From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Re: [PATCH] BUG: 11696 - VPN Subnets missing from wpad.dat Date: Tue, 24 Apr 2018 16:34:27 +0200 Message-ID: <0a6c9f5b-2ef9-d0cc-832d-501c4f676050@link38.eu> In-Reply-To: <1524571064.2246848.52.camel@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7119929829584881845==" List-Id: --===============7119929829584881845== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello, > Hello Oliver, >=20 > welcome to the list. >=20 > Unfortunately the patch has been fragmented by your email program. The lines > have been wrapped and the patch won't apply any more. Could you please chec= k the > settings of your email program and submit again? In case of Thunderbird, this might be helpful: https://wiki.ipfire.org/devel/= send-tb-patches Best regards, Peter M=C3=BCller >=20 > Best, > -Michael >=20 > On Fri, 2018-04-20 at 23:00 +0200, Oliver Fuhrer wrote: >> This Patch excludes enabled ipsec/ OpenVPN N2N Subnets from wpad.dat so th= ey >> don't go through the proxy. >> I could only test it with ipsec tunnels, however as the code for openvpn is >> pretty much the same, I included this one as well and some basic tests >> worked as expected. >> As I'm not very familiar with Perl, there probably is some room for >> improvement too. >> >> Regards >> Oliver >> >> >> diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi >> index c36fc4e..69bfdd4 100644 >> --- a/html/cgi-bin/proxy.cgi >> +++ b/html/cgi-bin/proxy.cgi >> @@ -3014,6 +3014,11 @@ sub write_acls >> >> sub writepacfile >> { >> + my %vpnconfig=3D(); >> + my %ovpnconfig=3D(); >> + &General::readhasharray("${General::swroot}/vpn/config", >> \%vpnconfig); >> + &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", >> \%ovpnconfig); >> + >> open(FILE, ">/srv/web/ipfire/html/proxy.pac"); >> flock(FILE, 2); >> print FILE "function FindProxyForURL(url, host)\n"; >> @@ -3039,6 +3044,26 @@ END >> print FILE " (isInNet(host, >> \"$netsettings{'ORANGE_NETADDRESS'}\", \"$netsettings{'ORANGE_NETMASK'}\")) >>>> \n"; >> >> } >> >> + foreach my $key (sort { uc($vpnconfig{$a}[1]) cmp >> uc($vpnconfig{$b}[1]) } keys %vpnconfig) { >> + if ($vpnconfig{$key}[0] eq 'on' && $vpnconfig{$key}[3] ne >> 'host') { >> + my @networks =3D split(/\|/, $vpnconfig{$key}[11]); >> + foreach my $network (@networks) { >> + my ($vpnip, $vpnsub) =3D split("/", $netwo= rk); >> + $vpnsub =3D >> &Network::convert_prefix2netmask($vpnsub) || $vpnsub; >> + print FILE " (isInNet(host, \"$vpnip\", >> \"$vpnsub\")) ||\n"; >> + } >> + } >> + } >> + >> + foreach my $key (sort { uc($ovpnconfig{$a}[1]) cmp >> uc($ovpnconfig{$b}[1]) } keys %ovpnconfig) { >> + if ($ovpnconfig{$key}[0] eq 'on' && $ovpnconfig{$key}[3] = ne >> 'host') { >> + my @networks =3D split(/\|/, $ovpnconfig{$key}[11= ]); >> + foreach my $network (@networks) { >> + my ($vpnip, $vpnsub) =3D split("/", >> $network); >> + print FILE " (isInNet(host, \"$vpnip\= ", >> \"$vpnsub\")) ||\n"; >> + } >> + } >> + } >> print FILE <> (isInNet(host, "169.254.0.0", "255.255.0.0")) >> ) >> -- >> --===============7119929829584881845==--