[git.ipfire.org] IPFire 2.x development tree branch, master, updated. d4eb2e77a9647c6b85a73f3d5695d72c1665f03a

public inbox for ipfire-scm@lists.ipfire.org
 help / color / mirror / Atom feed

* [git.ipfire.org] IPFire 2.x development tree branch, master, updated. d4eb2e77a9647c6b85a73f3d5695d72c1665f03a
@ 2025-08-29 21:29 Michael Tremer
  0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2025-08-29 21:29 UTC (permalink / raw)
  To: ipfire-scm

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, master has been updated
       via  d4eb2e77a9647c6b85a73f3d5695d72c1665f03a (commit)
      from  351113e21eecd730b33a2d73c1bb74eff9fcb845 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit d4eb2e77a9647c6b85a73f3d5695d72c1665f03a
Author: Michael Tremer <michael.tremer@ipfire.org>
Date:   Fri Aug 29 21:54:17 2025 +0100

    ovpnmain.cgi: Explicitely pass the gateway for static routes
    
    OpenVPN seems to fail to use the correct gateway if the client does not
    use the default pool. In that case, we need to explicitely push the
    correct gateway.
    
    Fixes: #13872 - Warning: route gateway is not reachable on any active network adapters
    Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 html/cgi-bin/ovpnmain.cgi | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

Difference in files:
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 0b2513174..ccf46fb02 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -605,6 +605,7 @@ sub write_ccd_configs() {
 	foreach my $key (keys %conns) {
 		my $name = $conns{$key}[1];
 		my $type = $conns{$key}[3];
+		my $gateway = "";
 
 		# Skip anything that isn't a host connection
 		next unless ($type eq "host");
@@ -631,8 +632,13 @@ sub write_ccd_configs() {
 
 			# Fetch the network of the pool
 			my $network = &get_cdd_network($pool);
+			my $netaddr = &Network::get_netaddress($network);
 			my $netmask = &Network::get_netmask($network);
 
+			# The gateway is always the first address in the network
+			# (this is needed to push any routes below)
+			$gateway = &Network::find_next_ip_address($netaddr, 1);
+
 			if (defined $address && defined $network && defined $netmask) {
 				print CONF "# Allocated IP address from $pool\n";
 				print CONF "ifconfig-push ${address} ${netmask}\n\n";
@@ -708,7 +714,7 @@ sub write_ccd_configs() {
 					next;
 				}
 
-				print CONF "push \"route $netaddress $netmask\"\n";
+				print CONF "push \"route $netaddress $netmask $gateway\"\n";
 			}
 
 			# Newline


hooks/post-receive
--
IPFire 2.x development tree


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2025-08-29 21:29 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-08-29 21:29 [git.ipfire.org] IPFire 2.x development tree branch, master, updated. d4eb2e77a9647c6b85a73f3d5695d72c1665f03a Michael Tremer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox