Feature #3169

OpenVPN fixed ip support via standard db prop

Added by Davide Marini about 6 years ago. Updated about 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-openvpn
Target version:v6.6
Resolution: NEEDINFO:No

Description

Openvpn supports binding of a specific account to a specific ip address, there is already a file named host-to-net.pool for the standard roadwarrior.
It would be useful to set this property with standard db commands, there is already a canvas in the template:

/etc/e-smith/templates/etc/openvpn/host-to-net.pool/50accounts

now it works only with the user "admin", it needs only to be adjusted to make it work properly with all users.

Associated revisions

Revision 67765e03
Added by Giacomo Sanchietti about 6 years ago

host-to-net.pool: implement IP reservation. Refs #3169

History

#1 Updated by Giacomo Sanchietti about 6 years ago

  • Category set to nethserver-openvpn
  • Status changed from NEW to TRIAGED
  • Target version set to v6.6
  • % Done changed from 0 to 20

#2 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#3 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

#4 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Package in nethserver-testing:
  • nethserver-openvpn-1.2.0-1.9.g67765e0.ns6.noarch.rpm
Test case 1
  • Create a system user
  • Create a VPN account for the system user
  • Reserver an ip for it:
    db accounts setprop myuser OpenVpnIp 10.0.0.1
    signal-event nethserver-openvpn-save
    
  • Verify the reservation is present inside the /etc/openvpn/host-to-net.pool file
Test case 2
  • Create a VPN-only account
  • Reserver an ip for it:
    db accounts setprop myvpnaccount OpenVpnIp 10.0.0.1
    signal-event nethserver-openvpn-save
    
  • Verify the reservation is present inside the /etc/openvpn/host-to-net.pool file

#5 Updated by Davide Marini about 6 years ago

  • Status changed from ON_QA to VERIFIED
  • % Done changed from 70 to 90

Accounts configuration:

[root@test ~]# db accounts show 
.
.
.
onlyvpn=vpn
    OpenVpnIp=10.9.9.10
    VPNRemoteNetmask=
    VPNRemoteNetwork=
systemuser=user
    City=
    Company=
    Department=
    FirstName=systemuser
    LastName=systemuser
    OpenVpnIp=10.9.9.6
    PhoneNumber=
.
.
.

host-to-net.pool after the nethserver-openvpn-save event:

[root@test ~]# cat /etc/openvpn/host-to-net.pool 
# ================= DO NOT MODIFY THIS FILE =================
# 
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at https://dev.nethesis.it/projects/nethserver/wiki/NethServer
# original work from http://www.contribs.org/development/
#
# Copyright (C) 2013 Nethesis S.r.l. 
# http://www.nethesis.it - support@nethesis.it
# 
onlyvpn,10.9.9.10
systemuser,10.9.9.6

#6 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in nethserver-updates:
  • nethserver-openvpn-1.2.1-1.ns6.noarch.rpm

Also available in: Atom PDF