From eb1ed5e518a08c488fd05ce9cf63b63a5a25c21a Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 1 Nov 2020 15:29:37 +0100 Subject: openvpn: T2994: re-add ifconfig-pool statement in server config Re-organize the template code and add addtitional Jinja2 filters for processing the ifconfig-pool statement. This reverts the changes from commit 7e546be9 ("openvpn: T2994: temporary revert to 1.2 crux behavior for client pools"). --- data/templates/openvpn/server.conf.tmpl | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'data') diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl index 91542c71a..66da9c794 100644 --- a/data/templates/openvpn/server.conf.tmpl +++ b/data/templates/openvpn/server.conf.tmpl @@ -61,7 +61,16 @@ tls-server {% if server is defined and server is not none %} {% if server.subnet is defined and server.subnet is not none %} {% for subnet in server.subnet if subnet | ipv4 %} -server {{ subnet | address_from_cidr }} {{ subnet | netmask_from_cidr }} +server {{ subnet | address_from_cidr }} {{ subnet | netmask_from_cidr }} nopool +{# OpenVPN assigns the first IP address to its local interface so the pool used #} +{# in net30 topology - where each client receives a /30 must start from the second subnet #} +{% if server.topology is defined and server.topology == 'net30' %} +ifconfig-pool {{ subnet | inc_ip('4') }} {{ subnet | last_host_address }} {{ subnet | netmask_from_cidr if device_type == 'tap' else '' }} +{% else %} +{# OpenVPN assigns the first IP address to its local interface so the pool must #} +{# start from the second address and end on the last address #} +ifconfig-pool {{ subnet | first_host_address | inc_ip('1') }} {{ subnet | last_host_address }} {{ subnet | netmask_from_cidr if device_type == 'tap' else '' }} +{% endif %} {% endfor %} {% endif %} {% if server.topology is defined and server.topology == 'point-to-point' %} -- cgit v1.2.3