Florian Weimer wrote:
>>Here's a hack of a patch which puts nice TOS bits on TCP ACK packets.
>>This allows you to use pf or another firewall to prioritize the
>>resulting openvpn traffic in the way you normally do over asynchronous
>>connections.
>
> I think you have to make those TOS values conf
James Yonan wrote:
> On Fri, 25 Nov 2005, Nielsen wrote:
>>As it is openvpn has no way to allow the kernel to dynamically choose
>>a source port for it's connections. If you have two openvpn client
>>processes on the same machine both you have to configure lport to
>&g
this in openvpn. Just figured someone else out
there might have run into the same problems.
Cheers,
Nate Nielsen
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDhqUue/sRCNknZa8RAoD
s you to specify '--lport 0'
and get the behaviour of normal programs, where the source port is
dynamically chosen.
Not sure if this is an issue for others, but here's the patch in
case anyone has run into the same issue.
Cheers,
Nate Nielsen
-BEGIN PGP SIGNATURE-
Versio
The attached patch makes the --pass-tos option work on FreeBSD. If
included in OpenVPN a configure test would probably be necessary.
This is one of several things we modified in OpenVPN while evaluating it
for deployment. Thought I'd share the fixes.
Cheers,
Nate Nielsen
diff -U3 ../openvp
Ian Berry wrote:
> I ran into this exact situation. Based on my knowledge of how OpenVPN
> operates in "server mode", I figured that it would require a significant
> change to allow this. As a workaround, I run OpenVPN in "inetd mode",
> which forces a new openvpn process for each client and theref
