summaryrefslogtreecommitdiffstats
path: root/etc/inc/openvpn.inc
Commit message (Collapse)AuthorAgeFilesLines
* Whoops, don't flip these since I negated the test.jim-p2012-05-141-2/+2
|
* Flip this test around since it's safer to assume the dev mode is tun. Ticket ↵jim-p2012-05-141-3/+3
| | | | #2432
* Unbreak openvpnErmal2012-04-051-1/+1
|
* Make vips vhid be unique per parent interface!Ermal2012-04-051-1/+1
|
* Be more intelligent when managing OpenVPN client connections bound to CARP ↵jim-p2012-03-061-0/+4
| | | | | | VIPs. If the interface is in BACKUP status, do not start the client. Add a section to rc.carpmaster and rc.carpbackup to trigger this start/stop. If an OpenVPN client is active on both the master and backup system, they will cause conflicting connections to the server. Servers do not care as they only accept, not initiate.
* Fix this ifconfig-push to also account for tap.jim-p2011-11-161-1/+4
|
* If there is a tunnel network in tap mode, the second parameter is a subnet ↵jim-p2011-11-161-2/+8
| | | | mask, not the other IP.
* username-as-common-name is not compatible with server-bridge, so don't put ↵jim-p2011-11-111-1/+3
| | | | it in the config if server-bridge is active. Testing is needed to determine if there is any other negative impact, but with both present, openvpn will not start.
* Fix order of client/server IPs and add a note, and clarify variable names. ↵jim-p2011-11-101-3/+4
| | | | Fixes #2004.
* Rework this a little since using tap+tunnel network is valid, but using ↵jim-p2011-11-091-3/+3
| | | | tap+tunnel network+bridging is not (will not do what the user expects/wants)
* Fix up OpenVPN server tap modes, support various options for providing or ↵jim-p2011-11-081-9/+27
| | | | passing through DHCP. (Work in progress)
* Assume a default value of 1 for cert_depth to disallow chaining.jim-p2011-10-271-0/+2
|
* Add GUI option to limit the certificate depth allowed when OpenVPN clients ↵jim-p2011-10-271-0/+18
| | | | are connecting.
* Fixup OpenVPN status a bit to properly handle SSL servers using a /30 (no ↵jim-p2011-08-301-3/+23
| | | | server directive) and also be a little more verbose about what is happening, if we can tell.
* Make initial changes to allow pfSense to work in a jail.Andrew Thompson2011-08-171-0/+2
| | | | | | This mostly avoids starting things that will not work and gets the initial config. Most of the pfSense functionality will not work (pf rules, routing, etc) but it can be used for testing.
* Rework OpenVPN status, show status for shared key servers.jim-p2011-07-271-136/+140
|
* Resolves #1719. Prevent disabled client/servers from being displayed on the ↵Ermal2011-07-261-1/+7
| | | | widget.
* Only apply remote_network setting for p2p modes, since it is not valid for ↵jim-p2011-07-221-2/+2
| | | | remote access modes. Fixes #1707
* CRL fixes for empty CRLs (so they don't kill OpenVPN)jim-p2011-07-131-0/+1
|
* Merge remote-tracking branch 'upstream/master'jim-p2011-07-121-11/+11
|\ | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/interfaces.inc etc/inc/services.inc etc/inc/xmlrpc_client.inc usr/local/www/fbegin.inc usr/local/www/services_dhcp.php
| * Merge remote-tracking branch 'mainline/master' into incVinicius Coque2011-07-061-2/+2
| |\ | | | | | | | | | | | | Conflicts: etc/inc/priv.defs.inc
| * \ Merge remote-tracking branch 'mainline/master' into incVinicius Coque2011-06-281-2/+2
| |\ \
| * \ \ Merge remote-tracking branch 'mainline/master' into incVinicius Coque2011-06-071-4/+9
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/voucher.inc usr/local/www/fbegin.inc
| * \ \ \ Merge remote-tracking branch 'mainline/master' into incVinicius Coque2011-05-231-1/+4
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/interfaces.inc etc/inc/upgrade_config.inc etc/inc/vpn.inc
| * \ \ \ \ Merge remote-tracking branch 'mainline/master' into incVinicius Coque2011-04-151-1/+1
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/gwlb.inc
| * \ \ \ \ \ Merge remote-tracking branch 'mainline/master' into incVinicius Coque2011-04-041-5/+5
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/shaper.inc
| * \ \ \ \ \ \ Merge remote-tracking branch 'mainline/master' into incVinicius Coque2011-03-251-4/+5
| |\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/interfaces.inc etc/inc/priv.defs.inc etc/inc/shaper.inc etc/inc/system.inc
| * \ \ \ \ \ \ \ Merge remote-tracking branch 'mainline/master' into incVinicius Coque2011-03-251-2/+2
| |\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/auth.inc etc/inc/config.lib.inc etc/inc/filter.inc etc/inc/pfsense-utils.inc etc/inc/pkg-utils.inc etc/inc/priv.defs.inc etc/inc/services.inc etc/inc/shaper.inc etc/inc/voucher.inc etc/inc/vpn.inc usr/local/www/fbegin.inc
