summaryrefslogtreecommitdiff
path: root/src/conf_mode/interface-openvpn.py
AgeCommit message (Collapse)Author
2019-09-20Merge pull request #133 from vindenesen/openvpn-minimum-tls-versionDaniil Baturin
[OpenVPN] T1675: Added setting for minimum tls version
2019-09-20OpenVPN - changed tls-minimum-version to tls-version-minvindenesen
2019-09-19OpenVPN - Added setting for minimum tls versionvindenesen
2019-09-19Added setting for tls-auth. Added check for if tls_cert and tls_key was defined.vindenesen
2019-09-14[openvpn] T1661 Adding additional check for tls_dh if it not need for ovpn ↵DmitriyEshenko
client
2019-09-14[openvpn] T1661 Fixing returned value on check functionDmitriyEshenko
2019-09-06openvpn: T1548: always restart OpenVPNChristian Poessinger
Previous implementations sent a SIGUSR1 to OpenVPN to initialte a restart after the configuration changed - as this was the same as the client keepalive mechanism did. Unfortunately on SIGUSR1 OpenVPN does not re-read the configuration file. Thus changed options were never taken into account.
2019-09-06openvpn: T1548: cleanup import statementsChristian Poessinger
2019-09-06openvpn: T1630: support adding routes as unpriviledged userChristian Poessinger
2019-09-04openvpn: T1617: T1632: support quotes in openvpn-optionChristian Poessinger
The following CLI command can be used to add a raw option to OpenVPN which requires quotes: > set interfaces openvpn vtun10 openvpn-option 'push "keepalive 1 10"' The resulting config file will then have the following set: > push "keepalive 1 10"
2019-08-27openvpn: T1617: bugfix for server push-routeChristian Poessinger
2019-08-19openvpn: T1548: remove authy 2fa providerChristian Poessinger
According to https://github.com/twilio/authy-openvpn commit 3e5dc73: > This plugin is no longer actively maintained. If you're interested in becoming a maintainer, we welcome forks of this project. In addition this plugin was always missing in the current branch ov VyOS and did not make it into VyOS 1.2 (crux) If 2FA for OpenVPN is required we should probably opt for Google Authenticator or if possible a U2F device.
2019-08-18openvpn: T1548: support creating L2 bridgesChristian Poessinger
2019-08-17openvpn: T1548: fix generated topology statement for 'server point-to-point'Christian Poessinger
2019-08-17openvpn: T1548: don't generate config if instance is disabledChristian Poessinger
2019-08-17openvpn: T1548: fix generated client subnet mask for topology 'server'Christian Poessinger
2019-08-17openvpn: T1548: widen generated folder permission to 755Christian Poessinger
2019-08-17openvpn: T1548: add description to generated config fileChristian Poessinger
2019-08-17openvpn: T1548: fix enable/disable of entire interfaceChristian Poessinger
2019-08-17openvpn: T1548: remove debug outputChristian Poessinger
2019-08-17openvpn: T1548: fix file ownership of client configuration fileChristian Poessinger
2019-08-16openvpn: T1548: initial rewrite with XML and PythonChristian Poessinger