diff options
| -rwxr-xr-x | src/conf_mode/interfaces-openvpn.py | 12 | 
1 files changed, 10 insertions, 2 deletions
| diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index 242fae9fb..329399274 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -47,6 +47,7 @@ from vyos.template import is_ipv4  from vyos.template import is_ipv6  from vyos.util import call  from vyos.util import chown +from vyos.util import cmd  from vyos.util import dict_search  from vyos.util import dict_search_args  from vyos.util import makedir @@ -424,8 +425,8 @@ def verify(openvpn):      # verify specified IP address is present on any interface on this system      if 'local_host' in openvpn:          if not is_addr_assigned(openvpn['local_host']): -            raise ConfigError('local-host IP address "{local_host}" not assigned' \ -                              ' to any interface'.format(**openvpn)) +            print('local-host IP address "{local_host}" not assigned' \ +                  ' to any interface'.format(**openvpn))      # TCP active      if openvpn['protocol'] == 'tcp-active': @@ -648,6 +649,13 @@ def apply(openvpn):          return None +    # verify specified IP address is present on any interface on this system +    # Allow to bind service to nonlocal address, if it virtaual-vrrp address +    # or if address will be assign later +    if 'local_host' in openvpn: +        if not is_addr_assigned(openvpn['local_host']): +            cmd('sysctl -w net.ipv4.ip_nonlocal_bind=1') +      # No matching OpenVPN process running - maybe it got killed or none      # existed - nevertheless, spawn new OpenVPN process      call(f'systemctl reload-or-restart openvpn@{interface}.service') | 
