commit 611fcbc48 joined the two distinct calls for "add ipv6 address
to tap interface" and "set MTU" for Solaris - but due to peculiarities
on how this platform handles IPv6 addresses ("ifconfig addif" creates
a new "tap0:1" subinterface with the new address - which does not have
a distinct MTU) th
The "route add" code always used "metric 0" on OpenSolaris, because
(on tun interfaces) it was required to make the route work on
"non-ethernet" interfaces (connected, no NDP).
This breaks routes via tap interfaces on recent Solaris versions
(tested on OpenIndiana 2019) - there, routes only work i
Acked-by: Gert Doering
I do not have any idea about MSVC or project files, but this looks like
a trivial extrapolation of "what is there". And if you say it's needed, fine.
Your patch has been applied to the master branch.
commit a933d21a902adfaa3893bd0f6097a1696d5ccf69
Author: Lev Stipakov
Da
Acked-by: Gert Doering
Arne has already ACKed the first one, but this is more in line with
what we've done in "more recent code" - and also thanks for changing
the other occurrence.
"Stared at code" and lightly tested on Linux and FreeBSD.
Your patch has been applied to the master branch.
comm
Hi,
On 09/10/2019 11:51, Gert Doering wrote:
> commit 611fcbc48 joined the two distinct calls for "add ipv6 address
> to tap interface" and "set MTU" for Solaris - but due to peculiarities
> on how this platform handles IPv6 addresses ("ifconfig addif" creates
> a new "tap0:1" subinterface with th
Hi,
On 09/10/2019 11:52, Gert Doering wrote:
> The "route add" code always used "metric 0" on OpenSolaris, because
> (on tun interfaces) it was required to make the route work on
> "non-ethernet" interfaces (connected, no NDP).
>
> This breaks routes via tap interfaces on recent Solaris versions
On 09/10/2019 13:07, Antonio Quartulli wrote:
> Thanks for fixing my change.
> The patch makes sense as it simply restores the original flow.
note: this fix affects SOLARIS specific code only.
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
__
Your patch has been applied to the master branch.
commit cc132d695609973d80b2edbc4cc654d95d72dde7
Author: Gert Doering
Date: Wed Oct 9 11:51:59 2019 +0200
repair tap mode on OpenSolaris/OpenIndiana
Signed-off-by: Gert Doering
Acked-by: Antonio Quartulli
Message-Id: <20191
Your patch has been applied to the master branch.
commit 01b3a48c29df6dc4bade3d8fb7903346a3f77887
Author: Gert Doering
Date: Wed Oct 9 11:52:00 2019 +0200
Fix IPv6 routes on tap interfaces on OpenSolaris/OpenIndiana
Signed-off-by: Gert Doering
Acked-by: Antonio Quartulli
t_client.sh relies on "echo -e" and "echo -n" to produce nicely
looking output, which fails on Solaris /bin/sh - force SHELL=/bin/bash
on recent-enough Solaris variants that have it.
Signed-off-by: Gert Doering
---
configure.ac | 1 +
1 file changed, 1 insertion(+)
diff --git a/configure.ac b/c
>t_client.sh relies on "echo -e" and "echo -n" to produce nicely
>looking output, which fails on Solaris /bin/sh - force SHELL=/bin/bash
>on recent-enough Solaris variants that have it.
Where recent is "Solaris 8 or later"
I.e., just under 20 years old. :-)
Can't tell how which version of bas
Extend is_ipv_X() routine by properly parsing 802.1q frame rather than
dropping them.
This change is required in order to allow OpenVPN to accept VLAN tagged
frames, which otherwise would be dropped when trying to access the inner
IP header.
While at it, slightly fix the function style.
Signed-o
When receiving a packet from a client, the associated maddr needs to
carry also the VID associated with that client. This way the VID can be
appended to the packet later, if needed.
This patch adds support for exporting the VID from the client context to
the related per-packet maddr object.
Signe
By building on top of the VLAN basic support, allow the user to configure
the server in VLAN_TAGGED-only mode. This way, only packets that reach
the TAP interface with an 802.1Q header are considered for forwarding -
untagged packets are all dropped.
A VLAN-tagged packet is then treated like any o
This changes allows the user to configure the server TAP interface to
forward both VLAN tagged and untagged packets (i.e. vlan_accept == VLAN_ALL).
Untagged packets are marked with the VID configured in the server
configuration file, while tagged packets will keep their header as it
is.
Forwardin
This patchset is the restyled, adjusted and (partly) re-worked version
of the patchset that can be found in this GitHub PR
https://github.com/OpenVPN/openvpn/pull/76
originally authored by Fabian Knittel.
The status of this new patchset is tracked here:
https://community.openvpn.net/openvpn/ticket
Signed-off-by: Antonio Quartulli
---
src/openvpn/mroute.c | 20
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/src/openvpn/mroute.c b/src/openvpn/mroute.c
index db8c9876..c52ef7b1 100644
--- a/src/openvpn/mroute.c
+++ b/src/openvpn/mroute.c
@@ -247,6 +247,16 @
With this change, client-to-client communications are possible only if
clients were configured with the same PVID.
At the same time also broadcast packets are now forwarded only to hosts
belonging to the originator VLAN.
Signed-off-by: Fabian Knittel
Signed-off-by: Antonio Quartulli
---
src/op
To handle VLANs a whole lot of code has been introduced.
However, there are a number of users who may not need this feature and
would rather preserve disk space.
Implement a configure knob (--disable-vlan-tagging) to conditionally
take the entire VLAN code out.
This patch introduces the condition
This patch introduces basic support for VLAN tagging on the server side.
The introduced functionality consists in allowing the user to assign
a VID to the server TAP device and a VID to each client port.
Client specific VID are assigned by means of files in CCD (like for
other client specific sett
This patch adds documentation for all the VLAN related knobs.
Signed-off-by: Fabian Knittel
Signed-off-by: Antonio Quartulli
---
doc/openvpn.8 | 99 ++-
1 file changed, 98 insertions(+), 1 deletion(-)
diff --git a/doc/openvpn.8 b/doc/openvpn.8
in
Acked-by: Gert Doering
This is one of the easy ones, and very "obviously correct". Client side
tested on Linux and FreeBSD with t_client / TAP tests (which do not really
excercise this code, unfortunately, but my test server is still down).
While I do prefer memcpy()'s using "sizeof(dest)" to "
22 matches
Mail list logo
