I am porting over an extensive Iptables rule set from an OpenVPN server configuration to OpenVPN Access Server. To make things easier and clearer I am scripting the configuration of users, groups and ACLs with sacli.
Example Script Snippet
Code: Select all
./sacli --user Chain_1 --key group_declare --value True UserPropPut
./sacli --user Chain_1 --key prop_autologin --value false UserPropPut
./sacli --user Chain_1 --key prop_deny --value false UserPropPut
./sacli --user Chain_1 --key prop_superuser --value false UserPropPut
./sacli --user Chain_1 --key prop_block_ipv6 --value true UserPropPut
./sacli --user Chain_1 --key access_to.0 --value "+SUBNET:10.100.2.0/24:tcp/80" UserPropPut
My wishlist is to have support for something like this.
Code: Select all
./sacli --user Chain_1 --key access_to.0 --value "+RANGE:10.100.2.1-25:tcp/80" UserPropPut