diff --git a/net/tinc/src/opnsense/mvc/app/controllers/OPNsense/Tinc/forms/dialogNetwork.xml b/net/tinc/src/opnsense/mvc/app/controllers/OPNsense/Tinc/forms/dialogNetwork.xml
index 52f6b9725..96ef25ca1 100644
--- a/net/tinc/src/opnsense/mvc/app/controllers/OPNsense/Tinc/forms/dialogNetwork.xml
+++ b/net/tinc/src/opnsense/mvc/app/controllers/OPNsense/Tinc/forms/dialogNetwork.xml
@@ -12,10 +12,10 @@
Name used for this network
- network.network
-
+ network.intaddress
+
text
- Network for this VPN, where all hosts should fit in.
+ This machines internal address to use and network mask for the whole network
@@ -33,12 +33,6 @@
text
This machines external address to use
-
- network.intaddress
-
- text
- This machines internal address to use (within specified subnet)
-
network.subnet
diff --git a/net/tinc/src/opnsense/mvc/app/models/OPNsense/Tinc/Tinc.xml b/net/tinc/src/opnsense/mvc/app/models/OPNsense/Tinc/Tinc.xml
index 5e86317ef..35afc7346 100644
--- a/net/tinc/src/opnsense/mvc/app/models/OPNsense/Tinc/Tinc.xml
+++ b/net/tinc/src/opnsense/mvc/app/models/OPNsense/Tinc/Tinc.xml
@@ -18,7 +18,7 @@
Y
- /^([0-9a-zA-Z\.]){1,1024}$/u
+ /^([0-9a-zA-Z\_]){1,1024}$/u
Please specify a valid hostname.
@@ -36,11 +36,6 @@
Y
,
-
- Y
- N
- Y
-
Y
@@ -68,7 +63,7 @@
Y
- /^([0-9a-zA-Z\.]){1,1024}$/u
+ /^([0-9a-zA-Z\_]){1,1024}$/u
Please specify a valid hostname.
diff --git a/net/tinc/src/opnsense/scripts/OPNsense/Tinc/lib/objects.py b/net/tinc/src/opnsense/scripts/OPNsense/Tinc/lib/objects.py
index 19cce73bd..0aa68fb4e 100644
--- a/net/tinc/src/opnsense/scripts/OPNsense/Tinc/lib/objects.py
+++ b/net/tinc/src/opnsense/scripts/OPNsense/Tinc/lib/objects.py
@@ -30,6 +30,7 @@ class NetwConfObject(object):
self._payload = dict()
self._payload['hostname'] = None
self._payload['network'] = None
+ self._payload['address'] = None
def is_valid(self):
for key in self._payload:
@@ -47,6 +48,9 @@ class NetwConfObject(object):
def get_hostname(self):
return self._payload['hostname']
+ def get_network(self):
+ return self._payload['network']
+
def get_basepath(self):
return '/usr/local/etc/tinc/%(network)s' % self._payload
@@ -55,10 +59,14 @@ class Network(NetwConfObject):
super(Network, self).__init__()
self._payload['id'] = None
self._payload['privkey'] = None
+ self._payload['intaddress'] = None
self._hosts = list()
- def set_id(self, value):
- self._payload['id'] = value.text
+ def get_id(self):
+ return self._payload['id']
+
+ def get_local_address(self):
+ return self._payload['intaddress']
def set_hosts(self, hosts):
for host in hosts:
@@ -92,7 +100,6 @@ class Host(NetwConfObject):
def __init__(self):
super(Host, self).__init__()
self._connectTo = "0"
- self._payload['address'] = None
self._payload['subnet'] = None
self._payload['pubkey'] = None
diff --git a/net/tinc/src/opnsense/scripts/OPNsense/Tinc/tincd.py b/net/tinc/src/opnsense/scripts/OPNsense/Tinc/tincd.py
index 331b84f9e..a5047d32c 100755
--- a/net/tinc/src/opnsense/scripts/OPNsense/Tinc/tincd.py
+++ b/net/tinc/src/opnsense/scripts/OPNsense/Tinc/tincd.py
@@ -29,20 +29,23 @@
reconfigure tincd, using the supplied configuration
"""
import os
+import sys
import tempfile
import glob
+import pipes
import xml.etree.ElementTree
+import subprocess
from lib import objects
-def write_file(filename, content):
