26 lines
951 B
Plaintext
26 lines
951 B
Plaintext
{
|
|
# VPN paquets have already a tos set (when they entered the tun interface
|
|
# So, we just need to send them in the QOS table
|
|
|
|
# For OpenVPN Bridge
|
|
if (defined ${'openvpn-bridge'}{'UDPPort'}){
|
|
$OUT .= "\$IPT -t mangle -A QOS -p udp --sport ${'openvpn-bridge'}{'UDPPort'} -j RETURN\n";
|
|
}
|
|
elsif (defined ${'openvpn-bridge'}{'TCPPort'}){
|
|
$OUT .= "\$IPT -t mangle -A QOS -p tcp --sport ${'openvpn-bridge'}{'TCPPort'} -j RETURN\n";
|
|
}
|
|
|
|
# For OpenVPN Site To Site
|
|
my $ovpndb = esmith::ConfigDB->open_ro('openvpn-s2s') || return "";
|
|
|
|
foreach my $server ($ovpndb->get_all_by_prop(type=>'server')){
|
|
$OUT .= "\$IPT -t mangle -A QOS -p " . ($server->prop('Protocol') || 'udp') . " --sport " . $server->prop('Port') . " -j RETURN\n";
|
|
}
|
|
foreach my $client ($ovpndb->get_all_by_prop(type=>'client')){
|
|
$OUT .= "\$IPT -t mangle -A QOS -p " . ($client->prop('Protocol') || 'udp') . " --dport " . $client->prop('Port') . " -j RETURN\n";
|
|
}
|
|
|
|
$OUT .= '';
|
|
|
|
}
|