Hi Michael, You're welcome. I have been poking around in vpnmain.cgi and ovpnmain.cgi to automatically update the wpad.dat file upon tunnel add/delete/enable/disable. Should I send this one as feature?
Regards Oliver
Hi,
Thank you for rebasing this patch. It applies and is merged!
-Michael
On 19 May 2019, at 14:30, Oliver Fuhrer oliver.fuhrer@bluewin.ch wrote:
This patch fixes the behavior in 11696 and adds IPSEC and OpenVPN n2n
subnets to wpad.dat so they don't pass through the proxy.
Hi List, New version of the patch, this one has been created against next branch
and successfully tested on a fresh build.
Regards Oliver
html/cgi-bin/proxy.cgi | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+)
diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index 91e4fce..b639640 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -2848,6 +2848,10 @@ sub write_acls
sub writepacfile {
- my %vpnconfig=();
- my %ovpnconfig=();
- &General::readhasharray("${General::swroot}/vpn/config",
%vpnconfig);
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig",
%ovpnconfig);
open(FILE, ">/srv/web/ipfire/html/proxy.pac"); flock(FILE, 2); print FILE "function FindProxyForURL(url, host)\n"; @@ -2910,6 +2914,27 @@ END } }
- foreach my $key (sort { uc($vpnconfig{$a}[1]) cmp
uc($vpnconfig{$b}[1]) } keys %vpnconfig) {
if ($vpnconfig{$key}[0] eq 'on' && $vpnconfig{$key}[3] ne'host') {
my @networks = split(/\|/, $vpnconfig{$key}[11]);foreach my $network (@networks) {my ($vpnip, $vpnsub) = split("/", $network);$vpnsub =&Network::convert_prefix2netmask($vpnsub) || $vpnsub;
print FILE " (isInNet(host, \"$vpnip\","$vpnsub")) ||\n";
}}- }
- foreach my $key (sort { uc($ovpnconfig{$a}[1]) cmp
uc($ovpnconfig{$b}[1]) } keys %ovpnconfig) {
if ($ovpnconfig{$key}[0] eq 'on' && $ovpnconfig{$key}[3] ne'host') {
my @networks = split(/\|/, $ovpnconfig{$key}[11]);foreach my $network (@networks) {my ($vpnip, $vpnsub) = split("/", $network);print FILE " (isInNet(host, \"$vpnip\","$vpnsub")) ||\n";
}}- }
- print FILE <<END (isInNet(host, "169.254.0.0", "255.255.0.0")) )
-- 1.8.3.1