Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | Since the OpenVPN management is done via unix socket and not tcp, we no ↵ | jim-p | 2010-09-09 | 1 | -3/+2 | |
| | | | | longer need to require the local_port be set in order to activate the daemon. | |||||
* | Use the new events mechanisms to dispatch events. | Ermal | 2010-09-07 | 1 | -1/+1 | |
| | ||||||
* | Ticket #826. Add more bandage to notice when a reading on socket timeouts. | Ermal | 2010-08-18 | 1 | -1/+13 | |
| | ||||||
* | Ticket #826. Convert to unix domain sockets for management interface so we ↵ | Ermal | 2010-08-18 | 1 | -6/+18 | |
| | | | | do not have problems when interface is any. | |||||
* | Ticket #826. Add timeout of 1 second for all read/write actions performed on ↵ | Ermal | 2010-08-18 | 1 | -1/+2 | |
| | | | | the socket. This should fix point 1) on the ticket. | |||||
* | Print a notice that OpenVPN status information is not available for shared ↵ | jim-p | 2010-08-16 | 1 | -0/+1 | |
| | | | | key servers. | |||||
* | End processing when we receive an ERROR line. Part of ticket #826 | jim-p | 2010-08-16 | 1 | -2/+2 | |
| | ||||||
* | Add OpenVPN none/null cipher. | jim-p | 2010-07-13 | 1 | -1/+1 | |
| | ||||||
* | Reorg this test a little, and make sure we only add client-to-client for ↵ | jim-p | 2010-06-30 | 1 | -4/+3 | |
| | | | | remote access types. | |||||
* | Various fixes to usage of ip2long, long2ip, and negated subnet masks, mostly ↵ | Erik Fonnesbeck | 2010-05-20 | 1 | -9/+9 | |
| | | | | affecting 64-bit. Ticket #459 | |||||
* | Revert "Allow the user to override OpenVPN interface name in custom options ↵ | jim-p | 2010-05-17 | 1 | -37/+21 | |
| | | | | | | (e.g. dev tap99 or dev tun99) and set related options appropriately. ticket #482 Item 2a/2b." - Revert for now, may cause more issues than it fixes. This reverts commit be58c36ded298a1cb7a0eac40cd2edd62908d882. | |||||
* | Allow the user to override OpenVPN interface name in custom options (e.g. ↵ | jim-p | 2010-05-17 | 1 | -21/+37 | |
| | | | | dev tap99 or dev tun99) and set related options appropriately. ticket #482 Item 2a/2b. | |||||
* | Add scpecific scripts for when ovpn goes up and down so we get neccessary ↵ | Ermal | 2010-05-07 | 1 | -2/+2 | |
| | | | | values for used in varius areas of pfSense. TODO is find out how to get DNS info form openvpn. | |||||
* | Add client-to-client to OpenVPN server config if the option is checked. ↵ | jim-p | 2010-05-06 | 1 | -0/+3 | |
| | | | | Resolves #572. | |||||
* | Use nobind for OVPN client when no local port and/or no local interface is ↵ | pierrepomes | 2010-04-29 | 1 | -3/+5 | |
| | | | | requested. Ticket #282 | |||||
* | Fix typo in comment | pierrepomes | 2010-04-27 | 1 | -1/+1 | |
| | ||||||
* | Move these functions to a more central location. Part of ticket #496 | jim-p | 2010-04-27 | 1 | -0/+163 | |
| | ||||||
* | Ticket #474. Properly check for disabled openvpn configs. | Ermal | 2010-04-27 | 1 | -3/+3 | |
| | ||||||
* | Ticket #449. Teach OpenVPN to reload only tunnels for the specified ↵ | Ermal | 2010-03-29 | 1 | -5/+13 | |
| | | | | interface. Use this is rc.newwanip script to reload only these tunnels. | |||||
* | Fix local and nobind for client settings | Ermal | 2010-03-12 | 1 | -1/+2 | |
| | ||||||
* | Ticket #413. Hanlde cases when no authentication is specified. | Ermal Luçi | 2010-03-10 | 1 | -12/+14 | |
| | ||||||
* | Ignore chmod errors for files that do not exist. | Ermal Luçi | 2010-03-04 | 1 | -5/+5 | |
| | ||||||
* | Add tls-auth to server even when authenticating in user/pass mode. | Ermal Luçi | 2010-03-03 | 1 | -12/+3 | |
| | ||||||
* | Do not include tls-auth on authentication based only on user/pass. | Ermal Luçi | 2010-03-03 | 1 | -5/+20 | |
| | ||||||
* | Allow openvpn server to authenticate only based on username/password ↵ | Ermal Luçi | 2010-03-02 | 1 | -2/+2 | |
| | | | | credentials. | |||||
