Koozali.org: home of the SME Server
Obsolete Releases => SME 7.x Contribs => Topic started by: timn on March 08, 2009, 01:33:35 PM
-
Before I start posting bugs, was this intended to be released with all the other updates this week? It removed my previous version of smeserver-openvpn-bridge-fws and is a significant change to the way it functions. There appears to be no documentation in the wiki, I had to install PHPKi manually and not as a dependency, and it doesn't seem to work 'out of the box'.
I did a yum update via putty on Friday night and it was included with all the other updates. Version is smeserver-openvpn-bridge.noarch 2.0-16.el4.sme. It wasn't in the list of updates shown by server-manager
-
I have tried it before and it didn't work for me. I went back to routing mode.
-
Although stuntshell had many problems with this contribs, I had good results so far.
This new version seems to be a big change. On my way to bug report...
The contribs ask for this:
db configuration setprop bridge status enabled
But "bridge" is not known.
-
I have tried it before and it didn't work for me.
Did you post a bug report?
-
Did you post a bug report?
No, they were still beta.
I think they still are ;)
-
Bug 5060 has been added to the database
-
No, they were still beta.
I'm sure I updated from smecontribs and not smetests
-
I'm sure I updated from smecontribs and not smetests
I seriously doubt that AFAIK it is not in smeupdates (http://distro.ibiblio.org/pub/linux/distributions/smeserver/releases/7/smecontribs/i386/repodata/) nor have any packages have been pushed to SME Contribs since Jan 03.
Be sure to check you repository settings. Are you sure you did not accidentally have enabled smetest (temporarily)? What is the output of:
db yum_repositories getprop smetest status
-
[root@ca-fichiers ~]# db yum_repositories getprop smetest status
disabled
It is here:
http://distro.ibiblio.org/pub/linux/distributions/smeserver/releases/7/smecontribs/i386/RPMS/smeserver-openvpn-bridge-2.0-16.el4.sme.noarch.rpm
instead of smeserver-openvpn-bridge-fws-1.1-2.noarch.rpm
03-Mar-2009 17:19 54K
There was a name change
from smeserver-openvpn-bridge-fws
to smeserver-openvpn-bridge
-
No, they were still beta.
What do you think 'beta' is for, if not for people to try and report any bugs they find?
-
What do you think 'beta' is for, if not for people to try and report any bugs they find?
AFAIK beta products do not belong in SME Contribs as it is, as stated by soprom. I guess some one pushed this package (too early).
-
stuntshell refered to a beta version.
Also:
The name change might be confusing since ther is an other openvpn contrib (for routing). This contrib is for bridging.
-
The rpm execute this script:
/sbin/e-smith/db configuration setprop [b]openvpn-bridge[/b] status disabled
sv d /service/openvpn-bridge
and it does not match the info on the server-manager:
db configuration setprop [b]bridge [/b]status enabled
/etc/init.d/bridge start
It appears the server-manager message is partly wrong.
I also installed "phpki" to manage to keys.
-
Hi everyone.
The new version of the contrib smeserver-openvpn-bridge works, but the problem is that there are so many changes between the previous one and this one, that it cannot work just out of the box. In fact, the update has been pushed in smecontribs repo by error. The problem is now corrected and it has been remove from smecontribs to go in smetest repo so automatic upgrades won't causes problems. I just need some time to write the documentation and the upgrade procedure, as soon at it'll be ready, I'll move back the contrib to smecontribs repo.
Sorry for the inconveniance, just let me some time to write the documentation and you'll be able to use the latest and greatest version of the contrib.
Cheers, Daniel
-
What do you think 'beta' is for, if not for people to try and report any bugs they find?
Yes, and that's why I'm calling it beta, because it's not ready, And it's why it shouldn't be among the updates.
-
Hi everyone.
The new version of the contrib smeserver-openvpn-bridge works, but the problem is that there are so many changes between the previous one and this one, that it cannot work just out of the box. In fact, the update has been pushed in smecontribs repo by error. The problem is now corrected and it has been remove from smecontribs to go in smetest repo so automatic upgrades won't causes problems. I just need some time to write the documentation and the upgrade procedure, as soon at it'll be ready, I'll move back the contrib to smecontribs repo.
Sorry for the inconveniance, just let me some time to write the documentation and you'll be able to use the latest and greatest version of the contrib.
Cheers, Daniel
Thanks Daniel,
Let me know when it's ready to be tested.
Meanwhile, I'll be using in routed mode.
Cheers,
-
Ok, thanks Daniel for your work. I appreciate it.
From what I've seen in the new version I wish you'd keep/add some parameters in the manager panel:
- with or without password authentification
- change port to something else
- add "explicit-exit-notify 2" in the .ovpn (might be covered with the options)
- add "--port-share" option for using tcp/443 for tunneling
I hope to be testing this soon!
-
Ok, thanks Daniel for your work. I appreciate it.
From what I've seen in the new version I wish you'd keep/add some parameters in the manager panel:
- with or without password authentification
This is still possible. But now, there's only two authentication method: certificate+login/password and certificate only
- change port to something else
This option has been removed from the panel (in fact, I tried to make it simpler), but can still be changed with the key in the db
- add "explicit-exit-notify 2" in the .ovpn (might be covered with the options)
It's not present for now, but not a bad idea. I'll do some test and may add this in a futur release
- add "--port-share" option for using tcp/443 for tunneling
Of course I've allready think about this as it would make the VPN accessible from anywhere. But it's not implemented for now for several reason:
- port-share is only available since openvpn 2.1 which isn't stable yet
- it'll require a lot of tweaks as it'll need to modify apache configuration to listen on another port.
-
but can still be changed with the key in the db
Thanks for your comments.
Limiting configuration to the db is probably a tough decision for developers. I understand that balancing usability and functionality is time consuming. But the idea is, for us users, to manage the server from the server-manager. Every time we have to go to the CLI, we are getting away from this concept.
But don't take me wrong, I appreciate your contribs and the ones from others, and I work a lot from the CLI. But the server-manager is a great asset...
-
I've started the documentaion on the wiki. It's available here: http://wiki.contribs.org/OpenVPN_Bridge (http://wiki.contribs.org/OpenVPN_Bridge)
It's not finished, but it's a good starting point.
-
From my observations trying to remove smeserver-bridge-interface by using yum doesn't work. The server locks and outputs to the screen a message like :
"Unregistered netdevice ... count 1".
I have succeeded uninstalling it by setting first the status of the bridge service as disabled and issuing a signal-event post-upgrade; signal-event reboot. Then the yum remove command worked ok.
-
From my observations trying to remove smeserver-bridge-interface by using yum doesn't work. The server locks and outputs to the screen a message like :
"Unregistered netdevice ... count 1".
I have succeeded uninstalling it by setting first the status of the bridge service as disabled and issuing a signal-event post-upgrade; signal-event reboot. Then the yum remove command worked ok.
That didn't help me :(
I opened a new bug http://bugs.contribs.org/show_bug.cgi?id=5143
-
The problem was a typo in the wiki page, it's now updated. I've closed the bug report, please re-open it if the problem still occures.
Thanks.
-
Hi,
Thank you for the fast reply.
This has fixed the problem, but a signal-event post-upgrade, signal-event reboot is required to get the physical interfaces back.
Mercy,