On 11/10/16 17:42, debbie10t wrote: [...snip...] > That reads to me as: > ovpn-2.3.2 forwards the packet with the source IP of the client ! > > That is why I was more than usually curious .. > Is it likely that ovpn-2.3.2 did port-sharing incorrectly ? > > (I understand 2.3.2 is a long time ago but possibly a Dev remembers > something useful here)
JJK is right. --port-share is by design acting as a proxy. It is not designed to be a transparent proxy (meaning that the source IP address is preserved when connecting to the backend web server). IIRC, the --port-share feature does also not add any HTTP headers (X-Forwarded-For), as that would mean it would OpenVPN would need to decrypt https connections, add the HTTP header and encrypt it again. Meaning OpenVPN would be a MITM. So OpenVPN just forwards all non-OpenVPN packets to the configured host and port. -- kind regards, David Sommerseth ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
