diff options
| author | Ermal Luçi <eri@pfsense.org> | 2010-02-05 21:32:53 +0000 |
|---|---|---|
| committer | Ermal Luçi <eri@pfsense.org> | 2010-02-05 21:33:35 +0000 |
| commit | 691fbf14b966d584a4af9ee2195a0eeb002e1855 (patch) | |
| tree | b799ef2a140c7b1af5fca772ea0bcf14940b3097 /etc/inc/openvpn.inc | |
| parent | c1613ade8b27b5709c71ff558de4553cdfbced81 (diff) | |
| download | pfsense-691fbf14b966d584a4af9ee2195a0eeb002e1855.zip pfsense-691fbf14b966d584a4af9ee2195a0eeb002e1855.tar.gz | |
Feature #248. Ticket #248. Merge patch from Antonio No to add tap device type to OpenVPN.
Diffstat (limited to 'etc/inc/openvpn.inc')
| -rw-r--r-- | etc/inc/openvpn.inc | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index a9282c9..b41b551 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -52,6 +52,8 @@ require_once('pfsense-utils.inc'); $openvpn_prots = array("UDP", "TCP"); +$openvpn_dev_mode = array("tun", "tap"); + /* * The User Auth mode below is disabled because * OpenVPN erroneously requires that we provide @@ -246,7 +248,7 @@ function openvpn_add_custom(& $settings, & $conf) { } } -function openvpn_add_keyfile(& $data, & $conf, $mode_id, $directive) { +function openvpn_add_keyfile(& $data, & $conf, $mode_id, $directive, $opt = "") { global $g; $fpath = $g['varetc_path']."/openvpn/{$mode_id}.{$directive}"; @@ -254,7 +256,7 @@ function openvpn_add_keyfile(& $data, & $conf, $mode_id, $directive) { chown($fpath, 'nobody'); chgrp($fpath, 'nobody'); - $conf .= "{$directive} {$fpath}\n"; + $conf .= "{$directive} {$fpath} {$opt}\n"; } function openvpn_reconfigure($mode,& $settings) { @@ -274,7 +276,13 @@ function openvpn_reconfigure($mode,& $settings) { $vpnid = $settings['vpnid']; $mode_id = $mode.$vpnid; - $tunname = "tun{$vpnid}"; + if (isset($settings['dev_mode'])) + $tunname = "{$settings['dev_mode']}{$vpnid}"; + else { /* defaults to tun */ + $tunname = "tun{$vpnid}"; + $settings['dev_mode'] = "tun"; + } + if ($mode == "server") $devname = "ovpns{$vpnid}"; else @@ -313,7 +321,7 @@ function openvpn_reconfigure($mode,& $settings) { } $conf = "dev {$devname}\n"; - $conf .= "dev-type tun\n"; + $conf .= "dev-type {$settings['dev_mode']}\n"; $conf .= "dev-node /dev/{$tunname}\n"; $conf .= "writepid {$pfile}\n"; $conf .= "#user nobody\n"; @@ -465,7 +473,7 @@ function openvpn_reconfigure($mode,& $settings) { if ($settings['crl']) openvpn_add_keyfile($settings['crl'], $conf, $mode_id, "crl-verify"); if ($settings['tls']) - openvpn_add_keyfile($settings['tls'], $conf, $mode_id, "tls-auth"); + openvpn_add_keyfile($settings['tls'], $conf, $mode_id, "tls-auth", $settings['mode'] == "server_tls" ? "0" : "1"); break; } |
