Patch for OpenVPN Status package (pfSense 1.2.3) - custom management IP and port



  • I have 2 instances of OpenVPN running.  One is UDP 1194, and the other is TCP 1194.  That would make it impossible to use the status page as written since they would both have to be on 127.0.0.1, port 1194.

    I added a little code to find the "management <ip address=""><port>;" in the custom options and just connect based on that.  The diff and new status pages are attached.

    You can now use any IP and port for the OpenVPN management interface.
    status_openvpn.php.diff.txt
    status_openvpn.php.txt</port></ip>


  • Rebel Alliance Developer Netgate

    Thanks!

    I kept meaning to do this but haven't had time. I'll give it a spin and commit it when I get a few minutes.



  • If I have only one connection, then the command 'status 2' from the console returns:

    OpenVPN STATISTICS
    Updated,Sat Sep 25 23:19:49 2010
    TUN/TAP read bytes,480768
    TUN/TAP write bytes,472879
    TCP/UDP read bytes,619536
    TCP/UDP write bytes,630532
    Auth read bytes,473090
    pre-compress bytes,171360
    post-compress bytes,168716
    pre-decompress bytes,66444
    post-decompress bytes,71231
    END
    

    As you can see there is no "CLIENT_LIST" text, and as a result, the table in the web interface there is no row.


  • Rebel Alliance Developer Netgate

    Need a lot more info than just that to go on (at least whether you're talking about as a PKI server, PKI client, or shared key client), but really the test would be whether or not that works properly on 2.0. It might work there since it's a newer version of OpenVPN. I know I've seen data in that screen with only one client connected before.



  • @jimp:

    Need a lot more info than just that to go on (at least whether you're talking about as a PKI server, PKI client, or shared key client), but really the test would be whether or not that works properly on 2.0. It might work there since it's a newer version of OpenVPN. I know I've seen data in that screen with only one client connected before.

    my system:
    pfSense 1.2.3-RELEASE
    OpenVPN 2.0.6 i386-portbld-freebsd7.2

    some part of my OpenVPN configuration:
    Mode -> Server
    TCP, custom port
    Authentication method -> Shared key (not PKI)
    Custom options -> dev tap

    Server has one incoming permanent connection.

    I check client OpenVPN 2.1.1 in other side: result of 'status 2' command is the same as in my previous post


  • Rebel Alliance Developer Netgate

    The management interface status has never worked (And still doesn't) with shared key servers. Shared key clients are different as well.

    The status screen is mainly meant for PKI users.


Log in to reply