[ previous ] [ next ] [ threads ]
 
 From:  Peter Curran <peter at closeconsultants dot com>
 To:  mg dot debruin at buum dot nl, m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] OpenVPN server on TCP
 Date:  Fri, 18 Feb 2005 17:35:01 +0000
Michael

Yep - this is a known bug reported a few weeks back.

The problem and solution is as you describe - the opetion van be set but is 
not parsed in openvpn.inc.  The fix is included with the latest version of 
the code which will be going off to Manuel shortly.

This round of updating has taken a long time because of my desire to get 
bridging working properly (and the very silly way that FreeBSD handles 
bridging makes this difficult to acheive).  Anyway - I think we are nearly 
there.

Peter

On Friday 18 February 2005 16:24, M. G. (Michael) de Bruin wrote:
> All,
>
> I am either going nuts (hey, almost weekend) or there is a bug in the
> OpenVPN configuration. What I am trying to do, is get OpenVPN to listen on
> a tcp port, so I can connect  to it through any firewall. However, even
> when I select TCP in the OpenVPN config, it still starts up as an UDP
> service (long live syslog):
>
> Feb 18 16:57:40 mercury openvpn[678]: OpenVPN 2.0_beta11
> i386-unknown-freebsd4.10 [SSL] built on Oct 23 2004
> Feb 18 16:57:40 mercury openvpn[678]: OpenVPN 2.0_beta11
> i386-unknown-freebsd4.10 [SSL] built on Oct 23 2004
> <snip uninteresting stuff>
> Feb 18 16:57:40 mercury openvpn[683]: UDPv4 link local (bound):
> x.x.x.x:8000 Feb 18 16:57:40 mercury openvpn[683]: UDPv4 link local
> (bound): x.x.x.x:8000 Feb 18 16:57:40 mercury openvpn[683]: UDPv4 link
> remote: [undef]
> Feb 18 16:57:40 mercury openvpn[683]: UDPv4 link remote: [undef]
>
> If I check the process page, this seems logical, since the option '--proto
> tcp-server' is missing.
>
> Now, if I check /etc/inc/openvpn.inc (more specifically, the function
> ovpn_config_server()), I can't find the option proto being set anywhere,
> which would explain UDP (which is default) being used as a protocol.
>
> If I am not mistaking, the following section should be added:
>
> /* Set protocol being used (TCP or UDP)
>   if ($server['proto'] == 'TCP') {
>     $ovpn_config .= "--proto tcp-server";
>     }
>
>
> Cheers,
>
> Michael de Bruin
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch

-- 
----------------------------------------------------------------------------
Peter Curran				  Leveraging Internet Technology
Close Consultants			       for Businesses
p: +44-1225-463700			 
f: +44-1225-463705			  
e: peter at closeconsultants dot com		  
sip: peter at closeconsultants dot com 


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.