ovpns1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
description: OpenVPN
options=80000<LINKSTATE>
inet 10.0.8.1 --> 10.0.8.2 netmask 0xffffff00
Calculation using 10.0.8.1/24 will result in 10.0.8.1, but should have been 10.0.8.2
This patch seems to add the least amount of magic, if the correct gateway would be captured in the environment variables that would be preferable, unfortunately that doesn't seem to be the case.
Example environment output:
xormask_1=
daemon_start_time=1645634011
daemon_pid=569
tun_mtu=1500
proto_1=udp4
daemon=1
dev_type=tun
script_context=init
PWD=/usr/local/www
xormasklen_1=0
daemon_log_redirect=0
ifconfig_local=10.0.8.1
local_port_1=1194
dev=ovpns1
link_mtu=1621
remote_port_1=1194
script_type=up
ifconfig_netmask=255.255.255.0
xormethod_1=0
config=/var/etc/openvpn/server1.conf
verb=3
o HostWildcardAllowed - allow the use of "*" (any host)
o FqdnWildcardAllowed - allow the use of wilcard fqdn's (*.my.top.level)
o ZoneRootAllowed - allow the use of "@" (zone root)
o wrap vlan set pcp in new function legacy_vlan_pcp()
o add legacy_vlan_remove_tag() to detach our vlan
o use legacy_vlan_remove_tag() + legacy_vlan_tag() to update vlan interfaces, in which case configuration remains as it was which would make future modifications which don't rely on "logical" names easier.
So 5f6b380a33 made get_interface_list() work as expected at the
price of losing assignment options on the referenced page due to
historic oversight. Add a prefix so we can construct the device
name from a partial key value.
The side effect from this may be that VIPs disappear from disabled
interfaces which is how it should have been.
Furthermore, remove the configuration of vips from rc.newwanip which
was added for unknown reasons in pfSense a long time ago and got also
copied to rc.newwanipv6 for us during cleanups but never in pfSense.
Especially since we removed find_interface_*() function family we never
risk reading an alias as a primary address and for all intents and
purposes an alias should never appear from an interface except it was
stripped in error by faulty code. Win-win really. ;)
OpenVPN was put on the "delayed" ("virtual") list in d090ccc3dceb4
but more out of convenience than common sense. To make sense of it
now check if the assigned device is provided by the plugin system
except for a bridge which is still having a special role in the code.
The role of bridges is somewhat disputed. We may be able to set them
up earlier detaching them from the older ordering logic but more tests
need to be done in order to pull it off.
