From bb9f99853c723c5100c3fffbc592ba79f3abebfe Mon Sep 17 00:00:00 2001
From: Jernej Jakob <jernej.jakob@gmail.com>
Date: Tue, 14 Apr 2020 17:15:58 +0200
Subject: openvpn: T149: IPv6 support

- allow configuring IPv6 server addresses and push options
- add IPv6 server client IP pool
- add IPv6 push dhcp-option DNS6
- allow configuring IPv6 server client addresses
- allow configuring IPv6 site-to-site addresses
- validate all IPv6 options and addresses
- use protos that explicitely open an IPv6 listening socket
  (tcp6-server, tcp6-client, udp6) as the default on Linux listens on
  IPv4 only (https://community.openvpn.net/openvpn/ticket/360)
- add validator for any IPv6 address, host or network (used by pool)
---
 data/templates/openvpn/client.conf.tmpl | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

(limited to 'data/templates/openvpn/client.conf.tmpl')

diff --git a/data/templates/openvpn/client.conf.tmpl b/data/templates/openvpn/client.conf.tmpl
index 3099f2ca7..508d8da94 100644
--- a/data/templates/openvpn/client.conf.tmpl
+++ b/data/templates/openvpn/client.conf.tmpl
@@ -1,8 +1,9 @@
 ### Autogenerated by interfaces-openvpn.py ###
 
 {% if ip -%}
-ifconfig-push {{ ip }} {{ remote_netmask }}
+ifconfig-push {{ ip[0] }} {{ remote_netmask }}
 {% endif -%}
+
 {% for route in push_route -%}
 push "route {{ route }}"
 {% endfor -%}
@@ -11,6 +12,24 @@ push "route {{ route }}"
 iroute {{ net }}
 {% endfor -%}
 
+{# ipv6_remote is only set when IPv6 server is enabled #}
+{% if ipv6_remote -%}
+# IPv6
+
+{%- if ipv6_ip %}
+ifconfig-ipv6-push {{ ipv6_ip[0] }} {{ ipv6_remote }}
+{%- endif %}
+
+{%- for route6 in ipv6_push_route %}
+push "route-ipv6 {{ route6 }}"
+{%- endfor %}
+
+{%- for net6 in ipv6_subnet %}
+iroute {{ net6 }}
+{%- endfor %}
+
+{% endif -%}
+
 {% if disable -%}
 disable
 {% endif -%}
-- 
cgit v1.2.3