lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-16 17:44:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

VPN: OpenVPN: Instances - add mode server and tls-server to tap servers and hide server fields. for https://github.com/opnsense/core/issues/7302

Browse Source
This commit is contained in:
Ad Schellevis 2024-03-06 21:01:19 +01:00
parent 8fab0a77c6
commit 3d09a2cb60
3 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/forms/dialogInstance.xml
View File

@ -91,7 +91,7 @@
<id>instance.server</id>
<label>Server (IPv4)</label>
<type>text</type>
<style>role role_server</style>
<style>role role_server_tun</style>
<help>
This directive will set up an OpenVPN server which will allocate addresses to clients out of the given network/netmask.
The server itself will take the .1 address of the given network for use as the server-side endpoint of the local TUN/TAP interface
@ -101,7 +101,7 @@
<id>instance.server_ipv6</id>
<label>Server (IPv6)</label>
<type>text</type>
<style>role role_server</style>
<style>role role_server_tun</style>
<help>
This directive will set up an OpenVPN server which will allocate addresses to clients out of the given network/netmask.
The server itself will take the next base address (+1) of the given network for use as the server-side endpoint of the local TUN/TAP interface

7
src/opnsense/mvc/app/models/OPNsense/OpenVPN/OpenVPN.php
View File

@ -485,10 +485,10 @@ class OpenVPN extends BaseModel
$options['crl-verify'] = "/var/etc/openvpn/server-{$node_uuid}.crl-verify";
}
$options['verify-client-cert'] = (string)$node->verify_client_cert;
if (!empty((string)$node->server)) {
if ((string)$node->dev_type == 'tun' && !empty((string)$node->server)) {
$parts = explode('/', (string)$node->server);
$mask = Util::CIDRToMask($parts[1]);
if ((string)$node->dev_type == 'tun' && (string)$node->topology == 'p2p' && $parts[1] > 29) {
if ((string)$node->topology == 'p2p' && $parts[1] > 29) {
/**
* Workaround and backwards compatibility, the server directive doesn't support
* networks smaller than /30, pushing ifconfig manually works in some cases.
@ -505,6 +505,9 @@ class OpenVPN extends BaseModel
} else {
$options['server'] = $parts[0] . " " . $mask;
}
} elseif ((string)$node->dev_type == 'tap') {
$options['mode'] = 'server';
$options['tls-server'] = null;
}
if (!empty((string)$node->server_ipv6)) {
$options['server-ipv6'] = (string)$node->server_ipv6;

7
src/opnsense/mvc/app/views/OPNsense/OpenVPN/instances.volt
View File

@ -60,14 +60,15 @@
del:'/api/openvpn/instances/del_static_key/'
});
$("#instance\\.role").change(function(){
$("#instance\\.role, #instance\\.dev_type").change(function(){
let show_advanced = $("#show_advanced_formDialogDialogInstance").hasClass("fa-toggle-on");
let this_role = $(this).val();
let this_role = $("#instance\\.role").val();
let this_dev_type = $("#instance\\.dev_type").val();
$(".role").each(function(){
let tr = $(this).closest("tr").hide();
if ((tr.data('advanced') === true && show_advanced) || !tr.data('advanced')) {
if ($(this).hasClass('role_' + this_role)) {
if ($(this).hasClass('role_' + this_role) || $(this).hasClass('role_' + this_role + '_' + this_dev_type)) {
tr.show();
}
}