Add OPENVPNPORT option

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1840 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-12-19 19:30:21 +00:00 · 2004-12-19 19:30:21 +00:00 · 54190bd228
commit 54190bd228
parent 5598015afc
5 changed files with 35 additions and 4 deletions
--- a/LrpN/etc/shorewall/shorewall.conf
+++ b/LrpN/etc/shorewall/shorewall.conf
@ -1,5 +1,4 @@
-##############################################################################
-#  /etc/shorewall/shorewall.conf V2.1 - Change the following variables to
+/shorewall/shorewall.conf V2.1 - Change the following variables to
 #  match your setup
 #
 #  This program is under GPL [http://www.gnu.org/copyleft/gpl.htm]
@ -732,6 +731,17 @@ PKTTYPE=Yes
 # DROPINVALID=Yes is assumed.

 DROPINVALID=No
+
+#
+# OpenVPN Default Port
+#
+# Open VPN has recenly received a registered port (1194) from the IANA. This 
+# will be the default port in future versions of OpenVPN. In order to maintain  
+# compatibility with previous Shorewall versions, if OPENVPNPORT is not 
+# specified, then the default port will be 5000.
+
+OPENVPNPORT=1194
+
 ################################################################################
 #                       P A C K E T   D I S P O S I T I O N
 ################################################################################
--- a/Shorewall2/changelog.txt
+++ b/Shorewall2/changelog.txt
@ -186,3 +186,5 @@ Changes since 2.0.3

 91) Simplify the absurdly over-engineered code that restores the
    dynamic chain.
+
+92) Add OPENVPNPORT option.
--- a/Shorewall2/firewall
+++ b/Shorewall2/firewall
@ -1655,7 +1655,7 @@ setup_tunnels() # $1 = name of tunnels file
    setup_one_openvpn() # $1 = gateway, $2 = kind[:port]
    {
 	local protocol=udp
-	local p=5000
+	local p=${OPENVPNPORT:-5000}

 	case $2 in
 	    *:*:*)
@ -7122,6 +7122,7 @@ do_initialize() {
    LOGTAGONLY=
    LOGALLNEW=
    DROPINVALID=
+    OPENVPNPORT=

    RESTOREBASE=
    TMP_DIR=
--- a/Shorewall2/releasenotes.txt
+++ b/Shorewall2/releasenotes.txt
@ -1,4 +1,4 @@
-Shorewall 2.2.0-RC1
+Shorewall 2.2.0-RC2

 ----------------------------------------------------------------------
 Problems Corrected since 2.0.3
@ -853,3 +853,10 @@ New Features:
      gateway and each network listed in the NETWORKS setting at the
      front of the script, only one of these may be used at a time.

+39) The IANA has recently registered port 1194 for use by OpenVPN. In
+    previous versions of Shorewall (and OpenVPN), the default port was
+    5000. To deal with this change of default, the OPENVPNPORT option
+    has been added to shorewall.conf. If this option is not set then
+    the OpenVPN port will continue to default to 5000. Otherwise, it
+    will default to the value of this option (which is set to 1194 in
+    the released shorewall.conf file).
--- a/Shorewall2/shorewall.conf
+++ b/Shorewall2/shorewall.conf
@ -737,6 +737,17 @@ PKTTYPE=Yes
 # DROPINVALID=Yes is assumed.

 DROPINVALID=No
+
+#
+# OpenVPN Default Port
+#
+# Open VPN has recenly received a registered port (1194) from the IANA. This 
+# will be the default port in future versions of OpenVPN. In order to maintain  
+# compatibility with previous Shorewall versions, if OPENVPNPORT is not 
+# specified, then the default port will be 5000.
+
+OPENVPNPORT=1194
+
 ################################################################################
 #                       P A C K E T   D I S P O S I T I O N
 ################################################################################