summaryrefslogtreecommitdiffstats
path: root/etc/inc
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2012-12-04 12:08:55 -0500
committerjim-p <jimp@pfsense.org>2012-12-04 12:08:55 -0500
commit6714bbdc6573489a25e2b93eeb9e94e2251475b6 (patch)
tree7bd6b7ab484b2cb07976f7d14c648c3e83445918 /etc/inc
parent0a35ca7ccf198cfa6654ccc17741005a58cd6aee (diff)
downloadpfsense-6714bbdc6573489a25e2b93eeb9e94e2251475b6.zip
pfsense-6714bbdc6573489a25e2b93eeb9e94e2251475b6.tar.gz
Activate choices for UDP6 and TCP6 for OpenVPN. Make sure interface IP selection chooses the proper IP and sets the proper protocol string. May need some GUI input validation to prevent someone from selecting a *6 proto with an IPv4 VIP and vice versa.
Diffstat (limited to 'etc/inc')
-rw-r--r--etc/inc/openvpn.inc15
1 files changed, 9 insertions, 6 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc
index 43f9734..5536902 100644
--- a/etc/inc/openvpn.inc
+++ b/etc/inc/openvpn.inc
@@ -49,7 +49,7 @@ require_once("certs.inc");
require_once('pfsense-utils.inc');
require_once("auth.inc");
-$openvpn_prots = array("UDP", "TCP");
+$openvpn_prots = array("UDP", "UDP6", "TCP", "TCP6");
$openvpn_dev_mode = array("tun", "tap");
@@ -329,7 +329,9 @@ function openvpn_reconfigure($mode, $settings) {
}
$pfile = $g['varrun_path'] . "/openvpn_{$mode_id}.pid";
- $proto = ($settings['protocol'] == 'UDP' ? 'udp' : "tcp-{$mode}");
+ $proto = strtolower($settings['protocol']);
+ if (substr($settings['protocol'], 0, 3) == "TCP")
+ $proto = "{$proto}-{$mode}";
$dev_mode = $settings['dev_mode'];
$cipher = $settings['crypto'];
@@ -386,10 +388,11 @@ function openvpn_reconfigure($mode, $settings) {
}
}
- if (is_ipaddrv4($iface_ip)) {
- $conf .= "local {$iface_ip}\n";
- } elseif (is_ipaddrv6($iface_ipv6)) {
- $conf .= "local {$iface_ipv6}\n";
+ /* Determine the local IP to use - and make sure it matches with the selected protocol. */
+ if (is_ipaddrv4($iface_ip) && (stristr($settings['protocol'], "6") === false)) {
+ $conf .= "local {$iface_ip}\n";
+ } elseif (is_ipaddrv6($iface_ipv6) && (stristr($settings['protocol'], "6") !== false)) {
+ $conf .= "local {$iface_ipv6}\n";
}
if (openvpn_validate_engine($settings['engine']) && ($settings['engine'] != "none"))
OpenPOWER on IntegriCloud