/[smecontribs]/rpms/smeserver-libreswan-xl2tpd/contribs9/smeserver-libreswan-xl2tpd-update-ip-up-local.patch
ViewVC logotype

Contents of /rpms/smeserver-libreswan-xl2tpd/contribs9/smeserver-libreswan-xl2tpd-update-ip-up-local.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Thu Jan 30 14:35:46 2020 UTC (4 years, 9 months ago) by jcrisp
Branch: MAIN
CVS Tags: smeserver-libreswan-xl2tpd-0_5-9, smeserver-libreswan-xl2tpd-0_5-8, smeserver-libreswan-xl2tpd-0_5-7, HEAD
* Thu Jan 30 2020 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-7
- Update ip-up.local to add debug and enhance setting
- update ipsec.conf to for NAT/noNAT
- add $mtu key -defaults to 1400

1 diff -ruN smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd
2 --- smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd 2020-01-30 15:25:07.275975761 +0100
3 +++ smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd 2020-01-30 15:32:48.235443757 +0100
4 @@ -28,9 +28,18 @@
5
6 else {
7
8 - # Currently these are hard coded but could come from the DB key
9 + # Currently most of these are hard coded but could come from the DB key
10 +
11 + # For nat connections you can use "vhost:%no,%priv"
12 + # See above
13 + # https://github.com/libreswan/libreswan/blob/master/docs/examples/l2tp-psk.conf
14 + # see https://libreswan.org/man/ipsec.conf.5.html -> leftsubnet
15 +
16 + $OUT .= "conn $ipsecprop-NAT";
17 + $OUT .= " rightsubnet=vhost:%priv";
18 + $OUT .= " also=$ipsecprop-noNAT";
19
20 - $OUT .= "conn $ipsecprop\n";
21 + $OUT .= "conn $ipsecprop-noNAT\n";
22 $OUT .= " authby=secret\n";
23 $OUT .= " pfs=no\n";
24 $OUT .= " auto=add\n";
25 @@ -61,12 +70,8 @@
26 $OUT .= " dpdaction=$dpdaction\n";
27
28 # Some additional config entries if required
29 - # For nat connections you can use "vhost:%no,%priv"
30 - # Disabled for now - needs some thought
31 - # Probably only needed if you are doing subnet <-> subnet
32 - # Most likely not required for dialin
33 - # see https://libreswan.org/man/ipsec.conf.5.html -> leftsubnet
34 -
35 + # right subnet would not normally be used as it is used above
36 +
37 my $rightsubnet = $ipsecDB->get_prop( $ipsecprop, 'rightsubnet' ) || '';
38 if ( $rightsubnet ne '' ) {
39 $OUT .= " rightsubnet=$rightsubnet\n";
40 diff -ruN smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam30xl2tpd smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam30xl2tpd
41 --- smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam30xl2tpd 2017-11-24 13:51:59.000000000 +0100
42 +++ smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ppp/ip-up.local/30ipparam30xl2tpd 2020-01-30 15:32:48.235443757 +0100
43 @@ -1,4 +1,11 @@
44 - xl2tpd)
45 - echo xl2tpd "$@" |logger -t "ip-up"
46 - /sbin/e-smith/signal-event ip-up.xl2tpd
47 - ;;
48 +{
49 + my $status = ${'xl2tpd'}{'debug'} || 'disabled';
50 +
51 + $OUT .= " xl2tpd)\n";
52 +
53 + if ( $status eq 'enabled' ) {
54 + $OUT .= " echo xl2tpd \"$@\" |logger -t \"xl2tpd-ip-up\" \n";
55 + }
56 + $OUT .= " /sbin/e-smith/signal-event ip-up.xl2tpd \"\$@\" \n";
57 + $OUT .= " ;;";
58 +}
59 diff -ruN smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ppp/options.xl2tpd/10default smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ppp/options.xl2tpd/10default
60 --- smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ppp/options.xl2tpd/10default 2017-11-24 13:51:59.000000000 +0100
61 +++ smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ppp/options.xl2tpd/10default 2020-01-30 15:32:48.235443757 +0100
62 @@ -25,6 +25,7 @@
63 my $InternalIP = $configDB->get_prop( "InternalInterface", 'IPAddress' );
64 my $DNS = $configDB->get_prop( "xl2tpd", 'DNS' ) || '';
65 my $debug = $configDB->get_prop( "xl2tpd", 'debug' ) || 'disabled';
66 + my $mtu = $configDB->get_prop( "xl2tpd", 'mtu' ) || '1400';
67
68 $OUT .= "#x2ltpd\n";
69 $OUT .= "login\n";
70 @@ -45,8 +46,8 @@
71
72 $OUT .= "ipparam xl2tpd\n";
73 $OUT .= "auth\n";
74 - $OUT .= "mtu 1400\n";
75 - $OUT .= "mru 1400\n";
76 + $OUT .= "mtu $mtu\n";
77 + $OUT .= "mru $mtu\n";
78 $OUT .= "hide-password\n";
79 $OUT .= "name l2tpd\n";
80 $OUT .= "proxyarp\n";

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed