Hi,
On Mon, May 16, 2016 at 10:44 AM, Chris Laif <chris.l...@googlemail.com>
wrote:
> Thanks Gert, I would be happy to a feature like that. Trac ticket is
> http://community.openvpn.net/openvpn/ticket/682
>
> I trust the remote VPN endpoint by sending pakets which are designated
> to go there. I do *not* trust the remote to set up my ip addresses and
> networks. Imagine if the remote site manages to re-route my local DMZ
> network to the remote side, which forces my local clients to connect
> to some 'evil' remote service (ok ok, the firewall has to allow this
> as well, but I've seen many many improper setups). Therefore I think
> it's not a very "special-case request' :)
>
This looks like a very useful feature that I went ahead and took a stab at
it. See PR #50 at
https://github.com/OpenVPN/openvpn/pull/50
It has undergone very limited testing, so may still have some wrinkles ---
options processing in OpenVPN is not something I fully understand. Hence
the PR and not a patch. Feedback most welcome.
I would have liked to allow some form of regex support (preferably POSIX
ERE) for such filters, but at least on Windows that would require an
external library.
Thanks,
Selva
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
