| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
|
| |
|
|
| |
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
|
| |
|
|
|
|
|
| |
Currently when the connection times out, the interface will disconnect.
Add capability to add persistent option to re-establish connectivity.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
|
| |
|
|
|
|
| |
Allow authentication inputs by key/cert PEM.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
|
| |
|
|
| |
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
|
| |
|
|
| |
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
| |
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
|
|
|
|
|
|
| |
- remove patch that has been included upstream
- remove dependence on resolveip
- remove hotplug script that is handled by "proto_add_host_dependency"
- use openfortivpn default tunnel ip if none specified
- add status checking with uclient-fetch
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
|
|
|
|
|
| |
change 'server' to 'peeraddr'
change 'iface_name' to 'tunlink'
fix some indentation issues
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
|
|
|
|
|
|
| |
The openfortivpn routes are a bit different than the standard ppp
routes so we need to handle them with a custom ppp-up script.
Gateway should not be set, and src should be set to the PPP local ip
address.
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
|
|
|
|
|
| |
netifd is clever enough to handle the peerdns and default route
arguments, so we can just let them get passed along, and when
ppp-up invokes proto_send_update, netifd will only apply what
is needed
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
| |
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
| |
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
| |
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
|
|
| |
Use functions.sh to get configuration variables rather than calling uci
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
| |
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
|
|
|
|
| |
If two openfortivpn scripts are started at the same time, a race
condition can occur where the conditional evaluates to true, but the
symlink exists by the time the other script tries to create it
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
| |
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
|
|
|
|
| |
Block restart of the interface if the openfortivpn fails to authenticate.
Without this check, with a bad password, netifd will continually
hit the VPN endpoint with connection attempts
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
| |
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
| |
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
|
|
|
|
|
|
|
| |
allow use of curl rather than ping to test if a host
is up since a host may not respond to ping, but an
https request is part of the openfortivpn connection,
so this is a more reliable test
also clean up overly verbose logging
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
| |
Signed-off-by: Ryan Shi <qweaszxcdfsh@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ryan Shi <qweaszxcdfsh@gmail.com>
|
| |
|
|
| |
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By using the netifd for open fortivpn we are able to set up multiple
VPN connections and manage them through the netifd toolset.
This also adds support for binding an openfortivpn client to a given
interface, in which case when that interface comes online, the vpn
will be initiated via a hotplug script.
This is a breaking commit and configurations will need to be migrated
from openfortivpn.config into the /etc/config/networks.
Example configuration via /etc/config/network:
config interface 'ftvpn'
option proto 'openfortivpn'
option server 'example.com'
option username 'USERNAME'
option password 'PASSWORD'
# optional arguments follow
option local_ip '192.0.5.1'
option port '443'
option iface_name 'wan'
option trusted_cert 'CERT_HASH'
option set_dns '0'
option pppd_use_peerdns '0'
option metric '10'
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
| |
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
|
| |
|
|
| |
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
|
|
|
An open implementation of Fortinet's proprietary PPP+SSL VPN solution
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
|