Skip to content

O
OpnSense
Commit 6e7f8e50 authored by Ad Schellevis's avatar Ad Schellevis
Browse files
Options

(plugins, interfaces) move legacy vpn interfaces to plugins

parent d082febd
Hide whitespace changes
Inline Side-by-side
Showing with 159 additions and 152 deletions
src/etc/inc/filter.inc
View file @ 6e7f8e50
...@@ -848,146 +848,96 @@ function filter_generate_optcfg_array() ...@@ -848,146 +848,96 @@ function filter_generate_optcfg_array()
$FilterIflist = array(); $FilterIflist = array();
/* if list */ /* traverse interfaces */
$iflist = get_configured_interface_with_descr(); foreach (legacy_config_get_interfaces(array("enable" => true)) as $if => $ifdetail) {
foreach ($iflist as $if => $ifdetail) { if (isset($ifdetail['internal_dynamic'])) {
$oc = $config['interfaces'][$if]; // plugin is responsible for its own config
$oic = array(); $FilterIflist[$if] = $ifdetail;
$oic['if'] = get_real_interface($if);
if (!does_interface_exist($oic['if'])) {
continue;
}
$oic['ifv6'] = get_real_interface($if, "inet6");
$oic['ip'] = get_interface_ip($if);
$oic['ipv6'] = get_interface_ipv6($if);
if (!is_ipaddrv4($oc['ipaddr']) && !empty($oc['ipaddr'])) {
$oic['type'] = $oc['ipaddr'];
}
if (isset($oc['ipaddrv6'])) {
if ( !is_ipaddrv6($oc['ipaddrv6']) && !empty($oc['ipaddrv6'])) {
$oic['type6'] = $oc['ipaddrv6'];
}
} else {
$oic['type6'] = null;
}
if (!empty($oc['track6-interface'])) {
$oic['track6-interface'] = $oc['track6-interface'];
}
$oic['sn'] = get_interface_subnet($if);
$oic['snv6'] = get_interface_subnetv6($if);
$oic['mtu'] = empty($oc['mtu']) ? 1500 : $oc['mtu'];
$oic['mss'] = empty($oc['mss']) ? '' : $oc['mss'];
$oic['descr'] = $ifdetail;
$oic['sa'] = gen_subnet($oic['ip'], $oic['sn']);
$oic['sav6'] = gen_subnetv6($oic['ipv6'], $oic['snv6']);
if (isset($oc['nonat'])) {
$oic['nonat'] = $oc['nonat'];
} else {
$oic['nonat'] = null;
}
if (isset($oc['alias-address'])) {
$oic['alias-address'] = $oc['alias-address'];
} else {
$oic['alias-address'] = null;
}
if (isset($oc['alias-subnet'])) {
$oic['alias-subnet'] = $oc['alias-subnet'];
} else {
$oic['alias-subnet'] = null;
}
if (isset($oc['gateway'])) {
$oic['gateway'] = $oc['gateway'];
} else {
$oic['gateway'] = null ;
}
if (isset($oc['gatewayv6'])) {
$oic['gatewayv6'] = $oc['gatewayv6'];
} else { } else {
$oic['gatewayv6'] = null; // XXX needs cleanup, original content
} $oic = array();
$oic['spoofcheck'] = "yes"; $oic['if'] = get_real_interface($if);
$oic['bridge'] = link_interface_to_bridge($if); if (!does_interface_exist($oic['if'])) {
$vips = link_interface_to_vips($if); continue;
