def change_net(network, netmask, ccd, fn_ips, ipv6): if ipv6: option = "ifconfig-ipv6-push" appendix = "/" + network.split('/')[1] + "\n" else: option = "ifconfig-push" appendix = " " + netmask + "\n" ip_map_new = [] listener.setuid(0) lo = ul.getMachineConnection() users = lo.search('univentionOpenvpnAccount=1') listener.unsetuid() users = map(lambda user: user[1].get('uid', [None])[0], users) for name in users: ip_new = generate_ip(network, ip_map_new) ip_map_new.append((name, ip_new)) # write entry in ccd cc = univention_openvpn_common.load_rc(3, ccd + name + ".openvpn") if cc is None: cc = [] else: cc = [x for x in cc if not re.search(option, x)] cc.append(option + " " + ip_new + appendix) univention_openvpn_common.write_rc(3, cc, ccd + name + ".openvpn") univention_openvpn_common.write_ip_map(3, ip_map_new, fn_ips)
dodomC = '#' else: dodomC = '' context = { 'hostname' : myname, 'dorouC' : dorouC, 'donamC' : donamC, 'dodomC' : dodomC, 'interfaces_eth0_network' : interfaces_eth0_network, 'interfaces_eth0_netmask' : interfaces_eth0_netmask, 'nameserver1' : nameserver1, 'dodom' : dodom } univention_openvpn_common.write_rc(3, config.format(**context), fn_serverconf) portold = old.get('univentionOpenvpnPort', [None])[0] portnew = new.get('univentionOpenvpnPort', [None])[0] if portold is not portnew: listener.setuid(0) #ucr = ConfigRegistry() #ucr.load() if portold: ucr.handler_unset(['security/packetfilter/package/univention-openvpn-server/udp/'+portold+'/all']) if portnew and 'univentionOpenvpnActive' in new: ucr.handler_set(['security/packetfilter/package/univention-openvpn-server/udp/'+portnew+'/all=ACCEPT']) listener.unsetuid()
else: dodomC = '' context = { 'hostname' : myname, 'dorouC' : dorouC, 'donamC' : donamC, 'dodomC' : dodomC, 'interfaces_eth0_network' : interfaces_eth0_network, 'interfaces_eth0_netmask' : interfaces_eth0_netmask, 'nameserver1' : nameserver1, 'dodom' : dodom, 'fn_secret' : fn_secret } univention_openvpn_common.write_rc(5, config.format(**context), fn_sitetositeconf) portold = old.get('univentionOpenvpnSitetoSitePort', [None])[0] portnew = new.get('univentionOpenvpnSitetoSitePort', [None])[0] if portold is not portnew: listener.setuid(0) #ucr.ConfigRegistry().load() #ucr.load() if portold: ucr.handler_unset(['security/packetfilter/package/univention-openvpn-sitetosite/udp/'+portold+'/all']) if portnew and 'univentionOpenvpnSitetoSiteActive' in new: ucr.handler_set(['security/packetfilter/package/univention-openvpn-sitetosite/udp/'+portnew+'/all=ACCEPT']) listener.unsetuid()