@ function step10_submitphpaction() {
 	if ($result = openvpn_validate_cidr($_POST['localnet'], 'Local Network', true, "ipv4"))
 		$input_errors[] = $result;
 
-	$portused = openvpn_port_used($_POST['protocol'], $_POST['localport']);
+	$portused = openvpn_port_used($_POST['protocol'], $_POST['interface'], $_POST['localport']);
 	if ($portused != 0)
 		$input_errors[] = "The specified 'Local port' is in use. Please select another value";
author	Renato Botelho <garga@FreeBSD.org>	2013-01-29 15:30:35 -0200
committer	Renato Botelho <garga@FreeBSD.org>	2013-01-29 15:30:35 -0200
commit	49b76122af0846474f65eaf73e0e879e24fb554c (patch)
tree	fbbe81e53b550d12c485d1071a99e87f54aa1dac
parent	d12ae2414c7e3bfd239699309ff571c716d070c9 (diff)
download	pfsense-49b76122af0846474f65eaf73e0e879e24fb554c.zip pfsense-49b76122af0846474f65eaf73e0e879e24fb554c.tar.gz