diff options
| author | jim-p <jimp@pfsense.org> | 2013-11-25 16:53:54 -0500 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2013-11-25 16:53:54 -0500 |
| commit | 63aa82df03b81c31a4a0a2f74950cbcaf54b67f2 (patch) | |
| tree | 3a7cf8bdda50a3a3604f018177dfcef70a0e4f33 /config/openvpn-client-export/openvpn-client-export.inc | |
| parent | f581b75f072a51330de2619669fc799a8ac5de73 (diff) | |
| download | pfsense-packages-63aa82df03b81c31a4a0a2f74950cbcaf54b67f2.tar.gz pfsense-packages-63aa82df03b81c31a4a0a2f74950cbcaf54b67f2.tar.bz2 pfsense-packages-63aa82df03b81c31a4a0a2f74950cbcaf54b67f2.zip | |
Instruct the client to use a random local port for OpenVPN in the exported configuration.
Diffstat (limited to 'config/openvpn-client-export/openvpn-client-export.inc')
| -rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.inc | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index e6351686..4d6ded8f 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -170,7 +170,7 @@ function openvpn_client_export_validate_config($srvid, $usrid, $crtid) { return array($settings, $server_cert, $server_ca, $servercn, $user, $cert, $nokeys); } -function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $usetoken, $nokeys = false, $proxy, $expformat = "baseconf", $outpass = "", $skiptls=false, $doslines=false, $openvpnmanager, $advancedoptions = "") { +function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $nokeys = false, $proxy, $expformat = "baseconf", $outpass = "", $skiptls=false, $doslines=false, $openvpnmanager, $advancedoptions = "") { global $config, $input_errors, $g; $pfs_version = substr(trim(file_get_contents("/etc/version")),0,3); @@ -209,6 +209,12 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifys if (($expformat != "inlinedroid") && ($expformat != "inlineios")) $conf .= "resolv-retry infinite{$nl}"; $conf .= "$remotes{$nl}"; + + /* Use a random local port, otherwise two clients will conflict if they run at the same time. + May not be supported on older clients (Released before May 2010) */ + if (($randomlocalport != 0) && (substr($expformat, 0, 7) != "yealink") && ($expformat != "snom")) + $conf .= "lport 0{$nl}"; + /* This line can cause problems with auth-only setups and also with Yealink/Snom phones since they are stuck on an older OpenVPN version that does not support this feature. */ if (!empty($servercn) && !$nokeys) { @@ -471,7 +477,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifys } } -function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $usetoken, $outpass, $proxy, $openvpnmanager, $advancedoptions, $openvpn_version = "2.1") { +function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $outpass, $proxy, $openvpnmanager, $advancedoptions, $openvpn_version = "2.1") { global $config, $g, $input_errors; $uname_p = trim(exec("uname -p")); @@ -523,7 +529,7 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $veri $pwdfle .= "{$proxy['password']}\r\n"; file_put_contents("{$confdir}/{$proxy['passwdfile']}", $pwdfle); } - $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $usetoken, $nokeys, $proxy, "", "baseconf", false, true, $openvpnmanager, $advancedoptions); + $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $nokeys, $proxy, "", "baseconf", false, true, $openvpnmanager, $advancedoptions); if (!$conf) { $input_errors[] = "Could not create a config to export."; return false; @@ -588,7 +594,7 @@ RunProgram="openvpn-postinstall.exe" return $outfile; } -function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $usetoken, $outpass, $proxy, $openvpnmanager, $advancedoptions) { +function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $outpass, $proxy, $openvpnmanager, $advancedoptions) { global $config, $g; $uname_p = trim(exec("uname -p")); @@ -623,7 +629,7 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead file_put_contents("{$tempdir}/{$proxy['passwdfile']}", $pwdfle); } - $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $usetoken, true, $proxy, "baseconf", "", true, $openvpnmanager, $advancedoptions); + $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, true, $proxy, "baseconf", "", true, $openvpnmanager, $advancedoptions); if (!$conf) return false; |