Hi,
> > [*] Topology subnet uses ip, nework and netmask, while net30 passes in
> the
> > second IP of the /30 in network as "netmask". The two ioctls interprets
> > their parameters differently such that in the end only valid ARP packets
> > get a response from the driver !
>
> Is ARP still to be
Hi,
On 08/06/18 09:00, Selva Nair wrote:
> It works now though not thoroghly tested.
>
> I just noticed this change:
>
> diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
> index 8509d48..d183aea 100644
> --- a/src/openvpn/tun.c
> +++ b/src/openvpn/tun.c
> @@ -5718,7 +5718,10 @@ open_tun(const
Hi,
On Thu, Jun 7, 2018 at 1:29 PM Antonio Quartulli wrote:
> On 08/06/18 01:05, Selva Nair wrote:
> > Hi,
> >
> > On Thu, Jun 7, 2018 at 12:57 PM, Gert Doering
> wrote:
> >> Hi,
> >>
> >> On Thu, Jun 07, 2018 at 12:14:51PM -0400, Selva Nair wrote:
> >>> Note: All that said, I can't seem to conn
Hi,
On Thu, Jun 07, 2018 at 01:05:19PM -0400, Selva Nair wrote:
> It happens because the patch skips CONFIG_TUN ioctl when v4 address is
> not set. I think that skips some initialization steps. I had expected
> the patch to setup the driver using 0/0/0 as the addres/mask/net as we
> discussed earl
On 08/06/18 01:05, Selva Nair wrote:
> Hi,
>
> On Thu, Jun 7, 2018 at 12:57 PM, Gert Doering wrote:
>> Hi,
>>
>> On Thu, Jun 07, 2018 at 12:14:51PM -0400, Selva Nair wrote:
>>> Note: All that said, I can't seem to connect to the server via ipv6
>>> when there is no v4 address. tracert fails befor
Hi,
On Thu, Jun 7, 2018 at 12:57 PM, Gert Doering wrote:
> Hi,
>
> On Thu, Jun 07, 2018 at 12:14:51PM -0400, Selva Nair wrote:
>> Note: All that said, I can't seem to connect to the server via ipv6
>> when there is no v4 address. tracert fails before the first hop.
>> v6 does work when ifconfig i
Hi,
Failed to respond to some other points in the last reply:
>>
>> Did some quick tests and this seems to work quite well (but see the
>> note at the bottom):
>>
>> - v4 routes via tun just fail with a warning which is good (our route
>> errors not being FATAL pays off here)
>> - v4 routes via n
Hi,
On Thu, Jun 07, 2018 at 12:14:51PM -0400, Selva Nair wrote:
> Note: All that said, I can't seem to connect to the server via ipv6
> when there is no v4 address. tracert fails before the first hop.
> v6 does work when ifconfig is not filtered out.
This "should not happen".
v6 should work no
Hi,
>
>> Note: All that said, I can't seem to connect to the server via ipv6
>> when there is no v4 address. tracert fails before the first hop.
>> v6 does work when ifconfig is not filtered out.
>>
>> One difference from my earlier test using your previous
>> version with the minor change to allo
Hi Selva,
thanks for testing this branch again!
See below:
On 08/06/18 00:14, Selva Nair wrote:
> Hi,
>
> On Thu, Jun 7, 2018 at 1:51 AM, Antonio Quartulli wrote:
>>
>> Hi Selva,
>>
>> I have tried to account most of your comments, but something might still
>> be off. Building openvpn for Wind
Hi,
On Thu, Jun 7, 2018 at 1:51 AM, Antonio Quartulli wrote:
>
> Hi Selva,
>
> I have tried to account most of your comments, but something might still
> be off. Building openvpn for Windows might need some time here as I
> don't have the entire environment ready yet.
>
> Would you mind giving my
Hi Selva,
I have tried to account most of your comments, but something might still
be off. Building openvpn for Windows might need some time here as I
don't have the entire environment ready yet.
Would you mind giving my latest branch a try and let me know how it goes
with regards to your previou
Hi
On Wed, Jun 6, 2018 at 11:40 AM, Selva Nair wrote:
> Hi,
>
> On Wed, Jun 6, 2018 at 7:33 AM, Antonio Quartulli wrote:
>> Hi,
>>
>> On 06/06/18 04:30, Selva Nair wrote:
..
>>
>> I am not sure why you get those 2 routes. Do you have a more extensive
>> log to show? It may help clearing up some
Hi
On Wed, Jun 6, 2018 at 12:02 PM, Antonio Quartulli wrote:
> Hi,
>
> On 06/06/18 23:40, Selva Nair wrote:
>>> I am not sure why you get those 2 routes. Do you have a more extensive
>>> log to show? It may help clearing up some doubts.
>>
..
>>
>> - Require either a v4 or a v6 address must be s
Hi,
On Thu, Jun 07, 2018 at 12:02:44AM +0800, Antonio Quartulli wrote:
> > - Make sure v4 routes do not break a v6-only connection -- either
> > filter out and warn about v4 routes via the tun interface or just let
> > them fail with a warning but proceed with the rest of the tasks.
> > Setting v4
Hi,
On 06/06/18 23:40, Selva Nair wrote:
>> I am not sure why you get those 2 routes. Do you have a more extensive
>> log to show? It may help clearing up some doubts.