+def write_file(filename, content, mode=0o600):
dirname = '/'.join(filename.split('/')[0:-1])
if not os.path.isdir(dirname):
os.makedirs(dirname)
open(filename, 'w').write(content)
+ os.chmod(filename, mode)
-def deploy(config_filename):
- # collect file info
- config_files=dict()
+def read_config(config_filename):
+ result = list()
if os.path.isfile(config_filename):
for network in xml.etree.ElementTree.parse(config_filename).getroot():
Network_obj = objects.Network()
@@ -50,16 +53,49 @@ def deploy(config_filename):
Network_obj.set(network_prop.tag, network_prop)
# check if config is complete before collecting output files
if Network_obj.is_valid():
- for conf_obj in Network_obj.all():
- if conf_obj.is_valid():
- config_files[conf_obj.filename()] = conf_obj.config_text()
- # private key
- tmp = Network_obj.privkey()
- config_files[tmp['filename']] = tmp['content']
+ # add Network to result
+ result.append(Network_obj)
+
+ return result
+
+def deploy(config_filename):
+ interfaces = (subprocess.check_output(['/sbin/ifconfig','-l'])).split()
+ networks = read_config(config_filename)
# remove previous configuration
os.system('rm -rf /usr/local/etc/tinc')
- # write output
- for filename in config_files:
- write_file(filename, config_files[filename])
+ for network in networks:
+ # interface name to use
+ interface_name = 'tinc%s' % network.get_id()
-deploy('/usr/local/etc/tinc_deploy.xml')
+ # dump Network and host config
+ for conf_obj in network.all():
+ if conf_obj.is_valid():
+ write_file(conf_obj.filename(), conf_obj.config_text())
+
+ # dump private key
+ tmp = network.privkey()
+ write_file(tmp['filename'], tmp['content'])
+
+ # write if-up file
+ if_up = list()
+ if_up.append("#!/bin/sh")
+ if_up.append("ifconfig %s %s " % (interface_name, pipes.quote(network.get_local_address())))
+ write_file("%s/if-up" % network.get_basepath(), '\n'.join(if_up) + "\n", 0o700)
+
+ # configure and rename new tun device, place all in group "tinc" symlink associated tun device
+ if interface_name not in interfaces:
+ tundev = subprocess.check_output(['/sbin/ifconfig','tun','create']).split()[0]
+ subprocess.call(['/sbin/ifconfig',tundev,'name',interface_name])
+ subprocess.call(['/sbin/ifconfig',interface_name,'group','tinc'])
+ if os.path.islink('/dev/%s' % interface_name):
+ os.remove('/dev/%s' % interface_name)
+ os.symlink('/dev/%s' % tundev, '/dev/%s' % interface_name)
+ return networks
+
+if len(sys.argv) > 1:
+ if sys.argv[1] == 'stop':
+ for instance in glob.glob('/usr/local/etc/tinc/*'):
+ subprocess.call(['/usr/local/sbin/tincd','-n',instance.split('/')[-1], '-k'])
+ elif sys.argv[1] == 'start':
+ for netwrk in deploy('/usr/local/etc/tinc_deploy.xml'):
+ subprocess.call(['/usr/local/sbin/tincd','-n',netwrk.get_network(), '-R'])
diff --git a/net/tinc/src/opnsense/service/templates/OPNsense/Tinc/tinc_deploy.xml b/net/tinc/src/opnsense/service/templates/OPNsense/Tinc/tinc_deploy.xml
index 3d11b8739..e7e67f3a1 100644
--- a/net/tinc/src/opnsense/service/templates/OPNsense/Tinc/tinc_deploy.xml
+++ b/net/tinc/src/opnsense/service/templates/OPNsense/Tinc/tinc_deploy.xml
@@ -5,7 +5,9 @@
{{network.id}}
{{network.hostname}}
{{network.name}}
+ {{network.intaddress}}
+ {{network.intaddress}}
{{network.hostname}}