if (!empty($vips)) { }
foreach ($vips as $vipidx => $vip) { $oic['ifv6'] = get_real_interface($if, "inet6");
if (is_ipaddrv4($vip['subnet'])) { $oic['ip'] = get_interface_ip($if);
if (!isset($oic['vips'])) { $oic['ipv6'] = get_interface_ipv6($if);
$oic['vips'] = array(); if (!is_ipaddrv4($ifdetail['ipaddr']) && !empty($ifdetail['ipaddr'])) {
} $oic['type'] = $ifdetail['ipaddr'];
$oic['vips'][$vipidx]['ip'] = $vip['subnet']; }
if (empty($vip['subnet_bits'])) { if (isset($ifdetail['ipaddrv6'])) {
$oic['vips'][$vipidx]['sn'] = 32; if ( !is_ipaddrv6($ifdetail['ipaddrv6']) && !empty($ifdetail['ipaddrv6'])) {
} else { $oic['type6'] = $ifdetail['ipaddrv6'];
$oic['vips'][$vipidx]['sn'] = $vip['subnet_bits'];
}
} else if (is_ipaddrv6($vip['subnet'])) {
if (!is_array($oic['vips6'])) {
$oic['vips6'] = array();
}
$oic['vips6'][$vipidx]['ip'] = $vip['subnet'];
if (empty($vip['subnet_bits'])) {
$oic['vips6'][$vipidx]['sn'] = 128;
} else {
$oic['vips6'][$vipidx]['sn'] = $vip['subnet_bits'];
}
} }
} else {
$oic['type6'] = null;
}
if (!empty($ifdetail['track6-interface'])) {
$oic['track6-interface'] = $ifdetail['track6-interface'];
}
$oic['sn'] = get_interface_subnet($if);
$oic['snv6'] = get_interface_subnetv6($if);
$oic['mtu'] = empty($ifdetail['mtu']) ? 1500 : $ifdetail['mtu'];
$oic['mss'] = empty($ifdetail['mss']) ? '' : $ifdetail['mss'];
$oic['descr'] = !empty($ifdetail['descr']) ? $ifdetail['descr'] : $if;
$oic['sa'] = gen_subnet($oic['ip'], $oic['sn']);
$oic['sav6'] = gen_subnetv6($oic['ipv6'], $oic['snv6']);
if (isset($ifdetail['nonat'])) {
$oic['nonat'] = $ifdetail['nonat'];
} else {
$oic['nonat'] = null;
} }
} if (isset($ifdetail['alias-address'])) {
unset($vips); $oic['alias-address'] = $ifdetail['alias-address'];
$FilterIflist[$if] = $oic; } else {
} $oic['alias-address'] = null;
}
if (isset($config['pptpd']['mode']) && $config['pptpd']['mode'] == 'server') { if (isset($ifdetail['alias-subnet'])) {
$oic = array(); $oic['alias-subnet'] = $ifdetail['alias-subnet'];
$oic['if'] = 'pptp'; } else {
$oic['descr'] = 'pptp'; $oic['alias-subnet'] = null;
$oic['ip'] = $config['pptpd']['localip']; }
$oic['sa'] = $config['pptpd']['remoteip']; if (isset($ifdetail['gateway'])) {
$oic['mode'] = $config['pptpd']['mode']; $oic['gateway'] = $ifdetail['gateway'];
$oic['virtual'] = true; } else {
if ($config['pptpd']['pptp_subnet'] <> "") { $oic['gateway'] = null ;
$oic['sn'] = $config['pptpd']['pptp_subnet']; }
} else { if (isset($ifdetail['gatewayv6'])) {
$oic['sn'] = "32"; $oic['gatewayv6'] = $ifdetail['gatewayv6'];
} } else {
$FilterIflist['pptp'] = $oic; $oic['gatewayv6'] = null;
