Context Navigation

source: src/router/services/services/openvpn.c @ 19190

Last change on this file since 19190 was 19190, checked in by sash, 14 months ago
ovpn: fix possible collision with chillispot
File size: 17.0 KB

Line
1	/*
2	* openvpn.c
3	*
4	* Copyright (C) 2005 - 2006 Sebastian Gottschall <gottschall@dd-wrt.com
5	* Copyright (C) 2010 - 2012 Sash
6	*
7	* This program is free software; you can redistribute it and/or
8	* modify it under the terms of the GNU General Public License
9	* as published by the Free Software Foundation; either version 2
10	* of the License.
11	*
12	* This program is distributed in the hope that it will be useful,
13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15	* GNU General Public License for more details.
16	*
17	* You should have received a copy of the GNU General Public License
18	* along with this program; if not, write to the Free Software
19	* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
20	*
21	* $Id:
22	*/
23
24	#include <ctype.h>
25	#include <string.h>
26	#include <stdio.h>
27	#include <stdlib.h>
28	#include <signal.h>
29	#include <bcmnvram.h>
30	#include <bcmutils.h>
31	#include <shutils.h>
32	#include <syslog.h>
33	#include <services.h>
34	#include <utils.h>
35
36	#ifdef HAVE_OPENVPN
37
38	void start_openvpnserver(void)
39	{
40
41	if (nvram_invmatch("openvpn_enable", "1"))
42	return;
43	dd_syslog(LOG_INFO, "openvpn : OpenVPN daemon (Server) starting/restarting...\n");
44	mkdir("/tmp/openvpn", 0700);
45	mkdir("/tmp/openvpn/ccd", 0700);
46	write_nvram("/tmp/openvpn/ccd/DEFAULT", "openvpn_ccddef");
47	write_nvram("/tmp/openvpn/dh.pem", "openvpn_dh");
48	write_nvram("/tmp/openvpn/ca.crt", "openvpn_ca");
49	write_nvram("/tmp/openvpn/cert.pem", "openvpn_crt");
50	write_nvram("/tmp/openvpn/ca.crl", "openvpn_crl");
51	write_nvram("/tmp/openvpn/key.pem", "openvpn_key");
52	write_nvram("/tmp/openvpn/ta.key", "openvpn_tlsauth");
53
54	FILE *fp = fopen("/tmp/openvpn/openvpn.conf", "wb");
55	if (fp == NULL)
56	return;
57	if (nvram_invmatch("openvpn_dh", ""))
58	fprintf(fp, "dh /tmp/openvpn/dh.pem\n");
59	if (nvram_invmatch("openvpn_ca", ""))
60	fprintf(fp, "ca /tmp/openvpn/ca.crt\n");
61	if (nvram_invmatch("openvpn_crt", ""))
62	fprintf(fp, "cert /tmp/openvpn/cert.pem\n");
63	if (nvram_invmatch("openvpn_key", ""))
64	fprintf(fp, "key /tmp/openvpn/key.pem\n");
65	//be sure Chris old style config is still working
66	if (nvram_match("openvpn_switch", "1")) {
67	write_nvram("/tmp/openvpn/cert.pem", "openvpn_crt");
68	fprintf(fp, "keepalive 10 120\n"
69	"verb 4\n" "mute 5\n"
70	"log-append /var/log/openvpn\n"
71	"writepid /var/log/openvpnd.pid\n"
72	"management 127.0.0.1 5002\n"
73	"management-log-cache 50\n"
74	"mtu-disc yes\n"
75	"topology subnet\n"
76	"client-config-dir /tmp/openvpn/ccd\n"
77	"script-security 2\n"
78	"port %s\n"
79	"proto %s\n"
80	"cipher %s\n"
81	"auth %s\n", nvram_safe_get("openvpn_port"),
82	nvram_safe_get("openvpn_proto"),
83	nvram_safe_get("openvpn_cipher"),
84	nvram_safe_get("openvpn_auth"));
85	if (nvram_invmatch("openvpn_auth", "none")) //not needed if we have no auth anyway
