openvpn.patch
| root/etc/e-smith/templates/etc/shorewall/interfaces/99openvpn | ||
|---|---|---|
| 1 |
# |
|
| 2 |
# 99openvpn |
|
| 3 |
# |
|
| 1 | 4 |
{
|
| 2 | 5 |
$mode = $openvpn{'Mode'} || 'routed';
|
| 3 | 6 |
if ($mode eq 'routed') {
|
| 4 |
$OUT.="vpn tun+\n";
|
|
| 7 |
$OUT .= "ovpn tun0\n";
|
|
| 5 | 8 |
} elsif ($mode eq 'bridged') {
|
| 6 | 9 |
my $tap = $openvpn{'TapInterface'} || 'tap0';
|
| 7 | 10 |
$OUT .= "dev $tap\n"; |
| root/etc/e-smith/templates/etc/shorewall/policy/15openvpn | ||
|---|---|---|
| 1 | 1 |
# |
| 2 | 2 |
# 15openvpn |
| 3 | 3 |
# |
| 4 |
loc vpn ACCEPT |
|
| 5 |
vpn loc ACCEPT
|
|
| 6 |
vpn $FW ACCEPT
|
|
| 7 |
$FW vpn ACCEPT |
|
| 4 |
loc ovpn ACCEPT
|
|
| 5 |
ovpn loc ACCEPT
|
|
| 6 |
ovpn $FW ACCEPT
|
|
| 7 |
$FW ovpn ACCEPT
|
|
| 8 | 8 |
{
|
| 9 | 9 |
if($openvpn{'RouteToVPN'} eq 'enabled') {
|
| 10 |
$OUT .= "vpn net ACCEPT";
|
|
| 10 |
$OUT .= "ovpn net ACCEPT";
|
|
| 11 | 11 |
} else {
|
| 12 | 12 |
$OUT = "# openvpn/RouteToVPN is disabled"; |
| 13 | 13 |
} |
| root/etc/e-smith/templates/etc/shorewall/rules/21pingOpenvpn | ||
|---|---|---|
| 1 |
Ping/ACCEPT vpn $FW |
|
| root/etc/e-smith/templates/etc/shorewall/zones/99openvpn | ||
|---|---|---|
| 1 |
vpn ipv4 |
|
| 1 |
# |
|
| 2 |
# 99openvpn |
|
| 3 |
# |
|
| 4 |
ovpn ipv4 |
|
| 5 | ||