| * \ \ \ \ \ \ \ \ Merge branch 'master' into incVinicius Coque2011-01-281-6/+28
| |\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/captiveportal.inc etc/inc/config.console.inc etc/inc/config.lib.inc etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/ipsec.inc etc/inc/pkg-utils.inc etc/inc/shaper.inc etc/inc/system.inc etc/inc/voucher.inc
| * \ \ \ \ \ \ \ \ \ Merge remote branch 'mainline/master' into incVinicius Coque2010-12-141-11/+14
| |\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/auth.inc etc/inc/config.lib.inc etc/inc/filter.inc etc/inc/gwlb.inc etc/inc/interfaces.inc etc/inc/pfsense-utils.inc etc/inc/pkg-utils.inc etc/inc/shaper.inc etc/inc/upgrade_config.inc etc/inc/xmlparse.inc usr/local/www/fbegin.inc
| * \ \ \ \ \ \ \ \ \ \ Merge remote branch 'mainline/master' into incRenato Botelho2010-11-031-0/+31
| |\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/auth.inc etc/inc/config.lib.inc etc/inc/priv.defs.inc etc/inc/system.inc etc/inc/upgrade_config.inc etc/inc/vpn.inc
| * \ \ \ \ \ \ \ \ \ \ \ Merge remote branch 'mainline/master' into incRenato Botelho2010-10-131-1/+3
| |\ \ \ \ \ \ \ \ \ \ \ \
| * \ \ \ \ \ \ \ \ \ \ \ \ Merge remote branch 'mainline/master' into incRenato Botelho2010-09-281-2/+4
| |\ \ \ \ \ \ \ \ \ \ \ \ \
| * \ \ \ \ \ \ \ \ \ \ \ \ \ Merge remote branch 'mainline/master' into incRenato Botelho2010-09-161-2/+6
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/filter.inc
| * \ \ \ \ \ \ \ \ \ \ \ \ \ \ Merge remote branch 'mainline/master' into incRenato Botelho2010-09-131-3/+2
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/filter.inc etc/inc/gwlb.inc
| * \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ Merge remote branch 'mainline/master' into incRenato Botelho2010-09-081-1/+1
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/filter.inc etc/inc/pkg-utils.inc etc/inc/service-utils.inc etc/inc/system.inc etc/inc/vpn.inc
| * \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ Merge remote branch 'mainline/master' into incRenato Botelho2010-08-181-8/+33
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/interfaces.inc
| * \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ Merge remote branch 'mainline/master' into incRenato Botelho2010-08-171-2/+3
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | | | | | | Implement gettext() calls on openvpn.incCarlos Eduardo Ramos2010-08-161-11/+11
| | | | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | | Merge remote-tracking branch 'upstream/master'jim-p2011-07-041-2/+2
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | |_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|/ | |/| | | | | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | | | | | | Don't check OpenVPN ports in use against disabled clients or serversChris Buechler2011-07-041-3/+3
| | |_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|/ | |/| | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | Merge remote-tracking branch 'upstream/master'jim-p2011-06-261-2/+2
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / / / / / / / / / / /
| * | | | | | | | | | | | | | | | | | No need to use nohup when using mwexec_bg since it calls nohup itself. Also ↵Ermal2011-06-241-2/+2
| | |_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | use fullpath to executables.
* | | | | | | | | | | | | | | | | | Merge remote branch 'upstream/master'jim-p2011-06-031-4/+9
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/openvpn.inc
| * | | | | | | | | | | | | | | | | When making a P2P SSL/TLS OpenVPN server, if the given CIDR for the tunnel ↵jim-p2011-06-031-4/+9
| | |_|_|_|_|_|_|_|_|_|_|_|_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | network is a /30, don't use the OpenVPN server directive. See ticket #1417
* | | | | | | | | | | | | | | | | Merge remote branch 'upstream/master'Seth Mos2011-05-131-0/+1
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/vslb.inc etc/version
| * | | | | | | | | | | | | | | | Various CRL fixes, handle empty internal CRLs better.jim-p2011-05-111-0/+1
| | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | Merge remote branch 'upstream/master'Seth Mos2011-04-281-1/+3
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/pfsense-utils.inc
| * | | | | | | | | | | | | | | | Confirmed working fix for ticket #1417 - with this change I have two-way ↵jim-p2011-04-211-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | connectivity on Site-to-Site (SSL/TLS) with iroutes.
| * | | | | | | | | | | | | | | | Backing out changes from ticket #1417, it was not a valid openvpn config ↵jim-p2011-04-191-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | that the user was trying to make.
OpenPOWER on IntegriCloud