diff options
| author | Daniil Baturin <daniil@vyos.io> | 2023-09-14 15:37:20 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-09-14 15:37:20 +0100 |
| commit | 599016be1ac0b659a4baf696d5be7db9a36a2fea (patch) | |
| tree | 74a0d7eef971b717271519d8c4e2a3ba08d5ef99 /src | |
| parent | c355b07c21b6cac7405a6e575947a181fd2236f5 (diff) | |
| parent | 0ccbbca01b22232b5cba63d64ab00eb54af7b068 (diff) | |
| download | vyos-1x-599016be1ac0b659a4baf696d5be7db9a36a2fea.tar.gz vyos-1x-599016be1ac0b659a4baf696d5be7db9a36a2fea.zip | |
Merge pull request #1637 from ordex/T3214
openvpn: T3214: fix server-ipv6 and nopool handling
Diffstat (limited to 'src')
| -rwxr-xr-x | src/conf_mode/interfaces-openvpn.py | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index 1d0feb56f..9f4de990c 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -344,9 +344,6 @@ def verify(openvpn): if v6_subnets > 1: raise ConfigError('Cannot specify more than 1 IPv6 server subnet') - if v6_subnets > 0 and v4_subnets == 0: - raise ConfigError('IPv6 server requires an IPv4 server subnet') - for subnet in tmp: if is_ipv4(subnet): subnet = IPv4Network(subnet) @@ -388,6 +385,10 @@ def verify(openvpn): for v4PoolNet in v4PoolNets: if IPv4Address(client['ip'][0]) in v4PoolNet: print(f'Warning: Client "{client["name"]}" IP {client["ip"][0]} is in server IP pool, it is not reserved for this client.') + # configuring a client_ip_pool will set 'server ... nopool' which is currently incompatible with 'server-ipv6' (probably to be fixed upstream) + for subnet in (dict_search('server.subnet', openvpn) or []): + if is_ipv6(subnet): + raise ConfigError(f'Setting client-ip-pool is incompatible having an IPv6 server subnet.') for subnet in (dict_search('server.subnet', openvpn) or []): if is_ipv6(subnet): |