Project

General

Profile

Actions

Feature #10469

closed

Same RADIUS Cisco-AVPair parser code for both OpenVPN/IPsec

Added by Viktor Gurov almost 4 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Viktor Gurov
Category:
IPsec
Target version:
Start date:
04/17/2020
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:

Description

Currently OpenVPN and IPsec uses two different but mostly identical files to parse RADIUS user attributes
openvpn.attributes.php and ipsec.attributes.php

cisco_to_cidr() and cisco_extract_index() are identical

OpenVPN parser is more improved:
openvpn.attributes.php has two functions for parsing rules - parse_cisco_acl() and parse_cisco_acl_rule(),
which supports IP/ICMP protocol options, port operators (https://redmine.pfsense.org/issues/9206)
and IPv6 ACL soon (https://redmine.pfsense.org/issues/10454)

It would be better to move these functions to vpn.inc to have one attributes parser code for both OpenVPN/IPsec

Actions

Also available in: Atom PDF