> > + if (network && !strcmp(network, "client-ip")) > + { > + msg (M_INFO, "*** client-nat client-ip detected..."); > + e.network = 0xFFFFFFFF; > + } else {
I am not sure that this message is useful. It does not provide any additional information to the user. Also please add a comment that you are using network 0xFFFFFFFF as special marker for client-ip. > e.network = getaddr(0, network, 0, &ok, NULL); > if (!ok) > { > msg(msglevel, "client-nat: bad network: %s", network); > return; > } > + } > + Whitespace change. > e.netmask = getaddr(0, netmask, 0, &ok, NULL); > if (!ok) > { > @@ -263,3 +270,34 @@ client_nat_transform (const struct > client_nat_option_list *list, > } > } > } > + > +/* > +* Replaces the client_ip token with the IP received from OpenVPN > +*/ > +bool > +update_client_ip_nat(struct client_nat_option_list *dest, in_addr_t > local_ip) > +{ > + int i; > + bool ret = false; > + > + if (!dest) > + return ret; > + > + for (i=0; i <= dest->n; i++) > + { > + struct client_nat_entry *nat_entry = &dest->entries[i]; > + if (nat_entry && nat_entry->network == 0xFFFFFFFF) > + { > + struct in_addr addr; > + > + nat_entry->network = ntohl(local_ip); > + addr.s_addr = nat_entry->network; > + char *dot_ip = inet_ntoa(addr); > + > + msg (M_INFO, "CNAT - Updating NAT table from client-ip to: > %s", dot_ip); > + ret = true; > + } > + } > + > + return ret; > +} > diff --git a/src/openvpn/clinat.h b/src/openvpn/clinat.h > old mode 100644 > new mode 100755 > index a5779e1..156e84c > --- a/src/openvpn/clinat.h > +++ b/src/openvpn/clinat.h > @@ -62,4 +62,6 @@ void client_nat_transform (const struct > client_nat_option_list *list, > struct buffer *ipbuf, > const int direction); > > +bool update_client_ip_nat(struct client_nat_option_list *dest, > in_addr_t local_ip); > + > #endif > diff --git a/src/openvpn/init.c b/src/openvpn/init.c > old mode 100644 > new mode 100755 > index c5c0ab6..f54bc14 > --- a/src/openvpn/init.c > +++ b/src/openvpn/init.c > @@ -1481,6 +1481,8 @@ do_open_tun (struct context *c) > c->c1.tuntap->post_open_mtu, > SET_MTU_TUN | SET_MTU_UPPER_BOUND); > > +update_client_ip_nat(c->options.client_nat, c->c1.tuntap->local); > + > ret = true; > static_context = c; > #ifndef TARGET_ANDROID > diff --git a/src/openvpn/options.c b/src/openvpn/options.c > old mode 100644 > new mode 100755 > index 2f8915d..c08e775 > --- a/src/openvpn/options.c > +++ b/src/openvpn/options.c > @@ -223,6 +223,7 @@ static const char usage_message[] = > "--redirect-private [flags]: Like --redirect-gateway, but omit > actually changing\n" > " the default gateway. Useful when pushing private > subnets.\n" > "--client-nat snat|dnat network netmask alias : on client add 1-to-1 > NAT rule.\n" > + " Set the network parameter to 'client-ip' to use > the received ip from OpenVPN Server.\n" > #ifdef ENABLE_PUSH_PEER_INFO > "--push-peer-info : (client only) push client info to server.\n" > #endif > -- > 1.7.9.5 > > > > ------------------------------------------------------------------------------ > > > > _______________________________________________ > Openvpn-devel mailing list > Openvpn-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-devel >