From mboxrd@z Thu Jan 1 00:00:00 1970 From: Oliver Fuhrer To: development@lists.ipfire.org Subject: RE: [PATCH v2] BUG 11696: VPN Subnets missing from wpad.dat Date: Mon, 20 May 2019 17:31:02 +0200 Message-ID: <000801d50f21$09225500$1b66ff00$@bluewin.ch> In-Reply-To: <27AEAAD6-4514-4857-AFC1-EF174793ABFC@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============8661540561530995681==" List-Id: --===============8661540561530995681== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi Michael, You're welcome. I have been poking around in vpnmain.cgi and ovpnmain.cgi to automatically up= date the wpad.dat file upon tunnel add/delete/enable/disable. Should I send this one as feature? Regards Oliver >=20 > Hi, >=20 > Thank you for rebasing this patch. It applies and is merged! >=20 > -Michael >=20 > > On 19 May 2019, at 14:30, Oliver Fuhrer wrot= e: > > > > This patch fixes the behavior in 11696 and adds IPSEC and OpenVPN n2n > subnets to wpad.dat so they don't pass through the proxy. > > --- > > Hi List, > > New version of the patch, this one has been created against next branch > and successfully tested on a fresh build. > > > > Regards > > Oliver > > > > html/cgi-bin/proxy.cgi | 25 +++++++++++++++++++++++++ > > 1 file changed, 25 insertions(+) > > > > diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi > > index 91e4fce..b639640 100644 > > --- a/html/cgi-bin/proxy.cgi > > +++ b/html/cgi-bin/proxy.cgi > > @@ -2848,6 +2848,10 @@ sub write_acls > > > > sub writepacfile > > { > > + my %vpnconfig=3D(); > > + my %ovpnconfig=3D(); > > + &General::readhasharray("${General::swroot}/vpn/config", > \%vpnconfig); > > + &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", > \%ovpnconfig); > > open(FILE, ">/srv/web/ipfire/html/proxy.pac"); > > flock(FILE, 2); > > print FILE "function FindProxyForURL(url, host)\n"; > > @@ -2910,6 +2914,27 @@ END > > } > > } > > > > + foreach my $key (sort { uc($vpnconfig{$a}[1]) cmp > uc($vpnconfig{$b}[1]) } keys %vpnconfig) { > > + if ($vpnconfig{$key}[0] eq 'on' && $vpnconfig{$key}[3] ne > 'host') { > > + my @networks =3D split(/\|/, $vpnconfig{$key}[11]); > > + foreach my $network (@networks) { > > + my ($vpnip, $vpnsub) =3D split("/", $network); > > + $vpnsub =3D > &Network::convert_prefix2netmask($vpnsub) || $vpnsub; > > + print FILE " (isInNet(host, \"$vpnip\", > \"$vpnsub\")) ||\n"; > > + } > > + } > > + } > > + > > + foreach my $key (sort { uc($ovpnconfig{$a}[1]) cmp > uc($ovpnconfig{$b}[1]) } keys %ovpnconfig) { > > + if ($ovpnconfig{$key}[0] eq 'on' && $ovpnconfig{$key}[3] ne > 'host') { > > + my @networks =3D split(/\|/, $ovpnconfig{$key}[11]); > > + foreach my $network (@networks) { > > + my ($vpnip, $vpnsub) =3D split("/", $network); > > + print FILE " (isInNet(host, \"$vpnip\", > \"$vpnsub\")) ||\n"; > > + } > > + } > > + } > > + > > print FILE < > (isInNet(host, "169.254.0.0", "255.255.0.0")) > > ) > > -- > > 1.8.3.1 > > --===============8661540561530995681==--