Op-mode show openvpn server could fail in some cases
$ show openvpn server Traceback (most recent call last): File "/usr/libexec/vyos/op_mode/show_openvpn.py", line 173, in <module> data = get_status(args.mode, intf) File "/usr/libexec/vyos/op_mode/show_openvpn.py", line 130, in get_status client["tunnel"] = get_vpn_tunnel_address(client['remote'], interface) File "/usr/libexec/vyos/op_mode/show_openvpn.py", line 66, in get_vpn_tunnel_address tunnel_ip = lst[0].split(',')[0] IndexError: list index out of range
This could be fixed by replacing def get_vpn_tunnel_address with this
def get_vpn_tunnel_address(peer, interface): lst = [] status_file = '/var/run/openvpn/{}.status'.format(interface) with open(status_file, 'r') as f: lines = f.readlines() for line in lines: if peer in line: lst.append(line) # filter out subnet entries lst = [l for l in lst[1:] if '/' not in l.split(',')[0]] if lst: tunnel_ip = lst[0].split(',')[0] return tunnel_ip return 'n/a'
i.e
diff --git a/src/op_mode/show_openvpn.py b/src/op_mode/show_openvpn.py index e29e594a..6abafc8b 100755 --- a/src/op_mode/show_openvpn.py +++ b/src/op_mode/show_openvpn.py @@ -63,9 +63,11 @@ def get_vpn_tunnel_address(peer, interface): # filter out subnet entries lst = [l for l in lst[1:] if '/' not in l.split(',')[0]] - tunnel_ip = lst[0].split(',')[0] + if lst: + tunnel_ip = lst[0].split(',')[0] + return tunnel_ip - return tunnel_ip + return 'n/a' def get_status(mode, interface): status_file = '/var/run/openvpn/{}.status'.format(interface)