} }
if (isset($config['l2tp']['mode']) && $config['l2tp']['mode'] == 'server') { $oic['spoofcheck'] = "yes";
$oic = array(); $oic['bridge'] = link_interface_to_bridge($if);
$oic['if'] = 'l2tp'; $vips = link_interface_to_vips($if);
$oic['descr'] = 'L2TP'; if (!empty($vips)) {
$oic['ip'] = $config['l2tp']['localip']; foreach ($vips as $vipidx => $vip) {
$oic['sa'] = $config['l2tp']['remoteip']; if (is_ipaddrv4($vip['subnet'])) {
if ($config['l2tp']['l2tp_subnet'] <> "") { if (!isset($oic['vips'])) {
$oic['sn'] = $config['l2tp']['l2tp_subnet']; $oic['vips'] = array();
} else { }
$oic['sn'] = "32"; $oic['vips'][$vipidx]['ip'] = $vip['subnet'];
} if (empty($vip['subnet_bits'])) {
$oic['mode'] = $config['l2tp']['mode']; $oic['vips'][$vipidx]['sn'] = 32;
$oic['virtual'] = true; } else {
$FilterIflist['l2tp'] = $oic; $oic['vips'][$vipidx]['sn'] = $vip['subnet_bits'];
} }
if (isset($config['pppoes']['pppoe'])) { } else if (is_ipaddrv6($vip['subnet'])) {
$pppoeifs = array(); if (!is_array($oic['vips6'])) {
foreach($config['pppoes']['pppoe'] as $pppoe) { $oic['vips6'] = array();
if ($pppoe['mode'] == "server") { }
$oic = array(); $oic['vips6'][$vipidx]['ip'] = $vip['subnet'];
$oic['if'] = 'pppoe'; if (empty($vip['subnet_bits'])) {
$oic['descr'] = 'pppoe'; $oic['vips6'][$vipidx]['sn'] = 128;
$oic['ip'] = $pppoe['localip']; } else {
$oic['sa'] = $pppoe['remoteip']; $oic['vips6'][$vipidx]['sn'] = $vip['subnet_bits'];
$oic['mode'] = $pppoe['mode']; }
$oic['virtual'] = true; }
if ($pppoe['pppoe_subnet'] <> "") {
$oic['sn'] = $pppoe['pppoe_subnet'];
} else {
$oic['sn'] = "32";
} }
$pppoeifs[] = $oic;
} }
} unset($vips);
if (count($pppoeifs)) { $FilterIflist[$if] = $oic;
$FilterIflist['pppoe'] = $pppoeifs;
} }
} }
/* add ipsec interfaces */ /* add ipsec interfaces */
...@@ -1196,8 +1146,8 @@ function filter_nat_rules_automatic_tonathosts(&$FilterIflist, $with_descr = fal ...@@ -1196,8 +1146,8 @@ function filter_nat_rules_automatic_tonathosts(&$FilterIflist, $with_descr = fal
} }
/* PPPoE subnet */ /* PPPoE subnet */
if (isset($FilterIflist['pppoe']) && is_array($FilterIflist['pppoe'])) if (isset($FilterIflist['pppoe']['networks']) && is_array($FilterIflist['pppoe']['networks']))
foreach ($FilterIflist['pppoe'] as $pppoe) { foreach ($FilterIflist['pppoe']['networks'] as $pppoe) {
if (is_private_ip($pppoe['ip'])) { if (is_private_ip($pppoe['ip'])) {
$tonathosts[] = "{$pppoe['sa']}/{$pppoe['sn']}"; $tonathosts[] = "{$pppoe['sa']}/{$pppoe['sn']}";
$descriptions[] = gettext("PPPoE server"); $descriptions[] = gettext("PPPoE server");
......
