diff --git a/security/tinc/src/opnsense/mvc/app/controllers/OPNsense/Tinc/forms/dialogHost.xml b/security/tinc/src/opnsense/mvc/app/controllers/OPNsense/Tinc/forms/dialogHost.xml
index 232e97fa5..0e5bc3c34 100644
--- a/security/tinc/src/opnsense/mvc/app/controllers/OPNsense/Tinc/forms/dialogHost.xml
+++ b/security/tinc/src/opnsense/mvc/app/controllers/OPNsense/Tinc/forms/dialogHost.xml
@@ -20,8 +20,10 @@
host.extaddress
- text
- This machines external addresses to use (separated by comma)
+ select_multiple
+
+ true
+ External address of selected machine
host.extport
@@ -32,7 +34,9 @@
host.subnet
- text
+ select_multiple
+
+ true
This machines part of the network
diff --git a/security/tinc/src/opnsense/mvc/app/controllers/OPNsense/Tinc/forms/dialogNetwork.xml b/security/tinc/src/opnsense/mvc/app/controllers/OPNsense/Tinc/forms/dialogNetwork.xml
index 4fec66b52..1c2224c4d 100644
--- a/security/tinc/src/opnsense/mvc/app/controllers/OPNsense/Tinc/forms/dialogNetwork.xml
+++ b/security/tinc/src/opnsense/mvc/app/controllers/OPNsense/Tinc/forms/dialogNetwork.xml
@@ -68,8 +68,10 @@
network.extaddress
- text
- This machines external addresses to use (separated by comma)
+ select_multiple
+
+ true
+ External addresses of this machine
network.extport
@@ -80,7 +82,9 @@
network.subnet
- text
+ select_multiple
+
+ true
This machines part of the network
diff --git a/security/tinc/src/opnsense/mvc/app/models/OPNsense/Tinc/Tinc.xml b/security/tinc/src/opnsense/mvc/app/models/OPNsense/Tinc/Tinc.xml
index 89dc220e4..e9ebf4b97 100644
--- a/security/tinc/src/opnsense/mvc/app/models/OPNsense/Tinc/Tinc.xml
+++ b/security/tinc/src/opnsense/mvc/app/models/OPNsense/Tinc/Tinc.xml
@@ -21,9 +21,11 @@
/^([0-9a-zA-Z\_]){1,1024}$/u
Please specify a valid hostname.
-
+
N
- /^([0-9a-zA-Z\.,_\-:]){0,1024}$/u
+ 1
+ ,
+ Y
Y
@@ -41,6 +43,7 @@
N
Y
,
+ Y
Subnet field must be set in router mode.
@@ -131,15 +134,26 @@
65535
Port number must be between 1...65535
-
+
N
- /^([0-9a-zA-Z\.,_\-:]){0,1024}$/u
+ 1
+ ,
+ Y
+
+
+ Need external address if you intend to "Connect To" this host
+ SetIfConstraint
+ connectTo
+ 1
+
+
N
N
Y
,
+ Y
Y
@@ -154,6 +168,11 @@
1
Y
+
+
+ extaddress.check001
+
+
1
diff --git a/security/tinc/src/opnsense/scripts/OPNsense/Tinc/lib/objects.py b/security/tinc/src/opnsense/scripts/OPNsense/Tinc/lib/objects.py
index cece619f4..a0031d9b0 100755
--- a/security/tinc/src/opnsense/scripts/OPNsense/Tinc/lib/objects.py
+++ b/security/tinc/src/opnsense/scripts/OPNsense/Tinc/lib/objects.py
@@ -30,6 +30,8 @@ class NetwConfObject(object):
self._payload = dict()
self._payload['hostname'] = None
self._payload['network'] = None
+ self._payload['address'] = ''
+ self._payload['port'] = None
def is_valid(self):
for key in self._payload:
@@ -53,6 +55,11 @@ class NetwConfObject(object):
def get_basepath(self):
return '/usr/local/etc/tinc/%(network)s' % self._payload
+ def get_addresses(self):
+ if not self._payload['address']:
+ return
+ yield from self._payload['address'].split(',')
+
class Network(NetwConfObject):
def __init__(self):
super(Network, self).__init__()
@@ -95,10 +102,6 @@ class Network(NetwConfObject):
def config_text(self):
result = list()
result.append('AddressFamily=any')
- if 'address' in self._payload:
- addresses = self._payload['address'].split(',')
- for address in addresses:
- result.append('Address=%s %s' % (address, self._payload['port']))
result.append('Mode=%(mode)s' % self._payload)
result.append('PMTUDiscovery=%(PMTUDiscovery)s' % self._payload)
result.append('Port=%(port)s' % self._payload)
@@ -108,7 +111,7 @@ class Network(NetwConfObject):
result.append('ConnectTo = %s' % (host.get_hostname(),))
result.append('Device=/dev/tinc%(id)s' % self._payload)
result.append('Name=%(hostname)s' % self._payload)
- return '\n'.join(result)
+ return '\n'.join(result) + '\n'
def filename(self):
return self.get_basepath() + '/tinc.conf'
@@ -129,7 +132,7 @@ class Host(NetwConfObject):
self._payload['cipher'] = None
def connect_to_this_host(self):
- if self.is_valid() and self._connectTo == "1":
+ if self.is_valid() and self._payload['address'] and self._connectTo == "1":
return True
else:
return False
@@ -137,20 +140,21 @@ class Host(NetwConfObject):
def set_connectto(self, value):
self._connectTo = value.text
+ def get_subnets(self):
+ if not self._payload['subnet']:
+ return
+ yield from self._payload['subnet'].split(',')
+
def config_text(self):
result = list()
- if 'address' in self._payload:
- addresses = self._payload['address'].split(',')
- for address in addresses:
- result.append('Address=%s %s' % (address, self._payload['port']))
- if 'subnet' in self._payload:
- networks = self._payload['subnet'].split(',')
- for network in networks:
- result.append('Subnet=%s' % network)
+ for address in self.get_addresses():
+ result.append('Address=%s %s' % (address, self._payload['port']))
+ for network in self.get_subnets():
+ result.append('Subnet=%s' % network)
result.append('Cipher=%(cipher)s'%self._payload)
result.append('Digest=sha256')
result.append(self._payload['pubkey'])
- return '\n'.join(result)
+ return '\n'.join(result) + '\n'
def filename(self):
return '%s/hosts/%s' % (self.get_basepath(), self._payload['hostname'])