summaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2013-01-15 12:08:43 -0500
committerjim-p <jimp@pfsense.org>2013-01-15 12:08:43 -0500
commitf26c1f794eec4c27f6626dfa4ef8effc01ebfa75 (patch)
tree9fe36da7801fcf519dc7e1f91c1e053b506f28ea /etc
parent4683015021e52c3fb3e617e97a1802e7317334b7 (diff)
downloadpfsense-f26c1f794eec4c27f6626dfa4ef8effc01ebfa75.zip
pfsense-f26c1f794eec4c27f6626dfa4ef8effc01ebfa75.tar.gz
Use functions to reduce code duplication; Add function to clear route to the interface IP before starting openvpn, otherwise the process cannot start. Ticket #2712
Diffstat (limited to 'etc')
-rw-r--r--etc/inc/openvpn.inc34
1 files changed, 28 insertions, 6 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc
index 305a983..4c2de84 100644
--- a/etc/inc/openvpn.inc
+++ b/etc/inc/openvpn.inc
@@ -399,9 +399,7 @@ function openvpn_reconfigure($mode, $settings) {
$conf .= "client-config-dir {$g['varetc_path']}/openvpn-csc\n";
}
case 'p2p_shared_key':
- $baselong = ip2long32($ip) & ip2long($mask);
- $ip1 = long2ip32($baselong + 1);
- $ip2 = long2ip32($baselong + 2);
+ list($ip1, $ip2) = openvpn_get_interface_ip($ip, $mask);
$conf .= "ifconfig $ip1 $ip2\n";
break;
case 'server_tls':
@@ -518,9 +516,7 @@ function openvpn_reconfigure($mode, $settings) {
if (!empty($settings['tunnel_network'])) {
list($ip, $mask) = explode('/', $settings['tunnel_network']);
$mask = gen_subnet_mask($mask);
- $baselong = ip2long32($ip) & ip2long($mask);
- $ip1 = long2ip32($baselong + 1);
- $ip2 = long2ip32($baselong + 2);
+ list($ip1, $ip2) = openvpn_get_interface_ip($ip, $mask);
$conf .= "ifconfig $ip2 $ip1\n";
}
@@ -631,6 +627,7 @@ function openvpn_restart($mode, $settings) {
/* start the new process */
$fpath = $g['varetc_path']."/openvpn/{$mode_id}.conf";
+ openvpn_clear_route($mode, $settings);
mwexec_bg("/usr/local/sbin/openvpn --config {$fpath}");
if (!$g['booting'])
@@ -1025,4 +1022,29 @@ function openvpn_refresh_crls() {
}
}
+function openvpn_get_interface_ip($ip, $mask) {
+ $baselong = ip2long32($ip) & ip2long($mask);
+ $ip1 = long2ip32($baselong + 1);
+ $ip2 = long2ip32($baselong + 2);
+ return array($ip1, $ip2);
+}
+
+function openvpn_clear_route($mode, $settings) {
+ if (empty($settings['tunnel_network']))
+ return;
+ list($ip, $cidr) = explode('/', $settings['tunnel_network']);
+ $mask = gen_subnet_mask($cidr);
+ switch($settings['mode']) {
+ case 'p2p_tls':
+ case 'p2p_shared_key':
+ case 'shared_key':
+ if (!empty($ip) && !empty($mask) && ($cidr == 30)) {
+ list($ip1, $ip2) = openvpn_get_interface_ip($ip, $mask);
+ $ip_to_clear = ($mode == "server") ? $ip1 : $ip2;
+ mwexec("/sbin/route -q delete {$ip_to_clear}");
+ }
+ break;
+ }
+}
+
?>
OpenPOWER on IntegriCloud