src/etc/inc/interfaces.inc
View file @ 6e7f8e50
...@@ -4104,7 +4104,7 @@ function convert_real_interface_to_friendly_interface_name($interface = 'wan') ...@@ -4104,7 +4104,7 @@ function convert_real_interface_to_friendly_interface_name($interface = 'wan')
return null; return null;
} }
foreach ($config['interfaces'] as $if => $ifname) { foreach (legacy_config_get_interfaces() as $if => $ifname) {
if ($if == $interface || $ifname['if'] == $interface) { if ($if == $interface || $ifname['if'] == $interface) {
return $if; return $if;
} }
...@@ -4295,25 +4295,14 @@ function get_real_interface($interface = "wan", $family = "all", $realv6iface = ...@@ -4295,25 +4295,14 @@ function get_real_interface($interface = "wan", $family = "all", $realv6iface =
$wanif = null; $wanif = null;
switch ($interface) { switch ($interface) {
case "l2tp":
$wanif = "l2tp";
break;
case "pptp":
$wanif = "pptp";
break;
case "pppoe":
$wanif = "pppoe";
break;
case "openvpn": case "openvpn":
$wanif = "openvpn"; case "ppp":
$wanif = $interface;
break; break;
case "ipsec": case "ipsec":
case "enc0": case "enc0":
$wanif = "enc0"; $wanif = "enc0";
break; break;
case "ppp":
$wanif = "ppp";
break;
default: default:
// If a real interface was alread passed simply // If a real interface was alread passed simply
// pass the real interface back. This encourages // pass the real interface back. This encourages
...@@ -4482,7 +4471,7 @@ function link_interface_to_track6($int, $action = '') ...@@ -4482,7 +4471,7 @@ function link_interface_to_track6($int, $action = '')
if (isset($config['interfaces'])) { if (isset($config['interfaces'])) {
$list = array(); $list = array();
foreach ($config['interfaces'] as $ifname => $ifcfg) { foreach (legacy_config_get_interfaces(array("virtual" => false)) as $ifname => $ifcfg) {
if (!isset($ifcfg['enable'])) { if (!isset($ifcfg['enable'])) {
continue; continue;
} }
......
src/etc/inc/plugins.inc.d/vpn.inc
View file @ 6e7f8e50
...@@ -657,3 +657,71 @@ EOD; ...@@ -657,3 +657,71 @@ EOD;
return 0; return 0;
} }
function vpn_interface()
{
global $config;
$interfaces = array();
if (isset($config['pptpd']['mode']) && $config['pptpd']['mode'] == 'server') {
$oic = array("enable" => true);
$oic['if'] = 'pptp';
$oic['descr'] = 'pptp';
$oic['ip'] = $config['pptpd']['localip'];
$oic['sa'] = $config['pptpd']['remoteip'];
if (!empty($config['pptpd']['pptp_subnet'])) {
$oic['sn'] = $config['pptpd']['pptp_subnet'];
} else {
$oic['sn'] = "32";
}
$oic['mode'] = $config['pptpd']['mode'];
$oic['virtual'] = true;
$interfaces['pptp'] = $oic;
}
if (isset($config['l2tp']['mode']) && $config['l2tp']['mode'] == 'server') {
$oic = array("enable" => true);
$oic['if'] = 'l2tp';
$oic['descr'] = 'L2TP';
$oic['ip'] = $config['l2tp']['localip'];
$oic['sa'] = $config['l2tp']['remoteip'];
if (!empty($config['l2tp']['l2tp_subnet'])) {
$oic['sn'] = $config['l2tp']['l2tp_subnet'];
} else {
$oic['sn'] = "32";
}
$oic['mode'] = $config['l2tp']['mode'];
$oic['virtual'] = true;
$interfaces['l2tp'] = $oic;
}
if (isset($config['pppoes']['pppoe'])) {
$pppoeifs = array('networks' => array());
foreach($config['pppoes']['pppoe'] as $pppoe) {
if ($pppoe['mode'] == "server") {
$oic = array();
$oic['sa'] = $pppoe['remoteip'];
if ($pppoe['pppoe_subnet'] <> "") {
$oic['sn'] = $pppoe['pppoe_subnet'];
} else {
$oic['sn'] = "32";
}
$oic['ip'] = $pppoe['localip'];
$pppoeifs['networks'][] = $oic;
}
}
if (count($pppoeifs['networks'])) {
$pppoeifs['enable'] = true;
$pppoeifs['if'] = 'pppoe';
$pppoeifs['descr'] = 'pppoe';
$pppoeifs['ip'] = "";
$pppoeifs['sa'] = "";
$pppoeifs['sn'] = "32";
$pppoeifs['mode'] = "";
$pppoeifs['virtual'] = true;
$interfaces['pppoe'] = $pppoeifs;
}
}
return $interfaces;
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023