summaryrefslogtreecommitdiff
path: root/data/templates/openvpn
diff options
context:
space:
mode:
authorjjakob <jernej.jakob@gmail.com>2020-04-11 11:45:14 +0200
committerjjakob <jernej.jakob@gmail.com>2020-04-13 14:30:20 +0200
commitbb36bdec1506c7fbf57b786c907b0c7cd5efc117 (patch)
treeb4fd8dda4eeb91fccb0a9544b30f4832cb1a8690 /data/templates/openvpn
parent1cf1cb506e6c868f0e1159c8056ea1bba815e5a8 (diff)
downloadvyos-1x-bb36bdec1506c7fbf57b786c907b0c7cd5efc117.tar.gz
vyos-1x-bb36bdec1506c7fbf57b786c907b0c7cd5efc117.zip
openvpn: T2235: add custom server pool handling
- add config options and logic for server client-ip-pool - add function for determining default IPs for the server in different configurations - verify for pool IPs and maximum subnet prefix length - move remote netmask logic for client ifconfig-push to use new function - add topology 'net30' , set it as default (as it already was) - replace generic ip_* with IPv4* where necessary - print warning to console when server client IP is in server pool - fix server subnet help field
Diffstat (limited to 'data/templates/openvpn')
-rw-r--r--data/templates/openvpn/server.conf.tmpl11
1 files changed, 8 insertions, 3 deletions
diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl
index 340ead269..37e9c7f2a 100644
--- a/data/templates/openvpn/server.conf.tmpl
+++ b/data/templates/openvpn/server.conf.tmpl
@@ -71,13 +71,18 @@ nobind
#
{%- if server_topology %}
-topology {% if 'point-to-point' in server_topology %}p2p{% else %}subnet{% endif %}
+topology {% if server_topology == 'point-to-point' %}p2p{% else %}{{ server_topology }}{% endif %}
{%- endif %}
{%- if bridge_member %}
-server-bridge nogw
+mode server
+tls-server
{%- else %}
-server {{ server_subnet }}
+server {{ server_subnet }}{% if server_pool_start %} nopool{% endif %}
+{%- endif %}
+
+{%- if server_pool_start %}
+ifconfig-pool {{ server_pool_start }} {{ server_pool_stop }}{% if server_pool_netmask %} {{ server_pool_netmask }}{% endif %}
{%- endif %}
{%- if server_max_conn %}