On 11/10/16 20:39, David Sommerseth wrote: > On 11/10/16 17:42, debbie10t wrote: > [...snip...] >> That reads to me as: >> ovpn-2.3.2 forwards the packet with the source IP of the client ! >> >> That is why I was more than usually curious .. >> Is it likely that ovpn-2.3.2 did port-sharing incorrectly ? >> >> (I understand 2.3.2 is a long time ago but possibly a Dev remembers >> something useful here) > > JJK is right. --port-share is by design acting as a proxy. It is not > designed to be a transparent proxy (meaning that the source IP address > is preserved when connecting to the backend web server). > > IIRC, the --port-share feature does also not add any HTTP headers > (X-Forwarded-For), as that would mean it would OpenVPN would need to > decrypt https connections, add the HTTP header and encrypt it again. > Meaning OpenVPN would be a MITM. So OpenVPN just forwards all > non-OpenVPN packets to the configured host and port. > >
Thanks David, As I said, my curiosity was more toward the OPs claim that ovpn 2.3.2 behaves differently to ovpn 2.3.10 regarding --port-share. I have copied JJK's responses to the forum and asked the OP if they can provide some details showing the claim. Regards ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
