From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Erik K." <ummeegge@ipfire.org>
To: documentation@lists.ipfire.org
Subject: Re: [Documentation] [SIG-VPN] OpenVPN Updates since IPFire 2.11
	urgently tests and fixes needed!
Date: Fri, 20 Jul 2012 21:15:19 +0200
Message-ID: <43EC9080-6792-4C6A-8723-905BC6C51C11@ipfire.org>
In-Reply-To: <1342793696.1828.167.camel@rice-oxley.tremer.info>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============3228285976365463643=="
List-Id: <documentation.lists.ipfire.org>

--===============3228285976365463643==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Ah O.K. i didn=C2=B4t know that. Mentioned by the way the index.cgi looks pre=
tty cool now, nice work Michael. What do you think about the label (host or n=
et) in the OpenVPN listing ?

Greetings=20

Erik

Am 20.07.2012 um 16:14 schrieb Michael Tremer:

> Erik, you will need a new suid helper binary for the connections.cgi
> script.
> That will be shipped with the update package.
>=20
> Michael
>=20
> On Fri, 2012-07-20 at 12:32 +0200, Erik K. wrote:
>> Hello again,
>> i have tried now the actual fixed index.cgi and the connections.cgi .=20
>>=20
>> The results:
>> The index.cgi shows now the connections of OpenVPN in a similar way then t=
he IPSec connections. Only difference, there is no label if it is a net or a =
host connection .
>>=20
>> The connections.cgi don=C2=B4t work in my environment. So i can see the "L=
egend:" and the "Protocol:" lines but there are no connection listed.
>>=20
>> Greetings=20
>>=20
>> Erik
>>=20
>> Am 20.07.2012 um 09:47 schrieb Erik K.:
>>=20
>>> Hi all,
>>> so i want to enhance some informations about the fixes and extensions.
>>>=20
>>> 1) The "push route options" for the Roadwarrior works quiet round. It is =
possible to delete all additional routes now.
>>> 2) The translation for the "push route options" are done except for polis=
h and spanish, but for both languages are english translations available. I h=
ave asked the forum to help there but sadly there was no resonance (for polis=
h and spanish) until now.=20
>>> 2) The alphabetical listing of the connection names in the OpenVPN WUI wo=
rks.
>>> 3) The "Valid til (days):" option by the creation of the Roadwarrior cert=
ificates are printed now to the certificates.
>>> 4) I have tested the client-config-dir option with "redirect-gateway", "i=
fconfig-push" and the iroute option for individual clients. Also i tested it =
without individual config for clients, and like expected OpenVPN uses then li=
ke before the "ifconfig-pool-persist /var/ipfire/ovpn/ovpn-leases.db" .
>>> 5) The colors for N2N and RW are now adjusted in index.cgi .
>>> 6) The changes from Michael with FRAGMENT and MSSFIX for the RW is now ad=
apted to the N2N and works good for me.
>>> 7) The problems with the N2N state --> https://bugzilla.ipfire.org/show_b=
ug.cgi?id=3D10137#c13 point 3, seems to be only on my system. Michael have ch=
ecked that also and there the state was dislpayed correct.=20
>>>=20
>>> I need to check the new fixes from Michael (design of the index.cgi and t=
he colors in connections.cgi) . So this should be done on this weekend.
>>>=20
>>> If the changes comes to the testing trunk i will announce them in the for=
um and also i=C2=B4ll prepare the changes for the appropriate sections to the=
 wiki.
>>>=20
>>> Erik
>>>=20
>>> P.S. My testing environment is still open, so let it me know if someone w=
ants to step in.
>>>=20
>>> Am 19.07.2012 um 15:04 schrieb Michael Tremer:
>>>=20
>>>> Hey Arne,
>>>>=20
>>>> I just checked in my changes. There are:
>>>>=20
>>>> * index.cgi: Made the connections look like IPsec connections for
>>>> convenience.
>>>>=20
>>>> * connections.cgi: Show connections through the OpenVPN N2N tunnel in
>>>> the right colour.
>>>>=20
>>>> There have also been minor fixes in ovpnmain.cgi which set appropriate
>>>> defaults for FRAGMENT and MSSFIX.
>>>>=20
>>>> That's all from me. So #10162 is fixed.
>>>>=20
>>>> Michael
>>>>=20
>>>> P.S. Sad, that nobody else answered.
>>>>=20
>>>> On Tue, 2012-07-10 at 14:15 +0000, Arne Fitzenreiter wrote:
>>>>> core61 is nearly finnished. It only hangs on the OpenVPN updates
>>>>> again!!!
>>>>>=20
>>>>> http://people.ipfire.org/~arne_f/testing/i586/master/
>>>>>=20
>>>>> Please test the prerelease and report the results and fixes. There is
>>>>> also a missing bash scriptlet for the updater that convert the n2n
>>>>> configuration files.=20
>>>>>=20
>>>>> Deadline is the 18.7.2012. If i does not have a working and tested
>>>>> version until that date i will revert the changes permanently.
>>>>> I'm not willing to cherry pick all other changes for core updates again
>>>>> and again.=20
>>>>>=20
>>>>> Arne
>>>>>=20
>>>>> _______________________________________________
>>>>> SIG-VPN mailing list
>>>>> SIG-VPN(a)lists.ipfire.org
>>>>> http://lists.ipfire.org/mailman/listinfo/sig-vpn
>>>>=20
>>>> _______________________________________________
>>>> SIG-VPN mailing list
>>>> SIG-VPN(a)lists.ipfire.org
>>>> http://lists.ipfire.org/mailman/listinfo/sig-vpn
>>>=20
>>> _______________________________________________
>>> SIG-VPN mailing list
>>> SIG-VPN(a)lists.ipfire.org
>>> http://lists.ipfire.org/mailman/listinfo/sig-vpn
>>=20
>> _______________________________________________
>> SIG-VPN mailing list
>> SIG-VPN(a)lists.ipfire.org
>> http://lists.ipfire.org/mailman/listinfo/sig-vpn
>=20
> _______________________________________________
> SIG-VPN mailing list
> SIG-VPN(a)lists.ipfire.org
> http://lists.ipfire.org/mailman/listinfo/sig-vpn


--===============3228285976365463643==--