Hi Michael > > Hi Oliver, > > > On 18 May 2019, at 00:50, Oliver Fuhrer wrote: > > > > Hi Michael > > > > Sorry for wasting your time with that patch. > > LOL No worries. The main thing is we are getting this right. > > The good news is that it applied. There were just genuine conflicts with the > other changes. > > > The patch was created against master branch which was up to date in my > repo. > > I have now created a new one based on the next branch. Looks like there > have been quite some changes to proxy.cgi. > > > > Let me know whether I should give this one a try. > > If you have applied your changes to the new version of the file and tested > them, you can send a third version of the file. Thanks, I just sent in another version of the patch which was created against next branch and tested it on a fresh build. Regards Oliver > > Best, > -Michael > > > > > Regards > > Oliver > > > > -----Original Message----- > > From: Michael Tremer > > Sent: Friday, May 17, 2019 23:33 > > To: Oliver Fuhrer > > Cc: development(a)lists.ipfire.org > > Subject: Re: [PATCH] BUG 11696: VPN Subnets missing from wpad.dat > > > > Hi Oliver, > > > > I am afraid I wasn’t able to apply this patch either: > > > > [root(a)ipfire ipfire-2.x]# pwclient git-am -s 2251 > > Applying patch #2251 using "git am -s" > > Description: BUG 11696: VPN Subnets missing from wpad.dat > > Applying: BUG 11696: VPN Subnets missing from wpad.dat > > error: patch failed: html/cgi-bin/proxy.cgi:2763 > > error: html/cgi-bin/proxy.cgi: patch does not apply > > Patch failed at 0001 BUG 11696: VPN Subnets missing from wpad.dat > > The copy of the patch that failed is found in: .git/rebase-apply/patch > > When you have resolved this problem, run "git am --continue". > > If you prefer to skip this patch, run "git am --skip" instead. > > To restore the original branch and stop patching, run "git am --abort". > > 'git am' failed with exit status 128 > > > > I tried to run a three-way merge, but there is literally a chunk of the file > that wasn’t there before it seems. > > > > Did you develop this on top of the next branch or did you add your changes > to an older version of the file? > > > > Best, > > -Michael > > > >> On 13 May 2019, at 19:33, Oliver Fuhrer > wrote: > >> > >> This patch fixes the behavior in 11696 and adds IPSEC and OpenVPN n2n > >> subnets to wpad.dat so they don't pass through the proxy. > >> --- > >> Hi All > >> Apologies for the line-wrapping mess with the previous attempt. > >> Looks like Outlook isn't up for the task. > >> This Message is now sent directly via git, which should hopefully fix the > issue. > >> > >> As I currently don't have any OpenVPN n2n connections, I could not > >> fully test this part, however some dry-runs looked rather promising > >> > >> > >> html/cgi-bin/proxy.cgi | 24 ++++++++++++++++++++++++ > >> 1 file changed, 24 insertions(+) > >> > >> diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi > >> index 6daa7fb..e7ee1f3 100644 > >> --- a/html/cgi-bin/proxy.cgi > >> +++ b/html/cgi-bin/proxy.cgi > >> @@ -2738,6 +2738,10 @@ sub write_acls > >> > >> sub writepacfile > >> { > >> + my %vpnconfig=(); > >> + my %ovpnconfig=(); > >> + &General::readhasharray("${General::swroot}/vpn/config", > \%vpnconfig); > >> + &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", > \%ovpnconfig); > >> open(FILE, ">/srv/web/ipfire/html/proxy.pac"); > >> flock(FILE, 2); > >> print FILE "function FindProxyForURL(url, host)\n"; > >> @@ -2763,6 +2767,26 @@ END > >> print FILE " (isInNet(host, > \"$netsettings{'ORANGE_NETADDRESS'}\", > \"$netsettings{'ORANGE_NETMASK'}\")) ||\n"; > >> } > >> > >> + foreach my $key (sort { uc($vpnconfig{$a}[1]) cmp > uc($vpnconfig{$b}[1]) } keys %vpnconfig) { > >> + if ($vpnconfig{$key}[0] eq 'on' && $vpnconfig{$key}[3] ne > 'host') { > >> + my @networks = split(/\|/, $vpnconfig{$key}[11]); > >> + foreach my $network (@networks) { > >> + my ($vpnip, $vpnsub) = split("/", $network); > >> + $vpnsub = > &Network::convert_prefix2netmask($vpnsub) || $vpnsub; > >> + print FILE " (isInNet(host, \"$vpnip\", > \"$vpnsub\")) ||\n"; > >> + } > >> + } > >> + } > >> + > >> + foreach my $key (sort { uc($ovpnconfig{$a}[1]) cmp > uc($ovpnconfig{$b}[1]) } keys %ovpnconfig) { > >> + if ($ovpnconfig{$key}[0] eq 'on' && $ovpnconfig{$key}[3] ne > 'host') { > >> + my @networks = split(/\|/, $ovpnconfig{$key}[11]); > >> + foreach my $network (@networks) { > >> + my ($vpnip, $vpnsub) = split("/", $network); > >> + print FILE " (isInNet(host, \"$vpnip\", > \"$vpnsub\")) ||\n"; > >> + } > >> + } > >> + } > >> print FILE < >> (isInNet(host, "169.254.0.0", "255.255.0.0")) > >> ) > >> -- > >> 1.8.3.1 > >> > > > >