Opened 9 years ago
Closed 8 years ago
#542 closed Feature Wish (wontfix)
[RFE] [openbsd] support 'group' and 'description' if tun device on openbsd
Reported by: | jirib | Owned by: | |
---|---|---|---|
Priority: | trivial | Milestone: | |
Component: | Configuration | Version: | OpenVPN 2.3.6 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | openbsd |
Cc: |
Description
Maybe it would be nice (although not portable) if one could define 'group' and 'description' in openvpn config and these values would be set on tun device. openbsd supports adding a network interface into so-called groups (they are either explicit or implicit) and openbsd also supports putting a description on network interface.
Then one can do 'ifconfig $group' instead of 'ifconfig $iface'.
(Yes this can be done in client.{up,down} scripts.)
Example:
# ifconfig egress em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 lladdr 00:25:90:60:8f:1f description: uplink priority: 0 groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet 176.xx.xx.xx netmask 0xffffffe0 broadcast 176.xx.xx.xx
Change History (2)
comment:1 Changed 9 years ago by
comment:2 Changed 8 years ago by
Resolution: | → wontfix |
---|---|
Status: | new → closed |
Closing this, based on cron2's comment. OpenVPN is more than complex enough and it is better to strive to have a common set of functions which works similar across all platforms, whenever that is possible. Obviously there are features available in Windows which is not on Linux and vice versa. But Linux and most *BSD distros have a fairly well defined feature set which overlaps quite well.
As long as no other platform has this, I do not really see much sense in implementing this in OpenVPN (as it can be done in the --up script...) - most likely it's not hard, but we already have way too many options and config variants, so the gain needs to outweigh the effort...
You could test running openvpn with a generic --up script that reads environment variables for group and description, and have "--setenv group xyz" in your openvpn config - that should pass the variables nicely on, so you can configure group/description "from openvpn", without actually changing code there...