Package: network-manager-vpnc
Version: 0.9.8.6-1
For firewall rules, it would be nice if the VPN interface could be
configured to have a predictable name instead of generic "tun0".
It turns out vpnc already supports this, we just need to expose the
option in NetworkManager.
diff -urN a/properties/nm-vpnc.c b/properties/nm-vpnc.c
--- a/properties/nm-vpnc.c 2013-09-13 12:01:23.000000000 -0400
+++ b/properties/nm-vpnc.c 2014-02-04 18:21:47.714491746 -0500
@@ -702,6 +702,16 @@
}
g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK
(spinbutton_changed_cb), self);
+ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder,
"interface_name_entry"));
+ g_return_val_if_fail (widget != NULL, FALSE);
+ gtk_size_group_add_widget (priv->group, GTK_WIDGET (widget));
+ if (s_vpn) {
+ value = nm_setting_vpn_get_data_item (s_vpn,
NM_VPNC_KEY_INTERFACE_NAME);
+ if (value && strlen (value))
+ gtk_entry_set_text (GTK_ENTRY (widget), value);
+ }
+ g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK
(stuff_changed_cb), self);
+
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder,
"disable_dpd_checkbutton"));
g_return_val_if_fail (widget != NULL, FALSE);
if (s_vpn) {
@@ -992,6 +1002,11 @@
port = gtk_spin_button_get_value_as_int (GTK_SPIN_BUTTON (widget));
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_LOCAL_PORT,
g_strdup_printf ("%d", port));
+ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder,
"interface_name_entry"));
+ str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
+ if (str && strlen (str))
+ nm_setting_vpn_add_data_item (s_vpn,
NM_VPNC_KEY_INTERFACE_NAME, str);
+
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder,
"disable_dpd_checkbutton"));
if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) {
nm_setting_vpn_add_data_item (s_vpn,
NM_VPNC_KEY_DPD_IDLE_TIMEOUT, "0");
@@ -1540,6 +1555,12 @@
g_free (tmp);
}
+ buf = key_file_get_string_helper (keyfile, "main", "InterfaceName",
NULL);
+ if (buf) {
+ nm_setting_vpn_add_data_item (s_vpn,
NM_VPNC_KEY_INTERFACE_NAME, buf);
+ g_free (buf);
+ }
+
g_key_file_free (keyfile);
return connection;
@@ -1572,6 +1593,7 @@
const char *group_pw = NULL;
GString *routes = NULL;
GString *uselegacyikeport = NULL;
+ const char *interfacename = NULL;
gboolean success = FALSE;
guint32 routes_count = 0;
gboolean save_password = FALSE;
@@ -1697,6 +1719,10 @@
if (!value || !strcmp (value, "0"))
g_string_assign (uselegacyikeport, "UseLegacyIKEPort=0\n");
+ value = nm_setting_vpn_get_data_item (s_vpn,
NM_VPNC_KEY_INTERFACE_NAME);
+ if (value && strlen (value))
+ interfacename = value;
+
fprintf (f,
"[main]\n"
"Description=%s\n"
@@ -1736,6 +1762,7 @@
"SingleDES=%s\n"
"SPPhonebook=\n"
"%s"
+ "InterfaceName=%s\n"
"X-NM-Use-NAT-T=%s\n"
"X-NM-Force-NAT-T=%s\n"
"X-NM-SaveGroupPassword=%s\n"
@@ -1752,6 +1779,7 @@
/* PeerTimeout */ peertimeout != NULL ? peertimeout : "0",
/* SingleDES */ singledes ? "1" : "0",
/* UseLegacyIKEPort */ (uselegacyikeport->len) ?
uselegacyikeport->str : "",
+ /* InterfaceName */ interfacename != NULL ? interfacename : "",
/* X-NM-Use-NAT-T */ use_natt ? "1" : "0",
/* X-NM-Force-NAT-T */ use_force_natt ? "1" : "0",
/* X-NM-SaveGroupPassword */ save_group_password ? "1" : "0",
diff -urN a/properties/nm-vpnc-dialog.ui b/properties/nm-vpnc-dialog.ui
--- a/properties/nm-vpnc-dialog.ui 2013-02-18 18:08:36.000000000 -0500
+++ b/properties/nm-vpnc-dialog.ui 2014-02-04 18:16:39.050497185 -0500
@@ -477,6 +477,36 @@
</packing>
</child>
<child>
+ <object class="GtkLabel" id="interface_name_label">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="xalign">0</property>
+ <property name="label" translatable="yes">Interface
name:</property>
+ <property name="use_underline">True</property>
+ <property
name="mnemonic_widget">interface_name_entry</property>
+ </object>
+ <packing>
+ <property name="top_attach">5</property>
+ <property name="bottom_attach">6</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkEntry" id="interface_name_entry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="invisible_char">•</property>
+ <property name="invisible_char_set">True</property>
+ <property name="tooltip_text"
translatable="yes">Visible name of the TUN/TAP interface
+config: Interface name <ASCII string></property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">5</property>
+ <property name="bottom_attach">6</property>
+ </packing>
+ </child>
+ <child>
<object class="GtkCheckButton"
id="disable_dpd_checkbutton">
<property name="label" translatable="yes">Disable Dead
_Peer Detection</property>
<property name="visible">True</property>
diff -urN a/src/nm-vpnc-service.c b/src/nm-vpnc-service.c
--- a/src/nm-vpnc-service.c 2013-09-13 12:07:19.000000000 -0400
+++ b/src/nm-vpnc-service.c 2014-02-04 18:17:40.494496102 -0500
@@ -97,6 +97,7 @@
{ NM_VPNC_KEY_NAT_TRAVERSAL_MODE, ITEM_TYPE_STRING, 0, 0 },
{ NM_VPNC_KEY_CISCO_UDP_ENCAPS_PORT, ITEM_TYPE_INT, 0, 65535 },
{ NM_VPNC_KEY_LOCAL_PORT, ITEM_TYPE_INT, 0, 65535 },
+ { NM_VPNC_KEY_INTERFACE_NAME, ITEM_TYPE_STRING, 0, 0 },
/* Hybrid Auth */
{ NM_VPNC_KEY_AUTHMODE, ITEM_TYPE_STRING, 0, 0 },
{ NM_VPNC_KEY_CA_FILE, ITEM_TYPE_PATH, 0, 0 },
diff -urN a/src/nm-vpnc-service.h b/src/nm-vpnc-service.h
--- a/src/nm-vpnc-service.h 2013-02-18 18:08:36.000000000 -0500
+++ b/src/nm-vpnc-service.h 2014-02-04 18:17:23.902496395 -0500
@@ -55,6 +55,7 @@
#define NM_VPNC_KEY_DPD_IDLE_TIMEOUT "DPD idle timeout (our side)"
#define NM_VPNC_KEY_CISCO_UDP_ENCAPS_PORT "Cisco UDP Encapsulation Port"
#define NM_VPNC_KEY_LOCAL_PORT "Local Port"
+#define NM_VPNC_KEY_INTERFACE_NAME "Interface name"
#define NM_VPNC_KEY_AUTHMODE "IKE Authmode"
#define NM_VPNC_KEY_CA_FILE "CA-File"
