• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Filter OpenVPN interface

Scheduled Pinned Locked Moved OpenVPN
5 Posts 2 Posters 2.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    johbra
    last edited by Mar 12, 2009, 5:01 AM

    To create a OpenVPN filter in the GUI and be able to crete rules for that interface i have edited the get_interface_list function in /etc/inc/util.inc. When i do this i can create a OpenVPN interface and create rules for that interface. The problem is that the rules i create don't apply.
      Below is a description of what i've added to the bottom of the get_interface_list function.

    Is it possible to enable filtering this way?

    $toput = array( "mac" => "00:e0:18:9a:c9:10", "up" => TRUE );
    $toput['ipaddr'] = "192.168.113.1";
    $toput['friendly'] = "opt3(ovpn1)";
    $iflist['tun0'] = $toput;

    1 Reply Last reply Reply Quote 0
    • C
      Cry Havok
      last edited by Mar 12, 2009, 12:04 PM

      As has been mentioned many times, that isn't supported under 1.2.  I'm not sure it will be supported under 2.0, but if you search you'll find out.

      1 Reply Last reply Reply Quote 0
      • J
        johbra
        last edited by Mar 13, 2009, 3:17 PM

        Maybe i was a bit unclear. I'm editing the actual php code generating the gui to enable filtering. My question is: Is the solution i have presented possible?

        1 Reply Last reply Reply Quote 0
        • C
          Cry Havok
          last edited by Mar 13, 2009, 10:01 PM

          Probably not, because there will be more than just the GUI involved.  If it was just a case of a GUI hack then it would probably have been in 1.2.x already.

          1 Reply Last reply Reply Quote 0
          • J
            johbra
            last edited by Mar 25, 2009, 9:51 PM Mar 25, 2009, 9:26 PM

            so…yesterday i uppgraded my firewall to 1.2.3 and now the tun interfaces (OpenVPN interfaces) show up in the GUI. I've adde them as optional interfaces. The thing is when i create rules for these interfaces nothing happens so i guess this is not supported? But...when i look in the firewal logs, i can se the occational packet beeing blocked on the tun0 or tun1 interface?

            Is there anyone who can bring some light as to why the tun interfaces show up in 1.2.3 and if they can be filtered?

            I just ran the command "pfctl -sr" on my pfsense box and it seems that the rules i've created for the tun interfaces are there. I'm no master of pf so i will have to spend some time decoding this printout.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received