86	fprintf(fp, "tls-server\n");
87	if (nvram_match("openvpn_dupcn", "1"))
88	fprintf(fp, "duplicate-cn\n");
89	//keep peer ip persistant for x sec. works only when dupcn=off & no proxy mode
90	if (nvram_match("openvpn_dupcn", "0")
91	&& nvram_match("openvpn_proxy", "0"))
92	fprintf(fp,
93	"ifconfig-pool-persist /tmp/openvpn/ip-pool 86400\n");
94	// if (nvram_match("openvpn_certtype", "1")) //server doenst need this
95	// fprintf(fp, "ns-cert-type server\n");
96	if (nvram_invmatch("openvpn_lzo", "0"))
97	fprintf(fp, "comp-lzo %s\n", //yes/no/adaptive/disable
98	nvram_safe_get("openvpn_lzo"));
99	if (nvram_match("openvpn_cl2cl", "1"))
100	fprintf(fp, "client-to-client\n");
101	if (nvram_match("openvpn_redirgate", "1"))
102	fprintf(fp, "push \"redirect-gateway def1\"\n");
103	if (nvram_invmatch("openvpn_tlscip", "0"))
104	fprintf(fp, "tls-cipher %s\n",
105	nvram_safe_get("openvpn_tlscip"));
106	if (nvram_match("openvpn_proto", "udp"))
107	fprintf(fp, "fast-io\n"); //experimental!improving CPU efficiency by 5%-10%
108	else //TCP_NODELAY is generally a good latency optimization
109	fprintf(fp, "tcp-nodelay\n");
110	if (nvram_invmatch("openvpn_mtu", ""))
111	fprintf(fp, "tun-mtu %s\n",
112	nvram_safe_get("openvpn_mtu"));
113	if (nvram_invmatch("openvpn_mssfix", "")
114	&& nvram_match("openvpn_proto", "udp")) {
115	fprintf(fp, "mssfix\n"); //fragment==mssfix
116	fprintf(fp, "fragment %s\n",
117	nvram_safe_get("openvpn_mssfix"));
118	}
119	if (nvram_match("openvpn_tuntap", "tun")) {
120	fprintf(fp, "server %s %s\n",
121	nvram_safe_get("openvpn_net"),
122	nvram_safe_get("openvpn_mask"));
123	fprintf(fp, "dev tun2\n");
124	// fprintf(fp, "tun-ipv6\n"); //enable ipv6 support. not supported on server in version 2.1.3
125	} else if (nvram_match("openvpn_tuntap", "tap") &&
126	nvram_match("openvpn_proxy", "0")) {
127	fprintf(fp, "server-bridge %s %s %s %s\n",
128	nvram_safe_get("openvpn_gateway"),
129	nvram_safe_get("openvpn_mask"),
130	nvram_safe_get("openvpn_startip"),
131	nvram_safe_get("openvpn_endip"));
132	fprintf(fp, "dev tap2\n");
133	} else if (nvram_match("openvpn_tuntap", "tap") &&
134	nvram_match("openvpn_proxy", "1") &&
135	nvram_match("openvpn_redirgate", "1"))
136	fprintf(fp, "server-bridge\n" "dev tap2\n");
137	else
138	fprintf(fp, "server-bridge nogw\n" "dev tap2\n");
139	if (strlen(nvram_safe_get("openvpn_tlsauth")) > 0)
140	fprintf(fp, "tls-auth /tmp/openvpn/ta.key 0\n");
141	if (strlen(nvram_safe_get("openvpn_crl")) > 0)
142	fprintf(fp, "crl-verify /tmp/openvpn/ca.crl\n");
143	/* for QOS */
144	if (nvram_invmatch("wshaper_enable", "0"))
145	fprintf(fp, "passtos\n");
146	} else
147	write_nvram("/tmp/openvpn/cert.pem", "openvpn_client");
148
149	fprintf(fp, "%s\n", nvram_safe_get("openvpn_config"));
150	fclose(fp);
151
152	fp = fopen("/tmp/openvpn/route-up.sh", "wb");
153	if (fp == NULL)
154	return;
155	fprintf(fp, "#!/bin/sh\n");
156	#if defined(HAVE_TMK) \|\| defined(HAVE_BKM)
157	char *gpiovpn = nvram_get("gpiovpn");
158	if (gpiovpn != NULL) {
159	fprintf(fp, "gpio enable %s\n", gpiovpn);
160	}
161	#endif
162	//bring up tap interface when choosen
163	if (nvram_match("openvpn_tuntap", "tap")) {
164	fprintf(fp, "brctl addif br0 tap2\n"
165	"ifconfig tap2 0.0.0.0 promisc up\n"
166	"stopservice wshaper\n"
167	"startservice wshaper\n");
168	}
169	if (nvram_match("block_multicast", "0") //block multicast on bridged vpns
170	&& nvram_match("openvpn_tuntap", "tap"))
171	fprintf(fp, "insmod ebtables\n"
172	"insmod ebtable_filter\n"
173	"insmod ebt_pkttype\n"
174	"ebtables -D FORWARD -o tap2 --pkttype-type multicast -j DROP\n"
175	"ebtables -D OUTPUT -o tap2 --pkttype-type multicast -j DROP\n"
176	"ebtables -A FORWARD -o tap2 --pkttype-type multicast -j DROP\n"
177	"ebtables -A OUTPUT -o tap2 --pkttype-type multicast -j DROP\n");
178	//for testing only
179	// if (nvram_match("openvpn_dhcpbl", "1") //block dhcp on bridged vpns
180	// && nvram_match("openvpn_tuntap", "tap")
181	// && nvram_match("openvpn_proxy", "0"))
182	fprintf(fp, "insmod ebtables\n"
183	"insmod ebtable_filter\n" "insmod ebt_ip\n"
184	"ebtables -D INPUT -i tap2 --protocol IPv4 --ip-proto udp --ip-sport 67:68 -j DROP\n"
185	"ebtables -D FORWARD -i tap2 --protocol IPv4 --ip-proto udp --ip-sport 67:68 -j DROP\n"
186	"ebtables -D FORWARD -o tap2 --protocol IPv4 --ip-proto udp --ip-sport 67:68 -j DROP\n"
187	"ebtables -I INPUT -i tap2 --protocol IPv4 --ip-proto udp --ip-sport 67:68 -j DROP\n"
188	"ebtables -I FORWARD -i tap2 --protocol IPv4 --ip-proto udp --ip-sport 67:68 -j DROP\n"
189	"ebtables -I FORWARD -o tap2 --protocol IPv4 --ip-proto udp --ip-sport 67:68 -j DROP\n");
190	fprintf(fp, "startservice set_routes\n");
191	fclose(fp);
192
193	fp = fopen("/tmp/openvpn/route-down.sh", "wb");
194	if (fp == NULL)
195	return;
196	fprintf(fp, "#!/bin/sh\n");
197	#if defined(HAVE_TMK) \|\| defined(HAVE_BKM)
198	if (gpiovpn != NULL)
199	fprintf(fp, "gpio disable %s\n", gpiovpn);
200	#endif
201	if (nvram_match("openvpn_tuntap", "tap")) {
202	fprintf(fp, "brctl delif br0 tap2\n" "ifconfig tap2 down\n");
203	}
204	if (nvram_match("block_multicast", "0") //block multicast on bridged vpns
205	&& nvram_match("openvpn_tuntap", "tap"))
206	fprintf(fp,
207	"ebtables -D FORWARD -o tap2 --pkttype-type multicast -j DROP\n"
208	"ebtables -D OUTPUT -o tap2 --pkttype-type multicast -j DROP\n");
209	if (nvram_match("openvpn_dhcpbl", "1") //block dhcp on bridged vpns
210	&& nvram_match("openvpn_tuntap", "tap")
211	&& nvram_match("openvpn_proxy", "0"))
212	fprintf(fp,
213	"ebtables -D INPUT -i tap2 --protocol IPv4 --ip-proto udp --ip-sport 67:68 -j DROP\n"
214	"ebtables -D FORWARD -i tap2 --protocol IPv4 --ip-proto udp --ip-sport 67:68 -j DROP\n"
215	"ebtables -D FORWARD -o tap2 --protocol IPv4 --ip-proto udp --ip-sport 67:68 -j DROP\n");
216	fclose(fp);
217
218	chmod("/tmp/openvpn/route-up.sh", 0700);
219	chmod("/tmp/openvpn/route-down.sh", 0700);
220	eval("ln", "-s", "/usr/sbin/openvpn", "/tmp/openvpnserver");
221
222	if (nvram_match("use_crypto", "1"))
223	eval("/tmp/openvpnserver", "--config",
224	"/tmp/openvpn/openvpn.conf", "--route-up",
225	"/tmp/openvpn/route-up.sh", "--down-pre",
226	"/tmp/openvpn/route-down.sh", "--daemon", "--engine",
227	"cryptodev");
228	else
229	eval("/tmp/openvpnserver", "--config",
230	"/tmp/openvpn/openvpn.conf", "--route-up",
231	"/tmp/openvpn/route-up.sh", "--down-pre",
232	"/tmp/openvpn/route-down.sh", "--daemon");
233
234	eval("stopservice", "wshaper");
235	eval("startservice", "wshaper");
236	}
237
238	void stop_openvpnserver(void)
239	{
240	#if defined(HAVE_TMK) \|\| defined(HAVE_BKM)
241	char *gpiovpn = nvram_get("gpiovpn");
242	if (gpiovpn != NULL) {
243	set_gpio(atoi(gpiovpn), 0);
244	}
245	#endif
246	if (stop_process("openvpnserver", "OpenVPN daemon (Server)")) {
247	eval("stopservice", "wshaper");
248	eval("startservice", "wshaper");
249	}
250
251	return;
252	}
253
254	void start_openvpnserverwan(void)
255	{
256	if (nvram_match("openvpn_onwan", "1"))
257	start_openvpnserver();
258	return;
259	}
260
261	void stop_openvpnserverwan(void)
262	{
263	if (nvram_match("openvpn_onwan", "1"))
264	stop_openvpnserver();
265	return;
266	}
267
268	void start_openvpnserversys(void)
269	{
270	if (nvram_match("openvpn_onwan", "0"))
271	start_openvpnserver();
272	return;
273	}
274
275	void stop_openvpnserversys(void)
276	{
277	if (nvram_match("openvpn_onwan", "0"))
278	stop_openvpnserver();
279	return;
280	}
281
282	void start_openvpn(void)
283	{
284	if (nvram_invmatch("openvpncl_enable", "1"))
285	return;
286	dd_syslog(LOG_INFO, "openvpn : OpenVPN daemon (Client) starting/restarting...\n");
287	mkdir("/tmp/openvpncl", 0700);
288	write_nvram("/tmp/openvpncl/ca.crt", "openvpncl_ca");
289	write_nvram("/tmp/openvpncl/client.crt", "openvpncl_client");
290	write_nvram("/tmp/openvpncl/client.key", "openvpncl_key");
291	write_nvram("/tmp/openvpncl/ta.key", "openvpncl_tlsauth");
292	chmod("/tmp/openvpn/client.key", 0600);
293
294	FILE *fp = fopen("/tmp/openvpncl/openvpn.conf", "wb");
295	if (fp == NULL)
296	return;
297	if (nvram_invmatch("openvpncl_ca", ""))
298	fprintf(fp, "ca /tmp/openvpncl/ca.crt\n");
299	if (nvram_invmatch("openvpncl_client", ""))
300	fprintf(fp, "cert /tmp/openvpncl/client.crt\n");
301	if (nvram_invmatch("openvpncl_key", ""))
302	fprintf(fp, "key /tmp/openvpncl/client.key\n");
303	fprintf(fp,
304	"management 127.0.0.1 5001\n"
305	"management-log-cache 50\n"
306	"verb 4\n" "mute 5\n"
307	"log-append /var/log/openvpncl\n"
308	"writepid /var/log/openvpncl.pid\n"
309	"client\n"
310	"resolv-retry infinite\n"
311	"nobind\n" "persist-key\n" "persist-tun\n"
312	"script-security 2\n" "mtu-disc yes\n");
313	fprintf(fp, "dev %s1\n", nvram_safe_get("openvpncl_tuntap"));
314	fprintf(fp, "proto %s\n", nvram_safe_get("openvpncl_proto"));
315	fprintf(fp, "cipher %s\n", nvram_safe_get("openvpncl_cipher"));
316	fprintf(fp, "auth %s\n", nvram_safe_get("openvpncl_auth"));
317	fprintf(fp, "remote %s %s\n",
318	nvram_safe_get("openvpncl_remoteip"),
319	nvram_safe_get("openvpncl_remoteport"));
320	if (nvram_invmatch("openvpncl_auth", "none")) //not needed if we have no auth anyway
321	fprintf(fp, "tls-client\n");
322	if (nvram_invmatch("openvpncl_mtu", ""))
323	fprintf(fp, "tun-mtu %s\n", nvram_safe_get("openvpncl_mtu"));
324	if (nvram_invmatch("openvpncl_mssfix", "")
325	&& nvram_match("openvpn_proto", "udp")) {
326	fprintf(fp, "mssfix\n"); //fragment=mssfix
327	fprintf(fp, "fragment %s\n",
328	nvram_safe_get("openvpncl_mssfix"));
329	}
330	if (nvram_invmatch("openvpncl_lzo", "0"))
331	fprintf(fp, "comp-lzo %s\n", //yes/no/adaptive/disable
332	nvram_safe_get("openvpncl_lzo"));
333	if (nvram_match("openvpncl_certtype", "1"))
334	fprintf(fp, "ns-cert-type server\n");
335	if (nvram_match("openvpncl_proto", "udp"))
336	fprintf(fp, "fast-io\n"); //experimental!improving CPU efficiency by 5%-10%
337	// if (nvram_match("openvpncl_tuntap", "tun"))
338	// fprintf(fp, "tun-ipv6\n"); //enable ipv6 support. not supported on server in version 2.1.3
339	if (strlen(nvram_safe_get("openvpncl_tlsauth")) > 0)
340	fprintf(fp, "tls-auth /tmp/openvpncl/ta.key 1\n");
341	if (nvram_invmatch("openvpncl_tlscip", "0"))
342	fprintf(fp, "tls-cipher %s\n",
343	nvram_safe_get("openvpncl_tlscip"));
344	/* for QOS */
345	if (nvram_invmatch("wshaper_enable", "0"))
346	fprintf(fp, "passtos\n");
347
348	fprintf(fp, "%s\n", nvram_safe_get("openvpncl_config"));
349	fclose(fp);
350	fp = fopen("/tmp/openvpncl/route-up.sh", "wb");
351	if (fp == NULL) {
352	return;
353	}
354	fprintf(fp, "#!/bin/sh\n");
355	//bridge tap interface to br0 when choosen
356	if (nvram_match("openvpncl_tuntap", "tap")
357	&& nvram_match("openvpncl_bridge", "1")
358	&& nvram_match("openvpncl_nat", "0")) {
359	fprintf(fp, "brctl addif br0 tap1\n"
360	"ifconfig tap1 0.0.0.0 promisc up\n"
361	"stopservice wshaper\n"
362	"startservice wshaper\n");
363	} else {
364	if (nvram_match("openvpncl_tuntap", "tap")
365	&& strlen(nvram_safe_get("openvpncl_ip")) > 0)
366	fprintf(fp, "ifconfig tap1 %s netmask %s up\n",
367	nvram_safe_get("openvpncl_ip"),
368	nvram_safe_get("openvpncl_mask"));
369	}
370	if (nvram_match("openvpncl_nat", "1"))
371	fprintf(fp,
372	"iptables -I INPUT -i %s1 -j logaccept\n"
373	"iptables -I POSTROUTING -t nat -o %s1 -j MASQUERADE\n",
374	nvram_safe_get("openvpncl_tuntap"),
375	nvram_safe_get("openvpncl_tuntap"));
376	else {
377	fprintf(fp,
378	"iptables -I INPUT -i %s1 -j logaccept\n"
379	"iptables -I FORWARD -i %s1 -j logaccept\n"
380	"iptables -I FORWARD -o %s1 -j logaccept\n",
381	nvram_safe_get("openvpncl_tuntap"),
382	nvram_safe_get("openvpncl_tuntap"),
383	nvram_safe_get("openvpncl_tuntap"));
384	}
385	if (strlen(nvram_safe_get("openvpncl_route")) > 0) { //policy based routing
386	write_nvram("/tmp/openvpncl/policy_ips", "openvpncl_route");
387	fprintf(fp, "ip route add default via %s table 10\n",
388	nvram_safe_get("wan_gateway"));
389	//sort -r /var/log/openvpncl \|grep gateway
390	fprintf(fp,
391	"for IP in `cat /tmp/openvpncl/policy_ips` ; do\n"
392	" ip rule add from $IP table 10\n" "done\n");
393	}
394	if (nvram_match("block_multicast", "0") //block multicast on bridged vpns
395	&& nvram_match("openvpncl_tuntap", "tap")
396	&& nvram_match("openvpncl_bridge", "1")) {
397	fprintf(fp, "insmod ebtables\n"
398	"insmod ebtable_filter\n"
399	"insmod ebt_pkttype\n"
400	"ebtables -I FORWARD -o tap1 --pkttype-type multicast -j DROP\n"
401	"ebtables -I OUTPUT -o tap1 --pkttype-type multicast -j DROP\n"
402	);
403	}
404	fprintf(fp, "startservice set_routes\n");
405	fclose(fp);
406
407	fp = fopen("/tmp/openvpncl/route-down.sh", "wb");
408	if (fp == NULL)
409	return;
410	fprintf(fp, "#!/bin/sh\n");
411	if (nvram_match("openvpncl_tuntap", "tap")
412	&& nvram_match("openvpncl_bridge", "1")
413	&& nvram_match("openvpncl_nat", "0"))
414	fprintf(fp, "brctl delif br0 tap1\n" "ifconfig tap1 down\n");
415	else if (nvram_match("openvpncl_tuntap", "tap")
416	&& strlen(nvram_safe_get("openvpn_ip")) > 0)
417	fprintf(fp, "ifconfig tap1 down\n");
418	if (nvram_match("openvpncl_nat", "1"))
419	fprintf(fp,
420	"iptables -D INPUT -i %s1 -j logaccept\n"
421	"iptables -D POSTROUTING -t nat -o %s1 -j MASQUERADE\n",
422	nvram_safe_get("openvpncl_tuntap"),
423	nvram_safe_get("openvpncl_tuntap"));
424	else {
425	fprintf(fp,
426	"iptables -D INPUT -i %s1 -j logaccept\n"
427	"iptables -D FORWARD -i %s1 -j logaccept\n"
428	"iptables -D FORWARD -o %s1 -j logaccept\n",
429	nvram_safe_get("openvpncl_tuntap"),
430	nvram_safe_get("openvpncl_tuntap"),
431	nvram_safe_get("openvpncl_tuntap"));
432	}
433	if (strlen(nvram_safe_get("openvpncl_route")) > 0) { //policy based routing
434	write_nvram("/tmp/openvpncl/policy_ips", "openvpncl_route");
435	fprintf(fp, "ip route del default via %s table 10\n",
436	nvram_safe_get("wan_gateway"));
437	fprintf(fp,
438	"for IP in `cat /tmp/openvpn/policy_ips` ; do\n"
439	" ip rule del from $IP table 10\n" "done\n");
440	}
441	if (nvram_match("block_multicast", "0") //block multicast on bridged vpns
442	&& nvram_match("openvpncl_tuntap", "tap")
443	&& nvram_match("openvpncl_bridge", "1")) {
444	fprintf(fp,
445	"ebtables -D FORWARD -o tap1 --pkttype-type multicast -j DROP\n"
446	"ebtables -D OUTPUT -o tap1 --pkttype-type multicast -j DROP\n"
447	"#rmmod ebt_pkttype\n"
448	"#rmmod ebtable_filter\n"
449	"#rmmod ebtables\n");
450	}
451	fclose(fp);
452
453	chmod("/tmp/openvpncl/route-up.sh", 0700);
454	chmod("/tmp/openvpncl/route-down.sh", 0700);
455
456	if (nvram_match("use_crypto", "1"))
457	eval("openvpn", "--config",
458	"/tmp/openvpncl/openvpn.conf", "--route-up",
459	"/tmp/openvpn/route-up.sh", "--down-pre",
460	"/tmp/openvpn/route-down.sh", "--daemon",
461	"--engine", "cryptodev");
462	else
463	eval("openvpn", "--config",
464	"/tmp/openvpncl/openvpn.conf", "--route-up",
465	"/tmp/openvpncl/route-up.sh", "--down-pre",
466	"/tmp/openvpncl/route-down.sh", "--daemon");
467
468	eval("stopservice", "wshaper");
469	eval("startservice", "wshaper");
470
471	return;
472	}
473
474	void stop_openvpn(void)
475	{
476	if (stop_process("openvpn", "OpenVPN daemon (Client)")) {
477	stop_wshaper();
478	start_wshaper();
479	}
480	}
481
482	void stop_openvpn_wandone(void)
483	{
484	if (nvram_invmatch("openvpncl_enable", "1"))
485	return;
486
487	if (stop_process("openvpn", "OpenVPN daemon (Client)")) {
488	stop_wshaper();
489	start_wshaper();
490	}
491	}
492
493	#endif

Note: See TracBrowser for help on using the repository browser.

Download in other formats: