diff --git a/client-netconfig.down b/client-netconfig.down new file mode 100644 index 0000000..29ab6e2 --- /dev/null +++ b/client-netconfig.down @@ -0,0 +1,37 @@ +#!/bin/bash + +# Copyright (c) 2010 Andreas Schneider +# Marius Tomaschewski +# Licensed under the GPL version 2 + +# PURPOSE: This script automatically removes the /etc/resolv.conf +# and another settings applied before via netconfig. + +# INSTALL NOTES: +# Place this file in /etc/openvpn/client.down +# Then, add the following to your /etc/openvpn/.conf: +# client +# pull dhcp-options +# up /etc/openvpn/client.up +# down /etc/openvpn/client.down +# Finally, "chmod +x /etc/openvpn/client.{up,down}" + +# disable pathname expansion +shopt -o -s noglob + +# --up/--down patametes are: +# +# tun_dev tun_mtu link_mtu ifconfig_local_ip +# ifconfig_remote_ip [ init | restart ] +# +# tap_dev tap_mtu link_mtu ifconfig_local_ip +# ifconfig_netmask [ init | restart ] +dev=$1 + +# skip, when there is no interface parameter or netconfig +if test -a /sbin/netconfig -a "x${dev}" != x ; then + /sbin/netconfig remove -s openvpn -i "${dev}" +fi + +# all done... +exit 0 diff --git a/client-netconfig.up b/client-netconfig.up new file mode 100644 index 0000000..7857ad3 --- /dev/null +++ b/client-netconfig.up @@ -0,0 +1,77 @@ +#!/bin/bash + +# Copyright (c) 2010 Andreas Schneider +# Marius Tomaschewski +# Licensed under the GPL version 2 + +# PURPOSE: This script sets the proper /etc/resolv.conf and another +# settings as pulled down from an OpenVPN server using a +# netconfig modify call. + +# INSTALL NOTES: +# Place this file in /etc/openvpn/client.up +# Then, add the following to your /etc/openvpn/.conf: +# client +# pull dhcp-options +# up /etc/openvpn/client.up +# down /etc/openvpn/client.down +# Finally, "chmod +x /etc/openvpn/client.{up,down}" + +# disable pathname expansion +shopt -o -s noglob + +# --up/--down patametes are: +# +# tun_dev tun_mtu link_mtu ifconfig_local_ip +# ifconfig_remote_ip [ init | restart ] +# +# tap_dev tap_mtu link_mtu ifconfig_local_ip +# ifconfig_netmask [ init | restart ] +dev=$1 + +# skip, when there is no interface parameter or netconfig +if test -x /sbin/netconfig -a "x${dev}" != x ; then + + # init variables + dns_domain=() + dns_server=() + ntp_server=() + wins_server=() + nbdd_server=() + nb_typeid="" + nb_scopeid="" + nb_disable="" + + # collect settings data + for fopt in ${!foreign_option_*} ; do + test "x${!fopt}" != x || continue + data=(${!fopt}) + test "x${data[0]}" = "xdhcp-option" && \ + case "${data[1]}" in + DOMAIN) dns_domain+=("${data[2]}") ;; + DNS) dns_server+=("${data[2]}") ;; + NTP) ntp_server+=("${data[2]}") ;; + WINS) wins_server+=("${data[2]}") ;; + NBDD) nbdd_server+=("${data[2]}") ;; + NBT) nb_typeid="${data[2]}" ;; + NBS) nb_scopeid="${data[2]}" ;; + DISABLE-NBT) nb_disable="yes" ;; + esac + done + + # call netconfig modify + { + echo "DNSSEARCH='${dns_domain[*]}'" + echo "DNSSERVERS='${dns_server[*]}'" + echo "NTPSERVERS='${ntp_server[*]}'" + # currently unused / no netconfig module for: + echo "NETBIOSNAMESERVER='${wins_server[*]}'" + echo "NETBIOSDDSERVER='${nbdd_server[*]}'" + echo "NETBIOSNODETYPE='$nb_typeid'" + echo "NETBIOSSCOPE='$nb_scopeid'" + # nb_disable ? + } | /sbin/netconfig modify -s openvpn -i "$dev" +fi + +# all done... +exit 0 diff --git a/openvpn.changes b/openvpn.changes index 2f4b7b8..393db69 100644 --- a/openvpn.changes +++ b/openvpn.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Tue Jun 15 09:31:56 UTC 2010 - mt@suse.de + +- Improved netconfig based client up and down sample scripts. + +------------------------------------------------------------------- +Fri Jun 11 17:07:11 CEST 2010 - anschneider@exsuse.de + +- Added netconfig based client up and down scripts to samples. + ------------------------------------------------------------------- Thu Mar 11 08:51:39 UTC 2010 - mt@suse.de diff --git a/openvpn.spec b/openvpn.spec index 0edc39f..aed5b85 100644 --- a/openvpn.spec +++ b/openvpn.spec @@ -21,19 +21,21 @@ Name: openvpn Url: http://openvpn.net/ -License: GPLv2 +License: GPLv2+ ; LGPLv2.1+ Group: Productivity/Networking/Security AutoReqProv: on %if 0%{?suse_version} PreReq: %insserv_prereq %fillup_prereq %endif Version: 2.1.1 -Release: 1 +Release: 2 Summary: Full-featured SSL VPN solution using a TUN/TAP Interface Source: http://openvpn.net/release/openvpn-%{upstream_version}.tar.gz Source1: http://openvpn.net/signatures/openvpn-%{upstream_version}.tar.gz.asc Source2: openvpn.init Source3: openvpn.README.SUSE +Source4: client-netconfig.up +Source5: client-netconfig.down Patch1: %{name}-2.1-plugin-man.dif Patch2: %{name}-2.1-plugin-build.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -163,6 +165,8 @@ mkdir -p $RPM_BUILD_ROOT/%{_datadir}/openvpn install -D -m 755 $RPM_SOURCE_DIR/openvpn.init $RPM_BUILD_ROOT/%{_sysconfdir}/init.d/openvpn ln -sv %{_sysconfdir}/init.d/openvpn $RPM_BUILD_ROOT/%{_sbindir}/rcopenvpn cp -p $RPM_SOURCE_DIR/openvpn.README.SUSE README.SUSE +install -m 755 $RPM_SOURCE_DIR/client-netconfig.up sample-scripts/client-netconfig.up +install -m 755 $RPM_SOURCE_DIR/client-netconfig.down sample-scripts/client-netconfig.down find sample-* suse contrib -type f -exec chmod -x \{\} \; chmod -x easy-rsa/2.0/{vars,openssl*.cnf} chmod +x easy-rsa/1.0/{revoke-crt,make-crl,list-crl}