diff options
| author | Daniil Baturin <daniil@vyos.io> | 2022-05-09 00:17:58 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-05-09 00:17:58 +0300 |
| commit | a9f2a2ed73aa858ec3142399b122f023506de462 (patch) | |
| tree | c50394593a62f0d6d61a328e27078303601f147e | |
| parent | 84f68455cbe9c41203097829bd649c14093a811f (diff) | |
| parent | f64b7cb6e6c9e80912daed095a90a4fd2581c79f (diff) | |
| download | vyos-1x-a9f2a2ed73aa858ec3142399b122f023506de462.tar.gz vyos-1x-a9f2a2ed73aa858ec3142399b122f023506de462.zip | |
Merge pull request #1309 from dmbaturin/T4402-equ
T4402: fix ifconfig-pool generation logic
| -rw-r--r-- | data/templates/openvpn/server.conf.tmpl | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl index 75aae2981..627068b3e 100644 --- a/data/templates/openvpn/server.conf.tmpl +++ b/data/templates/openvpn/server.conf.tmpl @@ -82,15 +82,18 @@ push "route-ipv6 {{ route }}" {% endif %} {% endfor %} {% endif %} + +{% if server.client_ip_pool is not defined %} {# OpenVPN assigns the first IP address to its local interface so the pool used #} {# in net30 topology - where each client receives a /30 must start from the second subnet #} {% if server.topology is defined and server.topology == 'net30' %} -ifconfig-pool {{ subnet | inc_ip('4') }} {{ subnet | last_host_address | dec_ip('1') }} {{ subnet | netmask_from_cidr if device_type == 'tap' else '' }} +ifconfig-pool {{ subnet | inc_ip('4') }} {{ subnet | last_host_address | dec_ip('1') }} {% if device_type == 'tap' %} {{ subnet | netmask_from_cidr }} {% endif %} {% else %} {# OpenVPN assigns the first IP address to its local interface so the pool must #} {# start from the second address and end on the last address #} -ifconfig-pool {{ subnet | first_host_address | inc_ip('1') }} {{ subnet | last_host_address | dec_ip('1') }} {{ subnet | netmask_from_cidr if device_type == 'tun' else '' }} +ifconfig-pool {{ subnet | first_host_address | inc_ip('1') }} {{ subnet | last_host_address | dec_ip('1') }} {% if device_type == 'tap' %} {{ subnet | netmask_from_cidr }} {% endif %} {% endif %} +{% endif %} {% elif subnet | is_ipv6 %} server-ipv6 {{ subnet }} {% endif %} @@ -98,7 +101,7 @@ server-ipv6 {{ subnet }} {% endif %} {% if server.client_ip_pool is defined and server.client_ip_pool is not none and server.client_ip_pool.disable is not defined %} -ifconfig-pool {{ server.client_ip_pool.start }} {{ server.client_ip_pool.stop }}{{ server.client_ip_pool.subnet_mask if server.client_ip_pool.subnet_mask is defined and server.client_ip_pool.subnet_mask is not none }} +ifconfig-pool {{ server.client_ip_pool.start }} {{ server.client_ip_pool.stop }} {{ server.client_ip_pool.subnet_mask if server.client_ip_pool.subnet_mask is defined and server.client_ip_pool.subnet_mask is not none and device_type == 'tap' }} {% endif %} {% if server.max_connections is defined and server.max_connections is not none %} max-clients {{ server.max_connections }} |