From patchwork Wed Nov 11 18:12:25 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Erik Kapfer X-Patchwork-Id: 3661 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4CWXrj009mz3wl4 for ; Wed, 11 Nov 2020 18:12:36 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4CWXrg3WzDzxB; Wed, 11 Nov 2020 18:12:35 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4CWXrd4cQmz2xkc; Wed, 11 Nov 2020 18:12:33 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4CWXrb68Flz2xkc for ; Wed, 11 Nov 2020 18:12:31 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4CWXrb03qrzxB; Wed, 11 Nov 2020 18:12:30 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1605118351; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=h7y0bbRMesOz27TEURkmpxkBIlKIJ1gVbrTE0lgnJyk=; b=Ui5ZzTuLgsHu33UbLXDwYebhCpNQgKmy2/ITVJZ958FUyW0xj0lXdWTZqofcJpWM2AogpN PHQ6Q+Iv4yEeXgBQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1605118351; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=h7y0bbRMesOz27TEURkmpxkBIlKIJ1gVbrTE0lgnJyk=; b=V3cFtEFdwpriDTV6xhOx82s60ptTXpwUz758wbIiQKC26B0oAUeMZOPA+vkwgfT4Q9+aU1 yoM8X9ABW893CnuSImD9u08S4Bnn2ffsFuzVJCOuWmkjYDlK3C35HOEbJZ4Id3ZqyV0eLc IFxVPz2IbWPsczWKq+5M63aWhL8TlInrZIx0f2KgbD3UMJ1aivfJzTLH84NvQaigxcZ2C6 Hazyb2kw95f3WhhMMK4/QyJ8P1VOEnNiDpPmSU+N0QbqAxokugskNfgix9ThOf0t1ZVmMB E9ieRDjnfrNslPyb2bHn0Y1XaPytmkvcFWdxnGkM9+HgDGSjomzELDSA3LxOcQ== From: ummeegge To: development@lists.ipfire.org Subject: [PATCH] OpenVPN: Add start of static routes in client N2N Date: Wed, 11 Nov 2020 18:12:25 +0000 Message-Id: <20201111181225.26237-1-erik.kapfer@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Fixes: #12529 - If a client N2N configuration will be imported into IPFire systems, a line will be added which calls the --up script to restart the static route initscript. Since this is IPFire specific, i will only be added via import on IPFire system. - Deleted unneeded line in CLIENTCONF section. - Added description to SERVERCONF section. Signed-off-by: ummeegge --- html/cgi-bin/ovpnmain.cgi | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 8626a94ca..44cb48996 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -953,6 +953,7 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print SERVERCONF "ifconfig $ovsubnet.1 $ovsubnet.2\n"; print SERVERCONF "# Client Gateway Network\n"; print SERVERCONF "route $remsubnet[0] $remsubnet[1]\n"; + print SERVERCONF "# Call up script for static routes\n"; print SERVERCONF "up \"/etc/init.d/static-routes start\"\n"; print SERVERCONF "# tun Device\n"; print SERVERCONF "dev tun\n"; @@ -1052,7 +1053,6 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print CLIENTCONF "ifconfig $ovsubnet.2 $ovsubnet.1\n"; print CLIENTCONF "# Server Gateway Network\n"; print CLIENTCONF "route $remsubnet[0] $remsubnet[1]\n"; - print CLIENTCONF "up \"/etc/init.d/static-routes start\"\n"; print CLIENTCONF "# tun Device\n"; print CLIENTCONF "dev tun\n"; print CLIENTCONF "#Logfile for statistics\n"; @@ -3333,6 +3333,12 @@ END print FILE "status /var/run/openvpn/$n2nname[0]-n2n 10\n"; close FILE; + # Add static route command to client configuration + open(FILE, ">> $tempdir/$uplconffilename") or die 'Unable to open config file.'; + print FILE "# Call up script for static routes\n"; + print FILE "up \"/etc/init.d/static-routes start\"\n"; + close FILE; + move("$tempdir/$uplconffilename", "${General::swroot}/ovpn/n2nconf/$n2nname[0]/$uplconffilename2"); if ($? ne 0) {