missed to cc: the list
Hi,
On Wed, May 18, 2016 at 2:53 PM, debbie10t <debbie...@gmail.com> wrote:
> On 16/05/16 19:59, Gert Doering wrote:
> > Hi,
> >
> > On Sun, May 08, 2016 at 02:25:42PM -0400, Doug Lytle wrote:
> >> Gert Doering wrote:
> >>> These bits are not yet "interactive-service'ified".
> >>>
> >>> Patch is sitting in my review queue (*sigh*), so "in the course of the
> >>> next few weeks" you should see this pop up in the master snapshots.
> >> Thanks for the update
> > Here we go - "next few weeks" was quicker than I thought - the patch
> > has been merged today, and is in the latest release on
> >
> > http://build.openvpn.net/downloads/snapshots/
> >
> > namely
> >
> >
> http://build.openvpn.net/downloads/snapshots/openvpn-install-master-20160516184848-970312f185-x86_64.exe
> >
> http://build.openvpn.net/downloads/snapshots/openvpn-install-master-20160516184848-970312f185-i686.exe
> >
> >
> > I would be very interested in hearing whether it works correctly now,
> > that is, DNS is properly flushed, and no errors seen in the log.
> >
> I was curious about this .. it tested out and everything appeared to
> work except
> the service did not reply to the request to flush dns. When I tested by
> command
> line (interactive service stopped) there was an unknown *ipconfig* error.
> pings across the tunnel all worked fine .. details below
>
>
Thanks for testing.
>
> Client log using interactive service:
>
> Mon May 18 17:38:11 2016 us=375555 Blocking outside DNS
> Mon May 18 17:38:11 2016 us=375555 Using service to add block dns filters
> Mon May 18 17:38:11 2016 us=391142 Blocking outside dns using service
> succeeded.
> Mon May 18 17:38:16 2016 us=213522 TEST ROUTES: 1/1 succeeded len=1
> ret=1 a=0 u/d=up
> Mon May 18 17:38:16 2016 us=213522 MANAGEMENT:
> >STATE:1463416696,ADD_ROUTES,,,,,,
> Mon May 18 17:38:16 2016 us=213522 C:\WINDOWS\system32\route.exe ADD
> 10.x.x.x MASK 255.255.255.0 10.x.x.x
> Mon May 18 17:38:16 2016 us=213522 Route addition via service succeeded
> Mon May 18 17:38:16 2016 us=213522 Initialization Sequence Completed
>
> Mon May 18 17:38:16 2016 us=213522 Register_dns request sent to the
> service
>
That means the service received the request and will execute them silently
:-) . The dnscache restart, dns flush and register-dns are executed by
interactive service asynchronously (as it takes some time) and currently we
do not have a way for the service to report back to openvpn at the end of
such operations. However, it will log those actions in the windows event
log. Also output of "ipconfig /displaydns" soon after the flush should show
an empty or a freshly-populated list of cached entries.
Client log from admin command line:
> Mon May 18 17:53:34 2016 us=119659 Blocking outside DNS
> Mon May 18 17:53:34 2016 us=119659 Block_DNS: WFP engine opened
> Mon May 18 17:53:34 2016 us=135285 Block_DNS: Added permit filters for
> exe_path
> Mon May 18 17:53:34 2016 us=135285 Block_DNS: Added block filters for all
> Mon May 18 17:53:34 2016 us=150906 Block_DNS: Added permit filters for
> TAP interface
> Mon May 18 17:53:39 2016 us=807410 TEST ROUTES: 1/1 succeeded len=1
> ret=1 a=0 u/d=up
> Mon May 18 17:53:39 2016 us=807410 C:\WINDOWS\system32\route.exe ADD
> 10.x.x.x MASK 255.255.255.0 10.x.x.x
> Mon May 18 17:53:39 2016 us=807410 ROUTE: CreateIpForwardEntry succeeded
> with dwForwardMetric1=20 and dwForwardType=4
> Mon May 18 17:53:39 2016 us=807410 Route addition via IPAPI succeeded
> [adaptive]
> Mon May 18 17:53:39 2016 us=807410 Initialization Sequence Completed
> Mon May 18 17:53:39 2016 Start net commands...
> Mon May 18 17:53:39 2016 C:\WINDOWS\system32\net.exe stop dnscache
> Mon May 18 17:53:47 2016 C:\WINDOWS\system32\net.exe start dnscache
> Mon May 18 17:53:47 2016 ERROR: Windows ipconfig command failed:
> returned error code 2
>
That message is misleading (a common error string used for all those four
commands) --- it most likely refers to the net.exe command just above it,
but not sure why that one failed. It may be useful to check the status of
the dnscache service when this happens.
> Mon May 18 17:53:47 2016 C:\WINDOWS\system32\ipconfig.exe /flushdns
> Mon May 18 17:53:47 2016 C:\WINDOWS\system32\ipconfig.exe /registerdns
> Mon May 18 17:53:50 2016 End net commands...
Selva
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
