summaryrefslogtreecommitdiffstats
path: root/etc/inc/openvpn.inc
diff options
context:
space:
mode:
authorSeth Mos <seth.mos@dds.nl>2011-04-25 22:12:48 +0200
committerSeth Mos <seth.mos@dds.nl>2011-04-25 22:12:48 +0200
commit97ffc51364f0e5aead21a74155b46485a52b5c2c (patch)
tree85924194294fae5b8c21f83e8758fcc255b2853f /etc/inc/openvpn.inc
parentb1ba04cf4a27f52d5c43eb23eeb7d3d359e69515 (diff)
downloadpfsense-97ffc51364f0e5aead21a74155b46485a52b5c2c.zip
pfsense-97ffc51364f0e5aead21a74155b46485a52b5c2c.tar.gz
Add the ipv6 configuration options for routing ipv6 over the tunnel. Currently only a /64 is supported for the routed network, so use a /64 and then route the /56
Diffstat (limited to 'etc/inc/openvpn.inc')
-rw-r--r--etc/inc/openvpn.inc21
1 files changed, 19 insertions, 2 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc
index 56f6cf5..733705f 100644
--- a/etc/inc/openvpn.inc
+++ b/etc/inc/openvpn.inc
@@ -328,20 +328,31 @@ function openvpn_reconfigure($mode, $settings) {
$interface = $settings['interface'];
$ipaddr = $settings['ipaddr'];
+ $ipaddrv6 = $settings['ipaddrv6'];
// If a specific ip address (VIP) is requested, use it.
// Otherwise, if a specific interface is requested, use it
// If "any" interface was selected, local directive will be ommited.
- if (!empty($ipaddr)) {
+ if (is_ipaddrv4($ipaddr)) {
$iface_ip=$ipaddr;
+ } elseif (is_ipaddrv6($ipaddrv6)) {
+ $iface_ipv6=$ipaddrv6;
} else {
if ((!empty($interface)) && (strcmp($interface, "any"))) {
$iface_ip=get_interface_ip($interface);
}
+ if ((!empty($interface)) && (strcmp($interface, "any"))) {
+ $iface_ipv6=get_interface_ipv6($interface);
+ }
}
$conf = "dev {$devname}\n";
$conf .= "dev-type {$settings['dev_mode']}\n";
+ switch($settings['dev_mode']) {
+ case "tun":
+ $conf .= "tun-ipv6\n";
+ break;
+ }
$conf .= "dev-node /dev/{$tunname}\n";
$conf .= "writepid {$pfile}\n";
$conf .= "#user nobody\n";
@@ -357,9 +368,12 @@ function openvpn_reconfigure($mode, $settings) {
$conf .= "up /usr/local/sbin/ovpn-linkup\n";
$conf .= "down /usr/local/sbin/ovpn-linkdown\n";
- if (!empty($iface_ip)) {
+ if (is_ipaddrv4($iface_ip)) {
$conf .= "local {$iface_ip}\n";
}
+ if (is_ipaddrv6($iface_ipv6)) {
+ // $conf .= "local {$iface_ipv6}\n";
+ }
if (openvpn_validate_engine($settings['engine']) && ($settings['engine'] != "none"))
$conf .= "engine {$settings['engine']}\n";
@@ -368,6 +382,7 @@ function openvpn_reconfigure($mode, $settings) {
if ($mode == 'server') {
list($ip, $mask) = explode('/', $settings['tunnel_network']);
+ list($ipv6, $prefix) = explode('/', $settings['tunnel_networkv6']);
$mask = gen_subnet_mask($mask);
// configure tls modes
@@ -393,6 +408,8 @@ function openvpn_reconfigure($mode, $settings) {
case 'server_user':
case 'server_tls_user':
$conf .= "server {$ip} {$mask}\n";
+ if(is_ipaddr($ipv6))
+ $conf .= "server-ipv6 {$ipv6}/{$prefix}\n";
$conf .= "client-config-dir {$g['varetc_path']}/openvpn-csc\n";
break;
}
OpenPOWER on IntegriCloud