Change Details

The parsing of the status file for the tunnel client IP makes some assumptions on the order of the lines containing the peer address; those are false in the case of a subnet configured under the [..., 'server', 'client'] tagnode. This will be fixed in the rewrite in T4770 for Sagitta, and in the original for Equuleus.

The parsing of the status file for the tunnel client IP makes some assumptions on the order of the lines containing the peer address; those are false in the case of a subnet configured under the [..., 'server', 'client'] tagnode. This will be fixed in the rewrite in T4770 for Sagitta, and in the original for Equuleus. Details: For the config fragment: ``` >>> conf = Config() >>> d = conf.get_config_dict(["interfaces", "openvpn", "vtun10", "server"], get_first_key=True) >>> pprint(d) {'client': {'client1': {'ip': ['10.10.0.10']}}, 'max-connections': '250', 'subnet': ['10.10.0.0/24'], 'topology': 'subnet'} ``` the status file is as follows: ``` jestabro@vyos:~$ sudo cat /run/openvpn/vtun10.status OpenVPN CLIENT LIST Updated,2022-12-10 21:32:34 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since client1,98.212.152.242:55733,8609,8502,2022-12-10 21:11:12 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref 10.10.0.10,client1,98.212.152.242:55733,2022-12-10 21:11:12 GLOBAL STATS Max bcast/mcast queue length,0 END ``` The parsing for tunnel ID correctly find this in lines[1], for the list of lines containing "client1". However, for config fragment (tautological example): ``` >>> conf = Config() >>> d = conf.get_config_dict(["interfaces", "openvpn", "vtun10", "server"], get_first_key=True) >>> pprint(d) {'client': {'client1': {'ip': ['10.10.0.10'], 'subnet': ['10.10.0.0/24']}}, 'max-connections': '250', 'subnet': ['10.10.0.0/24'], 'topology': 'subnet'} ``` the status file is: ``` jestabro@vyos:~$ sudo cat /run/openvpn/vtun10.status OpenVPN CLIENT LIST Updated,2022-12-10 20:52:54 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since client1,98.212.152.242:51618,5534,5427,2022-12-10 20:44:08 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref 10.10.0.0/24,client1,98.212.152.242:51618,2022-12-10 20:44:08 10.10.0.10,client1,98.212.152.242:51618,2022-12-10 20:44:08 GLOBAL STATS Max bcast/mcast queue length,0 END ``` and getting lines[1] will give the incorrect entry. Consequently, we will filter out the subnet lines before looking for the tunnel IP.

The parsing of the status file for the tunnel client IP makes some assumptions on the order of the lines containing the peer address; those are false in the case of a subnet configured under the [..., 'server', 'client'] tagnode. This will be fixed in the rewrite in T4770 for Sagitta, and in the original for Equuleus. Details: For the config fragment: ``` >>> conf = Config() >>> d = conf.get_config_dict(["interfaces", "openvpn", "vtun10", "server"], get_first_key=True) >>> pprint(d) {'client': {'client1': {'ip': ['10.10.0.10']}}, 'max-connections': '250', 'subnet': ['10.10.0.0/24'], 'topology': 'subnet'} ``` the status file is as follows: ``` jestabro@vyos:~$ sudo cat /run/openvpn/vtun10.status OpenVPN CLIENT LIST Updated,2022-12-10 21:32:34 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since client1,98.212.152.242:55733,8609,8502,2022-12-10 21:11:12 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref 10.10.0.10,client1,98.212.152.242:55733,2022-12-10 21:11:12 GLOBAL STATS Max bcast/mcast queue length,0 END ``` The parsing for tunnel ID correctly find this in lines[1], for the list of lines containing "client1". However, for config fragment (tautological example): ``` >>> conf = Config() >>> d = conf.get_config_dict(["interfaces", "openvpn", "vtun10", "server"], get_first_key=True) >>> pprint(d) {'client': {'client1': {'ip': ['10.10.0.10'], 'subnet': ['10.10.0.0/24']}}, 'max-connections': '250', 'subnet': ['10.10.0.0/24'], 'topology': 'subnet'} ``` the status file is: ``` jestabro@vyos:~$ sudo cat /run/openvpn/vtun10.status OpenVPN CLIENT LIST Updated,2022-12-10 20:52:54 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since client1,98.212.152.242:51618,5534,5427,2022-12-10 20:44:08 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref 10.10.0.0/24,client1,98.212.152.242:51618,2022-12-10 20:44:08 10.10.0.10,client1,98.212.152.242:51618,2022-12-10 20:44:08 GLOBAL STATS Max bcast/mcast queue length,0 END ``` and getting lines[1] will give the incorrect entry. Consequently, we will filter out the subnet lines before looking for the tunnel IP.