summaryrefslogtreecommitdiffstats
path: root/etc/inc/openvpn.inc
Commit message (Collapse)AuthorAgeFilesLines
...
* Since the OpenVPN management is done via unix socket and not tcp, we no ↵jim-p2010-09-091-3/+2
| | | | longer need to require the local_port be set in order to activate the daemon.
* Use the new events mechanisms to dispatch events.Ermal2010-09-071-1/+1
|
* Ticket #826. Add more bandage to notice when a reading on socket timeouts.Ermal2010-08-181-1/+13
|
* Ticket #826. Convert to unix domain sockets for management interface so we ↵Ermal2010-08-181-6/+18
| | | | do not have problems when interface is any.
* Ticket #826. Add timeout of 1 second for all read/write actions performed on ↵Ermal2010-08-181-1/+2
| | | | the socket. This should fix point 1) on the ticket.
* Print a notice that OpenVPN status information is not available for shared ↵jim-p2010-08-161-0/+1
| | | | key servers.
* End processing when we receive an ERROR line. Part of ticket #826jim-p2010-08-161-2/+2
|
* Add OpenVPN none/null cipher.jim-p2010-07-131-1/+1
|
* Reorg this test a little, and make sure we only add client-to-client for ↵jim-p2010-06-301-4/+3
| | | | remote access types.
* Various fixes to usage of ip2long, long2ip, and negated subnet masks, mostly ↵Erik Fonnesbeck2010-05-201-9/+9
| | | | affecting 64-bit. Ticket #459
* Revert "Allow the user to override OpenVPN interface name in custom options ↵jim-p2010-05-171-37/+21
| | | | | | (e.g. dev tap99 or dev tun99) and set related options appropriately. ticket #482 Item 2a/2b." - Revert for now, may cause more issues than it fixes. This reverts commit be58c36ded298a1cb7a0eac40cd2edd62908d882.
* Allow the user to override OpenVPN interface name in custom options (e.g. ↵jim-p2010-05-171-21/+37
| | | | dev tap99 or dev tun99) and set related options appropriately. ticket #482 Item 2a/2b.
* Add scpecific scripts for when ovpn goes up and down so we get neccessary ↵Ermal2010-05-071-2/+2
| | | | values for used in varius areas of pfSense. TODO is find out how to get DNS info form openvpn.
* Add client-to-client to OpenVPN server config if the option is checked. ↵jim-p2010-05-061-0/+3
| | | | Resolves #572.
* Use nobind for OVPN client when no local port and/or no local interface is ↵pierrepomes2010-04-291-3/+5
| | | | requested. Ticket #282
* Fix typo in commentpierrepomes2010-04-271-1/+1
|
* Move these functions to a more central location. Part of ticket #496jim-p2010-04-271-0/+163
|
* Ticket #474. Properly check for disabled openvpn configs.Ermal2010-04-271-3/+3
|
* Ticket #449. Teach OpenVPN to reload only tunnels for the specified ↵Ermal2010-03-291-5/+13
| | | | interface. Use this is rc.newwanip script to reload only these tunnels.
* Fix local and nobind for client settingsErmal2010-03-121-1/+2
|
* Ticket #413. Hanlde cases when no authentication is specified.Ermal Luçi2010-03-101-12/+14
|
* Ignore chmod errors for files that do not exist.Ermal Luçi2010-03-041-5/+5
|
* Add tls-auth to server even when authenticating in user/pass mode.Ermal Luçi2010-03-031-12/+3
|
* Do not include tls-auth on authentication based only on user/pass.Ermal Luçi2010-03-031-5/+20
|
* Allow openvpn server to authenticate only based on username/password ↵Ermal Luçi2010-03-021-2/+2
| | | | credentials.
* Allow the GUI auth API to be used for doing authentication against ↵Ermal Luçi2010-03-021-9/+13
| | | | authentication servers specified. Teach Openvpn to use this API. Allow openvpn to authenticate against multiple servers that can be selected on the server configuration page.
* Allow the authentication scripts to detect configuration changes. Allow ↵Ermal Luçi2010-03-021-21/+1
| | | | multiple OUs to be specified on basedn.
* Use 0 when configuring tls-auth in server.Ermal Luçi2010-03-011-2/+7
|
* Correct script used for OpenVPN authentication to actually work.Ermal Luçi2010-03-011-4/+11
|
* Include missing quotes.Ermal Luçi2010-02-251-7/+7
|
* Add support for authenticating users against server specified in the ↵Ermal Luçi2010-02-241-1/+23
| | | | system->user manager->servers for openvpn. While there propperly fill the shared secret field for raidus in the servers page.
* Add proxy authentication capabilities to OpenVPN client.Ermal Luçi2010-02-231-2/+10
|
* Add statistics for OpenVPN client instancespierrepomes2010-02-161-1/+4
|
* Feature #248. Ticket #248. Merge patch from Antonio No to add tap device ↵Ermal Luçi2010-02-051-5/+13
| | | | type to OpenVPN.
* fix openvpn user auth. thanks to thompsa@ for finding fixChris Buechler2009-12-301-1/+1
|
* Apparently OpenVPN 2.1 requires setting "script-security 2" to run given the ↵jim-p2009-12-291-0/+1
| | | | other options we currently employ.
* Use get_interface_ip instead of a manual shell_exec(ifconfig). Ticket #69pierrepomes2009-12-101-5/+1
|
* Add IP alias and 'any' support to OpenVPN. Feedback #69pierrepomes2009-12-101-11/+17
|
* Add carp support for OpenVPN. Ticket #69pierrepomes2009-12-021-1/+7
|
* Add pfSense_BUILDER_BINARIES: and pfSense_MODULE: additionsScott Ullrich2009-09-121-2/+6
|
* Include certs.inc is needed by lookup_certs.Ermal Luçi2009-06-201-2/+1
|
* Remove filter_configure from openvpn.inc it just ends up in recursive calls.Ermal Luçi2009-06-181-5/+0
|
* Propperly fix openvpn parameter parsing.Ermal Luçi2009-05-071-2/+2
|
* Fix correction of openvpn parameters.Ermal Luçi2009-05-071-2/+2
|
* Modify the OpenVPN server configuration to allow the DH parameter lengthMatthew Grooms2008-09-091-1/+4
| | | | to be specified. Upgraded 1.2.x configurations will default to 1024 bits.
* Comment out the code that creates a dh-parameters file at boot time andMatthew Grooms2008-09-091-1/+3
| | | | | add three new static parameters files to the /etc directory. In the near term OpenVPN configurations will use the 2048 bit file.
* Correct a bug where we attempt to kill an OpenVPN process even though itsMatthew Grooms2008-09-081-13/+21
| | | | pid file does not exist.
* Revert the dh parameters generation back to 1024 bits. There were severalMatthew Grooms2008-09-081-1/+1
| | | | complaints that 2048 bit parameters took too long to generate.
* Log why we're writing a new config outBill Marquette2008-09-081-1/+1
|
* When restarting an OpenVPN process, don't send a term signal and expect itMatthew Grooms2008-09-071-5/+17
| | | | | | to exit within a fixed time frame of two seconds. The old process may take longer to exit and cause the new process creation to fail. Instead, check the process status every 1/4 seconds and only continue once it terminates.
OpenPOWER on IntegriCloud