diff options
| author | Phil Davis <phil.davis@world.inf.org> | 2013-05-07 11:44:05 +0545 |
|---|---|---|
| committer | Phil Davis <phil.davis@world.inf.org> | 2013-05-07 11:44:05 +0545 |
| commit | 1f64b66bf01b279203dd143dac0120f987452a9d (patch) | |
| tree | 31f0929f640fcb2b114f91f8b568917fae2d342c /etc/rc.openvpn | |
| parent | be2a18bf57a8d4d5224e5a6043f06b10e4d018a7 (diff) | |
| download | pfsense-1f64b66bf01b279203dd143dac0120f987452a9d.zip pfsense-1f64b66bf01b279203dd143dac0120f987452a9d.tar.gz | |
Handle gateway argument to rc.opnvpn
Various fixups to make this work. Now I can:
- Unplug an interface, any OpenVPN servers/clients in a gateway group using that interface are restarted and come up on the highest tier available interface. OpenVPN servers/clients that are only on that interface go down, of course.
- Plug in the cable again, any OpenVPN servers/clients in a gateway group using that interface are restarted and come up on the now-highest tier available interface (i.e. they fail back if the interface that just came up is higher tier). OpenVPN servers/clients that are only on that interface now come up.
Diffstat (limited to 'etc/rc.openvpn')
| -rwxr-xr-x | etc/rc.openvpn | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/etc/rc.openvpn b/etc/rc.openvpn index 3f6af1f..f2a96e0 100755 --- a/etc/rc.openvpn +++ b/etc/rc.openvpn @@ -40,13 +40,17 @@ require_once("openvpn.inc"); /* make sure to wait until the boot scripts have finished */ if (file_exists("{$g['varrun_path']}/booting")) - return;; + return; $argument = trim($argv[1], " \n"); -if(isset($config['openvpn']['enable'])) - log_error("OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading."); -else +if(is_array($config['openvpn']['openvpn-server']) || is_array($config['openvpn']['openvpn-server'])) { + if (empty($argument) || $argument == "all") + $log_text = "all"; + else + $log_text = "endpoints that may use " . $argument; + log_error("OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading " . $log_text . "."); +} else return; $gwgroups = array(); @@ -54,23 +58,25 @@ $openvpnlck = lock('openvpn', LOCK_EX); if (empty($argument) || $argument == "all") $interface = ""; else { + // e.g. $argument = "WANGW", $interface = "wan" $interface = lookup_gateway_interface_by_name($argument); if (empty($interface)) $interface = $argument; else + // e.g. $argument = "WANGW", $gwgroups = array of gateway groups that use "wan" $gwgroups = gateway_is_gwgroup_member($argument); } if(is_array($config['openvpn']['openvpn-server'])) { foreach($config['openvpn']['openvpn-server'] as &$server) { - if ($server['interface'] == $interface || empty($interface) || (!empty($gwgroups) && in_array($argument, $gwgroups))) + if ($server['interface'] == $interface || empty($interface) || (!empty($gwgroups) && in_array($server['interface'], $gwgroups))) openvpn_resync('server', $server); } } if (is_array($config['openvpn']['openvpn-client'])) { foreach($config['openvpn']['openvpn-client'] as &$client) { - if ($client['interface'] == $interface || empty($interface) || (!empty($gwgroups) && in_array($argument, $gwgroups))) + if ($client['interface'] == $interface || empty($interface) || (!empty($gwgroups) && in_array($client['interface'], $gwgroups))) openvpn_resync('client', $client); } } |
