Project

General

Profile

Actions

Bug #3968

closed

Incorrect gateway is assumed when using tun + topology subnet

Added by Dmitriy K over 7 years ago. Updated over 7 years ago.

Status:
Resolved
Priority:
Normal
Category:
OpenVPN
Target version:
Start date:
10/30/2014
Due date:
10/30/2014
% Done:

100%

Estimated time:
0.10 h
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
All

Description

The script /usr/local/sbin/ovpn-linkup has en error where network mask is returned as a gateway when no gateway provided by the server:

if [ "${dev_type}" = "tun" ]; then
    if [ "" != "$route_vpn_gateway" ]; then
        /bin/echo $route_vpn_gateway > /tmp/$1_router
    else
        /bin/echo $5 > /tmp/$1_router
    fi
fi

See "ovpn log.txt" attachment. 5th argument passed to the script is a network mask. The script should use interface IP (the 4th argument) as it's gateway ... like in GRE tunnel configuration.


Files

ifconfig_ovpnc1.txt (375 Bytes) ifconfig_ovpnc1.txt Dmitriy K, 10/30/2014 07:23 AM
ovpn log.txt (634 Bytes) ovpn log.txt Dmitriy K, 10/30/2014 07:27 AM
Untitled.png (62 KB) Untitled.png Dmitriy K, 10/30/2014 01:10 PM
invalid_gw_4_tun_srv.png (40.8 KB) invalid_gw_4_tun_srv.png Invalid IP for TUN server Dmitriy K, 11/25/2014 04:13 AM
Actions #1

Updated by Dmitriy K over 7 years ago

Actions #2

Updated by Chris Buechler over 7 years ago

  • Status changed from New to Rejected

scratch that, can happen with topology subnet

Actions #3

Updated by Dmitriy K over 7 years ago

I know that pfsense team wants to release 2.2 asap but its quality will suffer if fast decisions were taken place.

This bug is real and nothing will change the reality. The script works incorrectly for tun.

See attachment. Top part made with $5; Bottom with $4; ... conclusion is obvious ... network mask, heh ...

Actions #4

Updated by Chris Buechler over 7 years ago

this is valid with topology subnet in newer versions

Actions #5

Updated by Chris Buechler over 7 years ago

  • Status changed from Rejected to New
  • Assignee deleted (Dmitriy K)
Actions #6

Updated by Dmitriy K over 7 years ago

Well, I won't argue. If you see no bug then there is no bug.

Actions #7

Updated by Chris Buechler over 7 years ago

  • Subject changed from Incorrect gateway is assumed when ovpn server provides no gateway to Incorrect gateway is assumed when using tun + topology subnet
  • Status changed from New to Confirmed

I re-opened it after confirming that atypical circumstance. Your pull request is wrong though, it fixes a rare edge case, while breaking all the common circumstances.

Actions #8

Updated by Renato Botelho over 7 years ago

  • Status changed from Confirmed to Assigned
  • Assignee set to Renato Botelho
Actions #9

Updated by Renato Botelho over 7 years ago

  • Status changed from Assigned to Feedback
  • % Done changed from 0 to 100
Actions #10

Updated by Dmitriy K over 7 years ago

Everything is ok except for tun server. Incorrect IP is assumed: 5.45.32.2 is not exists and never existed.

--

1. Why would server-side need a gateway at all? I don't understand such configuration.

2. Why I have lots of dynamic gateways for interfaces without an IP address assigned? It's impossible to edit such entry or add a static route on such gw entry. I can't apprehend such "feature" either.

Actions #11

Updated by Jim Thompson over 7 years ago

Just kicking this so maybe we can get it resolved.

Actions #12

Updated by Chris Buechler over 7 years ago

  • Status changed from Feedback to Resolved

all the circumstances that work in 2.1.x confirmed good

Actions

Also available in: Atom PDF