holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add L2TP Tunnel support

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8273 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-03-08 20:49:41 +00:00
parent 1e7c0d0947
commit fcea8abc60
3 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall-common/changelog.txt
View File

@ -4,6 +4,8 @@ Changes in 4.1.6
2) Add REDIRECTED INTERFACES column to tcdevices. 2) Add REDIRECTED INTERFACES column to tcdevices.
3) Add L2TP tunnel support.
Changes in 4.1.5 Changes in 4.1.5
1) More ruleset optimization. 1) More ruleset optimization.

6
Shorewall-common/releasenotes.txt
View File

@ -91,6 +91,12 @@ New Features in 4.1.6.
This support should be considered EXPERIMENTAL. This support should be considered EXPERIMENTAL.
3) Shorewall-perl now supports an 'l2tp' tunnel type. It opens UDP
port 1701 in both directions and assumes that the source port will
also be 1701. Some implementations (particularly OS X) use a
different source port. In that case, you should use
'generic:udp:1701' rather than 'l2tp'.
New Features in Shorewall 4.1. New Features in Shorewall 4.1.
1) Shorewall 4.1 contains support for multiple Internet providers 1) Shorewall 4.1 contains support for multiple Internet providers

10
Shorewall-perl/Shorewall/Tunnels.pm
View File

@ -206,6 +206,15 @@ sub setup_tunnels() {
add_rule $outchainref, "-p $protocol $dest --sport $port -j ACCEPT"; add_rule $outchainref, "-p $protocol $dest --sport $port -j ACCEPT";
} }
sub setup_one_l2tp {
my ($inchainref, $outchainref, $kind, $source, $dest) = @_;
fatal_error "Unknown option ($1)" if $kind =~ /^.*?:(.*)$/;
add_rule $inchainref, "-p udp $source --sport 1701 --dport 1701 -j ACCEPT";
add_rule $outchainref, "-p udp $dest --sport 1701 --dport 1701 -j ACCEPT";
}
sub setup_one_generic { sub setup_one_generic {
my ($inchainref, $outchainref, $kind, $source, $dest) = @_; my ($inchainref, $outchainref, $kind, $source, $dest) = @_;
@ -249,6 +258,7 @@ sub setup_tunnels() {
'openvpn' => { function => \&setup_one_openvpn, params => [ $kind, $source, $dest ] } , 'openvpn' => { function => \&setup_one_openvpn, params => [ $kind, $source, $dest ] } ,
'openvpnclient' => { function => \&setup_one_openvpn_client, params => [ $kind, $source, $dest ] } , 'openvpnclient' => { function => \&setup_one_openvpn_client, params => [ $kind, $source, $dest ] } ,
'openvpnserver' => { function => \&setup_one_openvpn_server, params => [ $kind, $source, $dest ] } , 'openvpnserver' => { function => \&setup_one_openvpn_server, params => [ $kind, $source, $dest ] } ,
'l2tp' => { function => \&setup_one_l2tp , params => [ $kind, $source, $dest ] } ,
'generic' => { function => \&setup_one_generic , params => [ $kind, $source, $dest ] } , 'generic' => { function => \&setup_one_generic , params => [ $kind, $source, $dest ] } ,
); );