From patchwork Tue Mar 19 09:39:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tremer X-Patchwork-Id: 2158 Return-Path: Received: from mail01.ipfire.org (mail01.i.ipfire.org [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id 2DAD985BD80 for ; Thu, 21 Mar 2019 11:01:27 +0000 (GMT) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 44Q3kZ0F4dz568sn; Thu, 21 Mar 2019 11:01:26 +0000 (GMT) Received: from localhost.localdomain (unknown [213.205.240.207]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 44Q3kV10vBz4y73Q; Thu, 21 Mar 2019 11:01:21 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1553166082; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:references; bh=9C/BQdEbsp3z/JGy7pipAPNRfDF+7Wj15LtZWPLc1KM=; b=qWyjP8u8KYN0tRCQ2AodFfeu2sofn0TNmc3ROeyIfzFU0hC80ZzJghkDiA5tZIzknwgBCX 6ij2Al9tQdDVpuy85lN9cfHbOozWMcbBJHhbHG7ZFcMzeHvQSBPIxjKq8BVLaAr+TDtauN yMYc5wjlNe9rQ+ciClmvWN5BSad8F4y5wrVWKWWInlPemWvjJEVLc/gR/Kt3hOUx/gDjXF /adsNTdub12Pz2UZEuAHWgdZcPOJJPU06S9YH7kDqm73iMajaVj3g09dzwWwU8ttr6b3MZ zwemp3lsCgEW82VRP/O8/kN4wXQndZkFif1WmQOdUXuPNIkpNTjMObo1OaYAvw== From: Michael Tremer To: development@lists.ipfire.org Subject: [PATCH] openvpn: Tie client to use IPv4 Date: Mon, 18 Mar 2019 22:39:10 +0000 Message-Id: <1552948750-2167-1-git-send-email-michael.tremer@ipfire.org> X-Mailer: git-send-email 2.6.3 X-Spamd-Result: default: False [-1.10 / 11.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DKIM_SIGNED(0.00)[]; MID_CONTAINS_FROM(1.00)[]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; DATE_IN_PAST(1.00)[]; ASN(0.00)[asn:12576, ipnet:213.205.192.0/18, country:GB]; BAYES_HAM(-3.00)[100.00%] Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=ms smtp.mailfrom=michael.tremer@ipfire.org Cc: Michael Tremer X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" OpenVPN might try to connect via IPv6 in rare occasions. To avoid that, we can tell it to use IPv4 exclusively. Signed-off-by: Michael Tremer --- html/cgi-bin/ovpnmain.cgi | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 4fb2349..282456e 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -967,14 +967,14 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print SERVERCONF "port $cgiparams{'DEST_PORT'}\n"; if ($cgiparams{'PROTOCOL'} eq 'tcp') { - print SERVERCONF "proto tcp-server\n"; + print SERVERCONF "proto tcp4-server\n"; print SERVERCONF "# Packet size\n"; if ($cgiparams{'MTU'} eq '') {$tunmtu = '1400'} else {$tunmtu = $cgiparams{'MTU'}}; print SERVERCONF "tun-mtu $tunmtu\n"; } if ($cgiparams{'PROTOCOL'} eq 'udp') { - print SERVERCONF "proto udp\n"; + print SERVERCONF "proto udp4\n"; print SERVERCONF "# Paketsize\n"; if ($cgiparams{'MTU'} eq '') {$tunmtu = '1500'} else {$tunmtu = $cgiparams{'MTU'}}; print SERVERCONF "tun-mtu $tunmtu\n"; @@ -1063,14 +1063,14 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print CLIENTCONF "port $cgiparams{'DEST_PORT'}\n"; if ($cgiparams{'PROTOCOL'} eq 'tcp') { - print CLIENTCONF "proto tcp-client\n"; + print CLIENTCONF "proto tcp4-client\n"; print CLIENTCONF "# Packet size\n"; if ($cgiparams{'MTU'} eq '') {$tunmtu = '1400'} else {$tunmtu = $cgiparams{'MTU'}}; print CLIENTCONF "tun-mtu $tunmtu\n"; } if ($cgiparams{'PROTOCOL'} eq 'udp') { - print CLIENTCONF "proto udp\n"; + print CLIENTCONF "proto udp4\n"; print CLIENTCONF "# Paketsize\n"; if ($cgiparams{'MTU'} eq '') {$tunmtu = '1500'} else {$tunmtu = $cgiparams{'MTU'}}; print CLIENTCONF "tun-mtu $tunmtu\n"; @@ -2178,14 +2178,14 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){ print CLIENTCONF "port $confighash{$cgiparams{'KEY'}}[29]\n"; if ($confighash{$cgiparams{'KEY'}}[28] eq 'tcp') { - print CLIENTCONF "proto tcp-client\n"; + print CLIENTCONF "proto tcp4-client\n"; print CLIENTCONF "# Packet size\n"; if ($confighash{$cgiparams{'KEY'}}[31] eq '') {$tunmtu = '1400'} else {$tunmtu = $confighash{$cgiparams{'KEY'}}[31]}; print CLIENTCONF "tun-mtu $tunmtu\n"; } if ($confighash{$cgiparams{'KEY'}}[28] eq 'udp') { - print CLIENTCONF "proto udp\n"; + print CLIENTCONF "proto udp4\n"; print CLIENTCONF "# Paketsize\n"; if ($confighash{$cgiparams{'KEY'}}[31] eq '') {$tunmtu = '1500'} else {$tunmtu = $confighash{$cgiparams{'KEY'}}[31]}; print CLIENTCONF "tun-mtu $tunmtu\n";