>
> Don't have access to those logs right now -- will post later.
>
> I had looked into it further and noticed that there was on
Hi,
On Wed, Jun 6, 2018 at 7:33 AM, Antonio Quartulli wrote:
> Hi,
>
> On 06/06/18 04:30, Selva Nair wrote:
However, even with !ipv4, redirect-gateway ipv6 appears to error out
-- it fails with
"TEST ROUTES: 0/2 succeeded len=1 ret=0 a=0 u/d=up
Route: Waiting for TUN/TAP
Hi,
On 06/06/18 04:30, Selva Nair wrote:
>>> However, even with !ipv4, redirect-gateway ipv6 appears to error out
>>> -- it fails with
>>>
>>> "TEST ROUTES: 0/2 succeeded len=1 ret=0 a=0 u/d=up
>>> Route: Waiting for TUN/TAP interface to come up..."
>>
>> Interesting. This is route.c, test_routes
Hi
On Tue, Jun 5, 2018 at 10:30 PM, Antonio Quartulli wrote:
> Hi,
>
> On 06/06/18 03:38, Selva Nair wrote:
>> Here is the diff of what I did for the Windows build run:
>>
>> diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
>> index 2e33880..75336a9 100644
>> --- a/src/openvpn/tun.c
>> +++ b/sr
Hi,
On 06/06/18 03:38, Selva Nair wrote:
> Here is the diff of what I did for the Windows build run:
>
> diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
> index 2e33880..75336a9 100644
> --- a/src/openvpn/tun.c
> +++ b/src/openvpn/tun.c
> @@ -5824,9 +5824,9 @@ open_tun(const char *dev, const c
Hi,
On 06/06/18 03:59, Gert Doering wrote:
[cut]
>> Here is the diff of what I did for the Windows build run:
>>
>> diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
>> index 2e33880..75336a9 100644
>> --- a/src/openvpn/tun.c
>> +++ b/src/openvpn/tun.c
>> @@ -5824,9 +5824,9 @@ open_tun(const char
Hi,
On Tue, Jun 5, 2018 at 3:59 PM, Gert Doering wrote:
> Hi,
>
> On Tue, Jun 05, 2018 at 03:38:44PM -0400, Selva Nair wrote:
>> FWIW, I did a quick test --- looking into tap-windows sources it seems
>> the address is used only for ARP so passing some random address to the
>> ioctl looks ok (?).
Hi,
On Tue, Jun 05, 2018 at 03:38:44PM -0400, Selva Nair wrote:
> FWIW, I did a quick test --- looking into tap-windows sources it seems
> the address is used only for ARP so passing some random address to the
> ioctl looks ok (?).
Not sure about that. For ARP spoofing, it should use the route-g
Hi,
On Tue, Jun 5, 2018 at 2:53 PM, Gert Doering wrote:
> Hi,
>
> On Tue, Jun 05, 2018 at 01:30:35PM -0400, Selva Nair wrote:
>> How to work around that depends on what the tap driver expects in the
>> v4 address. Ideally, we should patch the driver to work without a V4
>> address...
>
> Samuli's
Hi,
On Tue, Jun 05, 2018 at 01:30:35PM -0400, Selva Nair wrote:
> How to work around that depends on what the tap driver expects in the
> v4 address. Ideally, we should patch the driver to work without a V4
> address...
Samuli's build/test rig seems to be close to finished, so now is the
time to
Hi,
On Wed, Jun 06, 2018 at 12:22:31AM +0800, Antonio Quartulli wrote:
> Why is it !ipv6 by default in the first place?
>
> I'd rather keep default behaviours as they are now, to avoid messing up
> the user experience.
>
> However, I also understand that if there is no IPv4 and gateway-redirect
Hi,
On Tue, Jun 5, 2018 at 12:22 PM, Antonio Quartulli wrote:
> Hi,
>
> On 05/06/18 23:54, Selva Nair wrote:
> [cut]
>>> ACK on the feature, but NAK on "we can do this more nicely" reasons :-)
>>>
>>> First, I'd leave off the bits about "this can be useful" of the commit
>>> message - because tha
Hi,
On 05/06/18 23:54, Selva Nair wrote:
[cut]
>> ACK on the feature, but NAK on "we can do this more nicely" reasons :-)
>>
>> First, I'd leave off the bits about "this can be useful" of the commit
>> message - because that's not the point of this patch, you can *ignore*
>> the settings already t
Hi,
On Tue, Jun 5, 2018 at 10:36 AM, Gert Doering wrote:
>
> Hi,
>
> Prelimiaries: I think this whole series should only go to 2.5, as it
> has the potential to be fairly intrusive and uncover hidden bugs - I've
> discussed this with Antonio already (and we're in agreement) but for
> the sake of
Hi,
Prelimiaries: I think this whole series should only go to 2.5, as it
has the potential to be fairly intrusive and uncover hidden bugs - I've
discussed this with Antonio already (and we're in agreement) but for
the sake of the list.
On Tue, Jun 05, 2018 at 05:04:17PM +0800, Antonio Quartulli
From: Antonio Quartulli
This change ensures that an interface is properly brought
up even when only IPv6 settings are configured.
This can be useful on a client that wants to ignore the IPv4
settings pushed by the server and configure only IPv6.
To achieve the above, a client can use
`pull-filte
31 matches
Mail list logo
