Comments (8)
So if init_tun()
is called with strict_warn == true
then we warn when the second argument doesn't look like a netmask.
from openvpn.
But the problem with that check is that it actually uses topology to detect whether we're in P2P mode:
bool
is_tun_p2p(const struct tuntap *tt)
{
bool tun = false;
if (tt->type == DEV_TYPE_TAP
|| (tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET)
|| tt->type == DEV_TYPE_NULL)
{
tun = false;
}
else if (tt->type == DEV_TYPE_TUN)
{
tun = true;
}
else
{
msg(M_FATAL, "Error: problem with tun vs. tap setting"); /* JYFIXME -- needs to be caught earlier, in ini\
t_tun? */
}
return tun;
}
So by changing the default we probably broke this check.
from openvpn.
Nevermind, in current master we do not actually use is_tun_p2p
. This is only added by my patch https://gerrit.openvpn.net/c/openvpn/+/380. Master uses tt->type == DEV_TYPE_TUN
which is just not correct, so the wrong checks are done probably.
from openvpn.
Changing the default only for --server
would probably look something like this:
- Change default to
TOP_UNDEF
instead ofTOP_SUBNET
- In
helper_client_server
check whether topology is stillTOP_UNDEF
, if yes change toTOP_SUBNET
- After
helper_client_server
set topology toTOP_NET30
if it is stillTOP_UNDEF
from openvpn.
After
helper_client_server
set topology toTOP_NET30
if it is stillTOP_UNDEF
honestly this feels a bit hacky: i.e. using what we have in a dirty way to properly achieve what we need.
How about explicitly adding a TOP_P2P ? after all this is not NET30, but it's a truly different way of assigning the IPs (local+remote vs /30).
This way we can then explicitly check if topology == TOP_P2P and act accordingly.
from openvpn.
As discussed on IRC: There is already a TOP_P2P
which does something slightly different again, although most of the code treats it as alias for TOP_NET30
.
from openvpn.
So the topology
default has been taken care of, but the other aspect of passing on -1
as netbits after parsing is still not really helpful error handling.
from openvpn.
So the
topology
default has been taken care of, but the other aspect of passing on-1
as netbits after parsing is still not really helpful error handling.
@cron2 Please take a look at https://gerrit.openvpn.net/c/openvpn/+/380, my earlier comments seem to indicate that it should improve that part.
from openvpn.
Related Issues (20)
- Dynamic split tunnelling with DNS subdomains
- [OpenVPN] Google authenticator authentication error inquiry HOT 3
- Split public ip HOT 1
- infinity connection HOT 2
- Help, please. View the network interface on the client on MacOS.
- Error messages being uninformative HOT 9
- Open vpn HOT 1
- [bug]The username of openvpn fails to be obtained HOT 2
- Inconsistent handling of CFLAGS/LIBS for libcap-ng and libgen-nl HOT 4
- Fall-through vs fast-fail plugin execution
- Hi i cant download it from the website due of my region restriction . can i have the direct link here pls ? HOT 1
- release 2.6.12 doesn't have openvpn.sln file HOT 5
- client-disconnect trigger delay? HOT 4
- `block-ipv6` or `redirect-gateway ipv6` should not block local router advertisement (icmpv6) HOT 4
- OpenVPN stopped working, no error messages HOT 2
- How do I exit a client in windows elegantly and securely? HOT 3
- topology p2p on Windows client with wintun driver HOT 8
- There is OPENVPN connect, but there is no Internet. HOT 2
- Dependency Dashboard self-hosted
- in-place-upgrade OpenVPN from v2.6.7 to v2.6.12 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openvpn.