/[smecontribs]/rpms/smeserver-libreswan-xl2tpd/contribs9/smeserver-libreswan-xl2tpd-update-ip-up-local.patch
ViewVC logotype

Annotation of /rpms/smeserver-libreswan-xl2tpd/contribs9/smeserver-libreswan-xl2tpd-update-ip-up-local.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Thu Jan 30 14:35:46 2020 UTC (4 years, 9 months ago) by jcrisp
Branch: MAIN
CVS Tags: smeserver-libreswan-xl2tpd-0_5-9, smeserver-libreswan-xl2tpd-0_5-8, smeserver-libreswan-xl2tpd-0_5-7, HEAD
* Thu Jan 30 2020 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-7
- Update ip-up.local to add debug and enhance setting
- update ipsec.conf to for NAT/noNAT
- add $mtu key -defaults to 1400

1 jcrisp 1.1 diff -ruN smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd
2     --- smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd 2020-01-30 15:25:07.275975761 +0100
3     +++ smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd 2020-01-30 15:32:48.235443757 +0100
4     @@ -28,9 +28,18 @@
5    
6     else {
7    
8     - # Currently these are hard coded but could come from the DB key
9     + # Currently most of these are hard coded but could come from the DB key
10     +
11     + # For nat connections you can use "vhost:%no,%priv"
12     + # See above
13     + # https://github.com/libreswan/libreswan/blob/master/docs/examples/l2tp-psk.conf
14     + # see https://libreswan.org/man/ipsec.conf.5.html -> leftsubnet
15     +
16     + $OUT .= "conn $ipsecprop-NAT";
17     + $OUT .= " rightsubnet=vhost:%priv";
18     + $OUT .= " also=$ipsecprop-noNAT";
19    
20     - $OUT .= "conn $ipsecprop\n";
21     + $OUT .= "conn $ipsecprop-noNAT\n";
22     $OUT .= " authby=secret\n";
23     $OUT .= " pfs=no\n";
24     $OUT .= " auto=add\n";
25     @@ -61,12 +70,8 @@
26     $OUT .= " dpdaction=$dpdaction\n";
27    
28     # Some additional config entries if required
29     - # For nat connections you can use "vhost:%no,%priv"
30     - # Disabled for now - needs some thought
31     - # Probably only needed if you are doing subnet <-> subnet
32     - # Most likely not required for dialin
33     - # see https://libreswan.org/man/ipsec.conf.5.html -> leftsubnet
34     -
35     + # right subnet would not normally be used as it is used above
36     +
37     my $rightsubnet = $ipsecDB->get_prop( $ipsecprop, 'rightsubnet' ) || '';
38     if ( $rightsubnet ne '' ) {
39     $OUT .= " rightsubnet=$rightsubnet\n";
40     diff -ruN smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam30xl2tpd smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam30xl2tpd
41     --- smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam30xl2tpd 2017-11-24 13:51:59.000000000 +0100
42     +++ smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam30xl2tpd 2020-01-30 15:32:48.235443757 +0100
43     @@ -1,4 +1,11 @@
44     - xl2tpd)
45     - echo xl2tpd "$@" |logger -t "ip-up"
46     - /sbin/e-smith/signal-event ip-up.xl2tpd
47     - ;;
48     +{
49     + my $status = ${'xl2tpd'}{'debug'} || 'disabled';
50     +
51     + $OUT .= " xl2tpd)\n";
52     +
53     + if ( $status eq 'enabled' ) {
54     + $OUT .= " echo xl2tpd \"$@\" |logger -t \"xl2tpd-ip-up\" \n";
55     + }
56     + $OUT .= " /sbin/e-smith/signal-event ip-up.xl2tpd \"\$@\" \n";
57     + $OUT .= " ;;";
58     +}
59     diff -ruN smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ppp/options.xl2tpd/10default smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ppp/options.xl2tpd/10default
60     --- smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ppp/options.xl2tpd/10default 2017-11-24 13:51:59.000000000 +0100
61     +++ smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ppp/options.xl2tpd/10default 2020-01-30 15:32:48.235443757 +0100
62     @@ -25,6 +25,7 @@
63     my $InternalIP = $configDB->get_prop( "InternalInterface", 'IPAddress' );
64     my $DNS = $configDB->get_prop( "xl2tpd", 'DNS' ) || '';
65     my $debug = $configDB->get_prop( "xl2tpd", 'debug' ) || 'disabled';
66     + my $mtu = $configDB->get_prop( "xl2tpd", 'mtu' ) || '1400';
67    
68     $OUT .= "#x2ltpd\n";
69     $OUT .= "login\n";
70     @@ -45,8 +46,8 @@
71    
72     $OUT .= "ipparam xl2tpd\n";
73     $OUT .= "auth\n";
74     - $OUT .= "mtu 1400\n";
75     - $OUT .= "mru 1400\n";
76     + $OUT .= "mtu $mtu\n";
77     + $OUT .= "mru $mtu\n";
78     $OUT .= "hide-password\n";
79     $OUT .= "name l2tpd\n";
80     $OUT .= "proxyarp\n";

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed