change config to use absolute paths based on /etc/openvpn
patch by Jerry Askew via OpenWrt-devel git-svn-id: svn://svn.openwrt.org/openwrt/packages@16849 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
markus
parent
7c7a1f0a8e
commit
ebe223124b
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=openvpn
|
||||
PKG_VERSION:=2.1_rc18
|
||||
PKG_RELEASE:=1
|
||||
PKG_RELEASE:=2
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=http://openvpn.net/release @SF/openvpn
|
||||
@ -72,6 +72,7 @@ define Package/openvpn/install
|
||||
$(INSTALL_BIN) files/$(PKG_NAME).init $(1)/etc/init.d/$(PKG_NAME)
|
||||
$(INSTALL_DIR) $(1)/etc/config
|
||||
$(INSTALL_CONF) files/$(PKG_NAME).config $(1)/etc/config/$(PKG_NAME)
|
||||
$(INSTALL_DIR) $(1)/etc/openvpn
|
||||
endef
|
||||
|
||||
define Package/openvpn-easy-rsa/install
|
||||
|
||||
@ -70,17 +70,17 @@ config openvpn sample_server
|
||||
# Any X509 key management system can be used.
|
||||
# OpenVPN can also use a PKCS #12 formatted key file
|
||||
# (see "pkcs12" directive in man page).
|
||||
option ca ca.crt
|
||||
option cert server.crt
|
||||
option ca /etc/openvpn/ca.crt
|
||||
option cert /etc/openvpn/server.crt
|
||||
# This file should be kept secret:
|
||||
option key server.key
|
||||
option key /etc/openvpn/server.key
|
||||
|
||||
# Diffie hellman parameters.
|
||||
# Generate your own with:
|
||||
# openssl dhparam -out dh1024.pem 1024
|
||||
# Substitute 2048 for 1024 if you are using
|
||||
# 2048 bit keys.
|
||||
option dh dh1024.pem
|
||||
option dh /etc/openvpn/dh1024.pem
|
||||
|
||||
# Configure server mode and supply a VPN subnet
|
||||
# for OpenVPN to draw client addresses from.
|
||||
@ -96,7 +96,7 @@ config openvpn sample_server
|
||||
# is restarted, reconnecting clients can be assigned
|
||||
# the same virtual IP address from the pool that was
|
||||
# previously assigned.
|
||||
option ifconfig_pool_persist ipp.txt
|
||||
option ifconfig_pool_persist /tmp/ipp.txt
|
||||
|
||||
# Configure server mode for ethernet bridging.
|
||||
# You must first use your OS's bridging capability
|
||||
@ -131,7 +131,7 @@ config openvpn sample_server
|
||||
# also has a small subnet behind his connecting
|
||||
# machine, such as 192.168.40.128/255.255.255.248.
|
||||
# First, uncomment out these lines:
|
||||
# option client_config_dir ccd
|
||||
# option client_config_dir /etc/openvpn/ccd
|
||||
# list route "192.168.40.128 255.255.255.248"
|
||||
# Then create a file ccd/Thelonious with this line:
|
||||
# iroute 192.168.40.128 255.255.255.248
|
||||
@ -143,7 +143,7 @@ config openvpn sample_server
|
||||
# EXAMPLE: Suppose you want to give
|
||||
# Thelonious a fixed VPN IP address of 10.9.0.1.
|
||||
# First uncomment out these lines:
|
||||
# option client_config_dir ccd
|
||||
# option client_config_dir /etc/openvpn/ccd
|
||||
# list route "10.9.0.0 255.255.255.252"
|
||||
# list route "192.168.100.0 255.255.255.0"
|
||||
# Then add this line to ccd/Thelonious:
|
||||
@ -159,7 +159,7 @@ config openvpn sample_server
|
||||
# modify the firewall in response to access
|
||||
# from different clients. See man
|
||||
# page for more info on learn-address script.
|
||||
# option learn_address ./script
|
||||
# option learn_address /etc/openvpn/script
|
||||
|
||||
# If enabled, this directive will configure
|
||||
# all clients to redirect their default
|
||||
@ -226,7 +226,7 @@ config openvpn sample_server
|
||||
# The second parameter should be '0'
|
||||
# on the server and '1' on the clients.
|
||||
# This file is secret:
|
||||
# option tls_auth "ta.key 0"
|
||||
# option tls_auth "/etc/openvpn/ta.key 0"
|
||||
|
||||
# Select a cryptographic cipher.
|
||||
# This config item must be copied to
|
||||
@ -257,7 +257,7 @@ config openvpn sample_server
|
||||
# Output a short status file showing
|
||||
# current connections, truncated
|
||||
# and rewritten every minute.
|
||||
option status openvpn-status.log
|
||||
option status /tmp/openvpn-status.log
|
||||
|
||||
# By default, log messages will go to the syslog (or
|
||||
# on Windows, if running as a service, they will go to
|
||||
@ -266,8 +266,8 @@ config openvpn sample_server
|
||||
# "log" will truncate the log file on OpenVPN startup,
|
||||
# while "log-append" will append to it. Use one
|
||||
# or the other (but not both).
|
||||
# option log openvpn.log
|
||||
# option log_append openvpn.log
|
||||
# option log /tmp/openvpn.log
|
||||
# option log_append /tmp/openvpn.log
|
||||
|
||||
# Set the appropriate level of log
|
||||
# file verbosity.
|
||||
@ -360,9 +360,9 @@ config openvpn sample_client
|
||||
# a separate .crt/.key file pair
|
||||
# for each client. A single ca
|
||||
# file can be used for all clients.
|
||||
option ca ca.crt
|
||||
option cert client.crt
|
||||
option key client.key
|
||||
option ca /etc/openvpn/ca.crt
|
||||
option cert /etc/openvpn/client.crt
|
||||
option key /etc/openvpn/client.key
|
||||
|
||||
# Verify server certificate by checking
|
||||
# that the certicate has the nsCertType
|
||||
@ -379,7 +379,7 @@ config openvpn sample_client
|
||||
|
||||
# If a tls_auth key is used on the server
|
||||
# then every client must also have the key.
|
||||
# option tls_auth "ta.key 1"
|
||||
# option tls_auth "/etc/openvpn/ta.key 1"
|
||||
|
||||
# Select a cryptographic cipher.
|
||||
# If the cipher option is used on the server
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user