summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjjakob <jernej.jakob@gmail.com>2020-04-04 15:03:42 +0200
committerjjakob <jernej.jakob@gmail.com>2020-04-04 15:17:05 +0200
commit11fdb20ca051a6e5083d0d321191033418e5f8f7 (patch)
tree7f8871b9f5c47075704e8159bdd7dd27a9ca9b36
parentf91a8869cb1ab3acc605a93789e9310f33dbd979 (diff)
downloadvyos-1x-11fdb20ca051a6e5083d0d321191033418e5f8f7.tar.gz
vyos-1x-11fdb20ca051a6e5083d0d321191033418e5f8f7.zip
openvpn: T2222: set 'multihome' option when local-host is unset
If configured with protocol udp and no local-host, openvpn needs the 'multihome' option to correctly work on all addresses.
Diffstat
-rwxr-xr-xsrc/conf_mode/interfaces-openvpn.py9
1 files changed, 6 insertions, 3 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index fb2d6e6d9..9bac4d759 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -66,6 +66,10 @@ proto {% if 'tcp-active' in protocol -%}tcp-client{% elif 'tcp-passive' in proto
local {{ local_host }}
{% endif %}
+{%- if mode == 'server' and protocol == 'udp' and not local_host %}
+multihome
+{% endif %}
+
{%- if local_port %}
lport {{ local_port }}
{% endif %}
@@ -308,7 +312,7 @@ default_config_data = {
'ncp_ciphers': '',
'options': [],
'persistent_tunnel': False,
- 'protocol': '',
+ 'protocol': 'udp',
'redirect_gateway': '',
'remote_address': '',
'remote_host': [],
@@ -512,8 +516,7 @@ def get_config():
# OpenVPN operation mode
if conf.exists('mode'):
- mode = conf.return_value('mode')
- openvpn['mode'] = mode
+ openvpn['mode'] = conf.return_value('mode')
# Additional OpenVPN options
if conf.exists('openvpn-option'):
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-06 11:22:14 +0000