Merge pull request #9 from pchristos/vpn_protocol

OpenVPN underlying protocol

vpn-proxy/app/migrations/0005_tunnel_protocol.py

@@ -0,0 +1,20 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.9.7 on 2016-08-01 13:16
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('app', '0004_remove_forwarding_src_addr'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='tunnel',
+            name='protocol',
+            field=models.CharField(choices=[('udp', 'UDP'), ('tcp', 'TCP')], default='udp', max_length=3),
+        ),
+    ]

vpn-proxy/app/models.py

@@ -145,6 +145,8 @@ class Tunnel(BaseModel):
     client = models.GenericIPAddressField(protocol='IPv4',
                                           validators=[check_ip])
     key = models.TextField(default=gen_key, blank=False, unique=True)
+    protocol = models.CharField(max_length=3, default='udp', 
+                                choices=[('udp', 'UDP'), ('tcp', 'TCP')])
 
     @property
     def name(self):
@@ -182,6 +184,14 @@ def client_conf(self):
     def client_script(self):
         return get_client_script(self)
 
+    @property
+    def server_protocol(self):
+        return 'tcp-server' if self.protocol == 'tcp' else 'udp'
+
+    @property
+    def client_protocol(self):
+        return 'tcp-client' if self.protocol == 'tcp' else 'udp'
+
     def _enable(self):
         start_tunnel(self)
         for forwarding in self.forwarding_set.all():
@@ -200,6 +210,7 @@ def to_dict(self):
             'name': self.name,
             'server': self.server,
             'client': self.client,
+            'protocol': self.protocol,
             'port': self.port,
             'key': self.key,
             'active': self.active,

vpn-proxy/app/tunnels.py

@@ -228,7 +228,8 @@ def get_conf(tunnel):
                       'dev-type tun',
                       'port %s' % tunnel.port,
                       'ifconfig %s %s' % (tunnel.server, tunnel.client),
-                      'secret %s' % tunnel.key_path])
+                      'secret %s' % tunnel.key_path,
+                      'proto %s' % tunnel.server_protocol])
 
 
 def get_client_conf(tunnel):
@@ -237,7 +238,9 @@ def get_client_conf(tunnel):
                       'dev-type tun',
                       'port %s' % tunnel.port,
                       'ifconfig %s %s' % (tunnel.client, tunnel.server),
-                      'secret %s' % tunnel.key_path])
+                      'secret %s' % tunnel.key_path,
+                      'proto %s' % tunnel.client_protocol,
+                      'keepalive 10 120'])
 
 
 def get_client_script(tunnel):
@@ -257,7 +260,6 @@ def get_client_script(tunnel):
         echo "Could not find a package management tool"
         exit 1
     fi
-
 }
 
 if ! which openvpn > /dev/null; then
@@ -280,9 +282,9 @@ def get_client_script(tunnel):
 
 echo 1 > /proc/sys/net/ipv4/ip_forward
 
-ifaces=`ip link show | grep '^[0-9]*:' | awk '{print $2}' | sed 's/:$//'`
-eth_ifaces=`echo "$ifaces" | grep ^eth`
-for iface in $eth_ifaces; do
+ifaces=`ip link show | grep '^[0-9]*:' | awk '{print $2}' | sed 's/:$//' | \
+    grep -v ^lo$`
+for iface in $ifaces; do
     iptables -t nat -A POSTROUTING -o $iface -j MASQUERADE
 done
 """ % {'key_path': tunnel.key_path, 'conf_path': tunnel.conf_path,

vpn-proxy/app/views.py

@@ -32,6 +32,8 @@ def tunnels(request):
         client = choose_ip(cidrs, excluded_cidrs)
         params['client'] = client
         params['server'] = choose_ip(cidrs, excluded_cidrs, client_addr=client)
+        if 'proto' in request.POST:
+            params['protocol'] = request.POST['proto']
         tun = Tunnel(**params)
         tun.save()
         return JsonResponse(tun.to_dict())