Tag Type : RANGE

This is where we can discuss what we would like to see added or changed in OpenVPN.
Post Reply
adsquaired
OpenVpn Newbie
Posts: 2
Joined: Fri Feb 17, 2017 7:03 pm

Tag Type : RANGE

Post by adsquaired » Fri Feb 17, 2017 7:27 pm

Hello,

I am porting over an extensive Iptables rule set from an OpenVPN server configuration to OpenVPN Access Server. To make things easier and clearer I am scripting the configuration of users, groups and ACLs with sacli.

Example Script Snippet

Code: Select all

./sacli --user Chain_1 --key group_declare --value True UserPropPut
./sacli --user Chain_1 --key prop_autologin --value false UserPropPut
./sacli --user Chain_1 --key prop_deny --value false UserPropPut
./sacli --user Chain_1 --key prop_superuser --value false UserPropPut
./sacli --user Chain_1 --key prop_block_ipv6 --value true UserPropPut
./sacli --user Chain_1 --key access_to.0 --value "+SUBNET:10.100.2.0/24:tcp/80" UserPropPut
I would prefer not to use the entire 10.100.2.0/24 and would rather use only what I need. 10.100.2.1-25.
My wishlist is to have support for something like this.

Code: Select all

./sacli --user Chain_1 --key access_to.0 --value "+RANGE:10.100.2.1-25:tcp/80" UserPropPut
Is there support for ranges in the filter rules?

adsquaired
OpenVpn Newbie
Posts: 2
Joined: Fri Feb 17, 2017 7:03 pm

Re: Tag Type : RANGE

Post by adsquaired » Mon Feb 20, 2017 7:42 pm

Additionally, is there support for +NAT Range as well as +SUBNET?

Post Reply