Permit openvpn to use same port on different interfaces. It should fix #814

author: Renato Botelho <garga@FreeBSD.org> 2013-01-29 15:30:35 -0200
committer: Renato Botelho <garga@FreeBSD.org> 2013-01-29 15:30:35 -0200
commit: 49b76122af0846474f65eaf73e0e879e24fb554c (patch)
tree: fbbe81e53b550d12c485d1071a99e87f54aa1dac /etc
parent: d12ae2414c7e3bfd239699309ff571c716d070c9 (diff)
download: pfsense-49b76122af0846474f65eaf73e0e879e24fb554c.zip
pfsense-49b76122af0846474f65eaf73e0e879e24fb554c.tar.gz
1 files changed, 29 insertions, 11 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc
index 45a3ab4..0f3febc 100644
--- a/etc/inc/openvpn.inc
+++ b/etc/inc/openvpn.inc
@@ -137,28 +137,46 @@ function openvpn_vpnid_next() {
 	return $vpnid;
 }
 
-function openvpn_port_used($prot, $port) {
+function openvpn_port_used($prot, $interface, $port, $curvpnid = 0) {
 	global $config;
 
-	if (is_array($config['openvpn']['openvpn-server']))
-		foreach ($config['openvpn']['openvpn-server'] as & $settings)
-			if ($port == $settings['local_port'] &&
-				$prot == $settings['protocol'] && !isset($settings['disable']))
+	if (is_array($config['openvpn']['openvpn-server'])) {
+		foreach ($config['openvpn']['openvpn-server'] as & $settings) {
+			if (isset($settings['disable']))
+				continue;
+
+			if ($curvpnid != 0 && $curvpnid == $settings['vpnid'])
+				continue;
+
+			if ($port == $settings['local_port'] && $prot == $settings['protocol'] &&
+				($interface == $settings['interface'] || $interface == "any" || $settings['interface'] == "any"))
 				return $settings['vpnid'];
+		}
+	}
 
-	if (is_array($config['openvpn']['openvpn-client']))
-		foreach ($config['openvpn']['openvpn-client'] as & $settings)
-			if ($port == $settings['local_port'] &&
-				$prot == $settings['protocol'] && !isset($settings['disable']))
+	if (is_array($config['openvpn']['openvpn-client'])) {
+		foreach ($config['openvpn']['openvpn-client'] as & $settings) {
+			if (isset($settings['disable']))
+				continue;
+
+			if ($curvpnid != 0 && $curvpnid == $settings['vpnid'])
+				continue;
+
+			if ($port == $settings['local_port'] && $prot == $settings['protocol'] &&
+				($interface == $settings['interface'] || $interface == "any" || $settings['interface'] == "any"))
 				return $settings['vpnid'];
+		}
+	}
 
 	return 0;
 }
 
-function openvpn_port_next($prot) {
+function openvpn_port_next($prot, $interface = "wan") {
 
 	$port = 1194;
-	while(openvpn_port_used($prot, $port))
+	while(openvpn_port_used($prot, $interface, $port))
+		$port++;
+	while(openvpn_port_used($prot, "any", $port))
 		$port++;
 
 	return $port;
author	Renato Botelho <garga@FreeBSD.org>	2013-01-29 15:30:35 -0200
committer	Renato Botelho <garga@FreeBSD.org>	2013-01-29 15:30:35 -0200
commit	49b76122af0846474f65eaf73e0e879e24fb554c (patch)
tree	fbbe81e53b550d12c485d1071a99e87f54aa1dac /etc
parent	d12ae2414c7e3bfd239699309ff571c716d070c9 (diff)
download	pfsense-49b76122af0846474f65eaf73e0e879e24fb554c.zip pfsense-49b76122af0846474f65eaf73e0e879e24fb554c.tar.gz