diff options
author | Seth Mos <seth.mos@dds.nl> | 2011-04-25 22:12:48 +0200 |
---|---|---|
committer | Seth Mos <seth.mos@dds.nl> | 2011-04-25 22:12:48 +0200 |
commit | 97ffc51364f0e5aead21a74155b46485a52b5c2c (patch) | |
tree | 85924194294fae5b8c21f83e8758fcc255b2853f /etc/inc/openvpn.inc | |
parent | b1ba04cf4a27f52d5c43eb23eeb7d3d359e69515 (diff) | |
download | pfsense-97ffc51364f0e5aead21a74155b46485a52b5c2c.zip pfsense-97ffc51364f0e5aead21a74155b46485a52b5c2c.tar.gz |
Add the ipv6 configuration options for routing ipv6 over the tunnel. Currently only a /64 is supported for the routed network, so use a /64 and then route the /56
Diffstat (limited to 'etc/inc/openvpn.inc')
-rw-r--r-- | etc/inc/openvpn.inc | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 56f6cf5..733705f 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -328,20 +328,31 @@ function openvpn_reconfigure($mode, $settings) { $interface = $settings['interface']; $ipaddr = $settings['ipaddr']; + $ipaddrv6 = $settings['ipaddrv6']; // If a specific ip address (VIP) is requested, use it. // Otherwise, if a specific interface is requested, use it // If "any" interface was selected, local directive will be ommited. - if (!empty($ipaddr)) { + if (is_ipaddrv4($ipaddr)) { $iface_ip=$ipaddr; + } elseif (is_ipaddrv6($ipaddrv6)) { + $iface_ipv6=$ipaddrv6; } else { if ((!empty($interface)) && (strcmp($interface, "any"))) { $iface_ip=get_interface_ip($interface); } + if ((!empty($interface)) && (strcmp($interface, "any"))) { + $iface_ipv6=get_interface_ipv6($interface); + } } $conf = "dev {$devname}\n"; $conf .= "dev-type {$settings['dev_mode']}\n"; + switch($settings['dev_mode']) { + case "tun": + $conf .= "tun-ipv6\n"; + break; + } $conf .= "dev-node /dev/{$tunname}\n"; $conf .= "writepid {$pfile}\n"; $conf .= "#user nobody\n"; @@ -357,9 +368,12 @@ function openvpn_reconfigure($mode, $settings) { $conf .= "up /usr/local/sbin/ovpn-linkup\n"; $conf .= "down /usr/local/sbin/ovpn-linkdown\n"; - if (!empty($iface_ip)) { + if (is_ipaddrv4($iface_ip)) { $conf .= "local {$iface_ip}\n"; } + if (is_ipaddrv6($iface_ipv6)) { + // $conf .= "local {$iface_ipv6}\n"; + } if (openvpn_validate_engine($settings['engine']) && ($settings['engine'] != "none")) $conf .= "engine {$settings['engine']}\n"; @@ -368,6 +382,7 @@ function openvpn_reconfigure($mode, $settings) { if ($mode == 'server') { list($ip, $mask) = explode('/', $settings['tunnel_network']); + list($ipv6, $prefix) = explode('/', $settings['tunnel_networkv6']); $mask = gen_subnet_mask($mask); // configure tls modes @@ -393,6 +408,8 @@ function openvpn_reconfigure($mode, $settings) { case 'server_user': case 'server_tls_user': $conf .= "server {$ip} {$mask}\n"; + if(is_ipaddr($ipv6)) + $conf .= "server-ipv6 {$ipv6}/{$prefix}\n"; $conf .= "client-config-dir {$g['varetc_path']}/openvpn-csc\n"; break; } |