diff options
author | Eric Sauvageau <rmerl@lostrealm.ca> | 2016-12-24 04:43:48 +0300 |
---|---|---|
committer | Eric Sauvageau <rmerl@lostrealm.ca> | 2016-12-24 04:43:48 +0300 |
commit | 32e0b6d0e604f81fd3e5d55e31165d29d635c04d (patch) | |
tree | 3ea4420749e110c50f29c6b4f62c7b4ecd3380b9 | |
parent | e920e9e0c5b882512ea817f1c9dbec729db2e8ac (diff) |
openvpn: set up firewall before starting openvpn server
-rw-r--r-- | release/src/router/rc/openvpn.c | 62 |
1 files changed, 30 insertions, 32 deletions
diff --git a/release/src/router/rc/openvpn.c b/release/src/router/rc/openvpn.c index 924604645e..fdbdd17161 100644 --- a/release/src/router/rc/openvpn.c +++ b/release/src/router/rc/openvpn.c @@ -469,21 +469,6 @@ void start_vpnclient(int clientNum) sprintf(&buffer2[0], "/etc/openvpn/client%d/config.ovpn", clientNum); run_postconf(&buffer[0], &buffer2[0]); - // Start the VPN client - sprintf(&buffer[0], "/etc/openvpn/vpnclient%d", clientNum); - sprintf(&buffer2[0], "/etc/openvpn/client%d", clientNum); - taskset_ret = cpu_eval(NULL, (clientNum % 2 == 0 ? CPU0 : CPU1), &buffer[0], "--cd", &buffer2[0], "--config", "config.ovpn"); - - vpnlog(VPN_LOG_INFO,"Starting OpenVPN client %d", clientNum); - - if (taskset_ret) - { - vpnlog(VPN_LOG_ERROR,"Starting OpenVPN failed..."); - stop_vpnclient(clientNum); - return; - } - vpnlog(VPN_LOG_EXTRA,"Done starting openvpn"); - // Handle firewall rules if appropriate sprintf(&buffer[0], "vpn_client%d_firewall", clientNum); if ( !nvram_contains_word(&buffer[0], "custom") ) @@ -521,6 +506,21 @@ void start_vpnclient(int clientNum) vpnlog(VPN_LOG_EXTRA,"Done running firewall rules"); } + // Start the VPN client + sprintf(&buffer[0], "/etc/openvpn/vpnclient%d", clientNum); + sprintf(&buffer2[0], "/etc/openvpn/client%d", clientNum); + taskset_ret = cpu_eval(NULL, (clientNum % 2 == 0 ? CPU0 : CPU1), &buffer[0], "--cd", &buffer2[0], "--config", "config.ovpn"); + + vpnlog(VPN_LOG_INFO,"Starting OpenVPN client %d", clientNum); + + if (taskset_ret) + { + vpnlog(VPN_LOG_ERROR,"Starting OpenVPN failed..."); + stop_vpnclient(clientNum); + return; + } + vpnlog(VPN_LOG_EXTRA,"Done starting openvpn"); + // Set up cron job sprintf(&buffer[0], "vpn_client%d_poll", clientNum); if ( (nvi = nvram_get_int(&buffer[0])) > 0 ) @@ -1434,23 +1434,6 @@ void start_vpnserver(int serverNum) sprintf(&buffer2[0], "/etc/openvpn/server%d/config.ovpn", serverNum); run_postconf(&buffer[0], &buffer2[0]); - - - // Start the VPN client - sprintf(&buffer[0], "/etc/openvpn/vpnserver%d", serverNum); - sprintf(&buffer2[0], "/etc/openvpn/server%d", serverNum); - - taskset_ret = cpu_eval(NULL, (serverNum == 1 ? CPU1 : CPU0), &buffer[0], "--cd", &buffer2[0], "--config", "config.ovpn"); - - vpnlog(VPN_LOG_INFO,"Starting OpenVPN server %d", serverNum); - if (taskset_ret) - { - vpnlog(VPN_LOG_ERROR,"Starting VPN instance failed..."); - stop_vpnserver(serverNum); - return; - } - vpnlog(VPN_LOG_EXTRA,"Done starting openvpn"); - // Handle firewall rules if appropriate sprintf(&buffer[0], "vpn_server%d_firewall", serverNum); if ( !nvram_contains_word(&buffer[0], "custom") ) @@ -1494,6 +1477,21 @@ void start_vpnserver(int serverNum) vpnlog(VPN_LOG_EXTRA,"Done running firewall rules"); } + // Start the VPN server + sprintf(&buffer[0], "/etc/openvpn/vpnserver%d", serverNum); + sprintf(&buffer2[0], "/etc/openvpn/server%d", serverNum); + + taskset_ret = cpu_eval(NULL, (serverNum == 1 ? CPU1 : CPU0), &buffer[0], "--cd", &buffer2[0], "--config", "config.ovpn"); + + vpnlog(VPN_LOG_INFO,"Starting OpenVPN server %d", serverNum); + if (taskset_ret) + { + vpnlog(VPN_LOG_ERROR,"Starting VPN instance failed..."); + stop_vpnserver(serverNum); + return; + } + vpnlog(VPN_LOG_EXTRA,"Done starting openvpn"); + // Set up cron job sprintf(&buffer[0], "vpn_server%d_poll", serverNum); if ( (nvi = nvram_get_int(&buffer[0])) > 0 ) |