Bug #3968
closed
Incorrect gateway is assumed when using tun + topology subnet
100%
Description
The script /usr/local/sbin/ovpn-linkup has en error where network mask is returned as a gateway when no gateway provided by the server:
if [ "${dev_type}" = "tun" ]; then
if [ "" != "$route_vpn_gateway" ]; then
/bin/echo $route_vpn_gateway > /tmp/$1_router
else
/bin/echo $5 > /tmp/$1_router
fi
fi
See "ovpn log.txt" attachment. 5th argument passed to the script is a network mask. The script should use interface IP (the 4th argument) as it's gateway ... like in GRE tunnel configuration.
Files
| ifconfig_ovpnc1.txt (375 Bytes) ifconfig_ovpnc1.txt | |||
| ovpn log.txt (634 Bytes) ovpn log.txt | |||
| Untitled.png (62 KB) Untitled.png | |||
| invalid_gw_4_tun_srv.png (40.8 KB) invalid_gw_4_tun_srv.png | Invalid IP for TUN server |
Updated by Chris Buechler about 10 years ago
- Status changed from New to Rejected
scratch that, can happen with topology subnet
Updated by Dmitriy K about 10 years ago
- File Untitled.png Untitled.png added
I know that pfsense team wants to release 2.2 asap but its quality will suffer if fast decisions were taken place.
This bug is real and nothing will change the reality. The script works incorrectly for tun.
See attachment. Top part made with $5; Bottom with $4; ... conclusion is obvious ... network mask, heh ...
Updated by Chris Buechler about 10 years ago
this is valid with topology subnet in newer versions
Updated by Chris Buechler about 10 years ago
- Status changed from Rejected to New
- Assignee deleted (
Dmitriy K)
Updated by Dmitriy K about 10 years ago
Well, I won't argue. If you see no bug then there is no bug.
Updated by Chris Buechler about 10 years ago
- Subject changed from Incorrect gateway is assumed when ovpn server provides no gateway to Incorrect gateway is assumed when using tun + topology subnet
- Status changed from New to Confirmed
I re-opened it after confirming that atypical circumstance. Your pull request is wrong though, it fixes a rare edge case, while breaking all the common circumstances.
Updated by Renato Botelho about 10 years ago
- Status changed from Confirmed to Assigned
- Assignee set to Renato Botelho
Updated by Renato Botelho about 10 years ago
- Status changed from Assigned to Feedback
- % Done changed from 0 to 100
Applied in changeset 15fbb5ecf35ac794b4bf357c1cd821a1413cdaa9.
Updated by Dmitriy K almost 10 years ago
- File invalid_gw_4_tun_srv.png invalid_gw_4_tun_srv.png added
Everything is ok except for tun server. Incorrect IP is assumed: 5.45.32.2 is not exists and never existed.
--
1. Why would server-side need a gateway at all? I don't understand such configuration.
2. Why I have lots of dynamic gateways for interfaces without an IP address assigned? It's impossible to edit such entry or add a static route on such gw entry. I can't apprehend such "feature" either.
Updated by Jim Thompson almost 10 years ago
Just kicking this so maybe we can get it resolved.
Updated by Chris Buechler almost 10 years ago
- Status changed from Feedback to Resolved
all the circumstances that work in 2.1.x confirmed good