Project

General

Profile

Feature #10469

Same RADIUS Cisco-AVPair parser code for both OpenVPN/IPsec

Added by Viktor Gurov 3 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
IPsec
Target version:
-
Start date:
04/17/2020
Due date:
% Done:

0%

Estimated time:

Description

Currently OpenVPN and IPsec uses two different but mostly identical files to parse RADIUS user attributes
openvpn.attributes.php and ipsec.attributes.php

cisco_to_cidr() and cisco_extract_index() are identical

OpenVPN parser is more improved:
openvpn.attributes.php has two functions for parsing rules - parse_cisco_acl() and parse_cisco_acl_rule(),
which supports IP/ICMP protocol options, port operators (https://redmine.pfsense.org/issues/9206)
and IPv6 ACL soon (https://redmine.pfsense.org/issues/10454)

It would be better to move these functions to vpn.inc to have one attributes parser code for both OpenVPN/IPsec

Also available in: Atom PDF