* | Allow the GUI auth API to be used for doing authentication against ↵ | Ermal Luçi | 2010-03-02 | 1 | -9/+13 | |
| | | | | authentication servers specified. Teach Openvpn to use this API. Allow openvpn to authenticate against multiple servers that can be selected on the server configuration page. | |||||
* | Allow the authentication scripts to detect configuration changes. Allow ↵ | Ermal Luçi | 2010-03-02 | 1 | -21/+1 | |
| | | | | multiple OUs to be specified on basedn. | |||||
* | Use 0 when configuring tls-auth in server. | Ermal Luçi | 2010-03-01 | 1 | -2/+7 | |
| | ||||||
* | Correct script used for OpenVPN authentication to actually work. | Ermal Luçi | 2010-03-01 | 1 | -4/+11 | |
| | ||||||
* | Include missing quotes. | Ermal Luçi | 2010-02-25 | 1 | -7/+7 | |
| | ||||||
* | Add support for authenticating users against server specified in the ↵ | Ermal Luçi | 2010-02-24 | 1 | -1/+23 | |
| | | | | system->user manager->servers for openvpn. While there propperly fill the shared secret field for raidus in the servers page. | |||||
* | Add proxy authentication capabilities to OpenVPN client. | Ermal Luçi | 2010-02-23 | 1 | -2/+10 | |
| | ||||||
* | Add statistics for OpenVPN client instances | pierrepomes | 2010-02-16 | 1 | -1/+4 | |
| | ||||||
* | Feature #248. Ticket #248. Merge patch from Antonio No to add tap device ↵ | Ermal Luçi | 2010-02-05 | 1 | -5/+13 | |
| | | | | type to OpenVPN. | |||||
* | fix openvpn user auth. thanks to thompsa@ for finding fix | Chris Buechler | 2009-12-30 | 1 | -1/+1 | |
| | ||||||
* | Apparently OpenVPN 2.1 requires setting "script-security 2" to run given the ↵ | jim-p | 2009-12-29 | 1 | -0/+1 | |
| | | | | other options we currently employ. | |||||
* | Use get_interface_ip instead of a manual shell_exec(ifconfig). Ticket #69 | pierrepomes | 2009-12-10 | 1 | -5/+1 | |
| | ||||||
* | Add IP alias and 'any' support to OpenVPN. Feedback #69 | pierrepomes | 2009-12-10 | 1 | -11/+17 | |
| | ||||||
* | Add carp support for OpenVPN. Ticket #69 | pierrepomes | 2009-12-02 | 1 | -1/+7 | |
| | ||||||
* | Add pfSense_BUILDER_BINARIES: and pfSense_MODULE: additions | Scott Ullrich | 2009-09-12 | 1 | -2/+6 | |
| | ||||||
* | Include certs.inc is needed by lookup_certs. | Ermal Luçi | 2009-06-20 | 1 | -2/+1 | |
| | ||||||
* | Remove filter_configure from openvpn.inc it just ends up in recursive calls. | Ermal Luçi | 2009-06-18 | 1 | -5/+0 | |
| | ||||||
* | Propperly fix openvpn parameter parsing. | Ermal Luçi | 2009-05-07 | 1 | -2/+2 | |
| | ||||||
* | Fix correction of openvpn parameters. | Ermal Luçi | 2009-05-07 | 1 | -2/+2 | |
| | ||||||
* | Modify the OpenVPN server configuration to allow the DH parameter length | Matthew Grooms | 2008-09-09 | 1 | -1/+4 | |
| | | | | to be specified. Upgraded 1.2.x configurations will default to 1024 bits. | |||||
* | Comment out the code that creates a dh-parameters file at boot time and | Matthew Grooms | 2008-09-09 | 1 | -1/+3 | |
| | | | | | add three new static parameters files to the /etc directory. In the near term OpenVPN configurations will use the 2048 bit file. | |||||
* | Correct a bug where we attempt to kill an OpenVPN process even though its | Matthew Grooms | 2008-09-08 | 1 | -13/+21 | |
| | | | | pid file does not exist. | |||||
* | Revert the dh parameters generation back to 1024 bits. There were several | Matthew Grooms | 2008-09-08 | 1 | -1/+1 | |
| | | | | complaints that 2048 bit parameters took too long to generate. | |||||
* | Log why we're writing a new config out | Bill Marquette | 2008-09-08 | 1 | -1/+1 | |
| | ||||||
* | When restarting an OpenVPN process, don't send a term signal and expect it | Matthew Grooms | 2008-09-07 | 1 | -5/+17 | |
| | | | | | | to exit within a fixed time frame of two seconds. The old process may take longer to exit and cause the new process creation to fail. Instead, check the process status every 1/4 seconds and only continue once it terminates. |