]> git.ipfire.org Git - ipfire-2.x.git/commitdiff
projects / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 351113e)
ovpnmain.cgi: Explicitely pass the gateway for static routes
authorMichael Tremer <michael.tremer@ipfire.org>
Fri, 29 Aug 2025 20:54:17 +0000 (21:54 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Fri, 29 Aug 2025 20:57:32 +0000 (21:57 +0100)
OpenVPN seems to fail to use the correct gateway if the client does not
use the default pool. In that case, we need to explicitely push the
correct gateway.

Fixes: #13872 - Warning: route gateway is not reachable on any active network adapters
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
html/cgi-bin/ovpnmain.cgi patch | blob | blame | history

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 0b2513174d9ea45c40aed3d2ef746916f6c1151b..ccf46fb02f62fad630fe65094bed254c3c8735d2 100644 (file)
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -605,6 +605,7 @@ sub write_ccd_configs() {
        foreach my $key (keys %conns) {
                my $name = $conns{$key}[1];
                my $type = $conns{$key}[3];
+               my $gateway = "";
 
                # Skip anything that isn't a host connection
                next unless ($type eq "host");
@@ -631,8 +632,13 @@ sub write_ccd_configs() {
 
                        # Fetch the network of the pool
                        my $network = &get_cdd_network($pool);
+                       my $netaddr = &Network::get_netaddress($network);
                        my $netmask = &Network::get_netmask($network);
 
+                       # The gateway is always the first address in the network
+                       # (this is needed to push any routes below)
+                       $gateway = &Network::find_next_ip_address($netaddr, 1);
+
                        if (defined $address && defined $network && defined $netmask) {
                                print CONF "# Allocated IP address from $pool\n";
                                print CONF "ifconfig-push ${address} ${netmask}\n\n";
@@ -708,7 +714,7 @@ sub write_ccd_configs() {
                                        next;
                                }
 
-                               print CONF "push \"route $netaddress $netmask\"\n";
+                               print CONF "push \"route $netaddress $netmask $gateway\"\n";
                        }
 
                        # Newline
IPFire 2.x development tree