Anno domini 2016 Gert Doering scripsit:
Hi Gert, *
> On Sun, Oct 30, 2016 at 02:48:25PM +0100, Maximilian Wilhelm wrote:
> > Can I motivate anyone on commenting on or applying this? :)
>
> You're keeping me busy on multiple fronts :-9 - and since this is networking,
> it&
Anno domini 2017 Arne Schwabe scripsit:
> A quick from me.
Cool, thanks.
> > diff --git a/src/openvpn/init.c b/src/openvpn/init.c
> > index 73f8c6d..57b1423 100644
> > --- a/src/openvpn/init.c
> > +++ b/src/openvpn/init.c
> > @@ -2856,7 +2856,8 @@ do_init_socket_1 (struct context *c, const int m
Anno domini 2017 Maximilian Wilhelm scripsit:
Hi,
for the record:
I've updated the PR on github and addressed the issues raised here before.
-> https://github.com/OpenVPN/openvpn/pull/65#issuecomment-330715591
The point remaining is the support for FreeBSD:
[...]
> > > + i
Anno domini 2015 Jan Just Keijser scripsit:
Hi,
> > OpenVPN history confuses me :-) - right now, I am wondering about the
> > following:
> >
> > - if we call ifconfig to set up the tun device, and that fails, we
> > consider it a hard error (openvpn_exec_check(..., S_FATAL, ...) and
> >
Hi,
I'm rolling out Linux VRFs[0] in my network and pushed all my external
connections in a VRF, so nothing bad[tm] can happen.
Doing so broke my OpenVPN connections between network nodes, as I kind
of expected.
I tried using the --bind option to let OpenVPN bind to the external IP
for make a co
Anno domini 2016 Maximilian Wilhelm scripsit:
Hi again,
> I'm rolling out Linux VRFs[0] in my network and pushed all my external
> connections in a VRF, so nothing bad[tm] can happen.
>
> Doing so broke my OpenVPN connections between network nodes, as I kind
> of expected
Anno domini 2016 Maximilian Wilhelm scripsit:
> Anno domini 2016 Maximilian Wilhelm scripsit:
>
> Hi again,
>
> > I'm rolling out Linux VRFs[0] in my network and pushed all my external
> > connections in a VRF, so nothing bad[tm] can happen.
> >
> &
Hi!
This is an initial attempt to let OpenVPN 2.1 write a wtmp log of all
connections including the username, it's VPN IP and the real remote IP
the user connected from.
This provides an OpenVPN admin with a simple database of all connections
of his VPN servers and the possibility to easily see
Signed-off-by: Maximilian Wilhelm
---
Makefile.am |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 36e2cf9..6384857 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -94,7 +94,8 @@ openvpn_SOURCES = \
status.c status.h
Signed-off-by: Maximilian Wilhelm
---
multi.c | 10 +++---
1 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/multi.c b/multi.c
index 2c23a44..5d8c80e 100644
--- a/multi.c
+++ b/multi.c
@@ -462,7 +462,9 @@ multi_close_instance (struct multi_context *m,
dmsg (D_MULTI_DEBUG
--log-wtmp server_id [file] : Enable logging to wtmp file using the two digit
server_id a prefix for the utmp line. Optionally you can
write
to an own wtmp file. (Default is /var/log/ovpnwtmp.
---
options.c | 31 +++
options.
Signed-off-by: Maximilian Wilhelm
---
multi.c | 16
1 files changed, 16 insertions(+), 0 deletions(-)
diff --git a/multi.c b/multi.c
index fa924f1..2c23a44 100644
--- a/multi.c
+++ b/multi.c
@@ -42,6 +42,10 @@
#include "forward-inline.h"
+#ifdef ENABLE_WTMP
aschine write to the same wtmp file and you are still able to distinguish
which instance created which entry.
Signed-off-by: Maximilian Wilhelm
---
wtmp.c | 14 +-
1 files changed, 5 insertions(+), 9 deletions(-)
diff --git a/wtmp.c b/wtmp.c
index 3887220..50dd5f9 100644
--- a
Signed-off-by: Maximilian Wilhelm
---
wtmp.c | 333
wtmp.h | 27 +
2 files changed, 360 insertions(+), 0 deletions(-)
create mode 100644 wtmp.c
create mode 100644 wtmp.h
diff --git a/wtmp.c b/wtmp.c
new file mode 100644
the names specified in the
configuration.
Signed-off-by: Maximilian Wilhelm
---
multi.c |2 +-
options.c |3 ++-
wtmp.c| 13 +
wtmp.h|2 +-
4 files changed, 13 insertions(+), 7 deletions(-)
diff --git a/multi.c b/multi.c
index 5d8c80e..1453399 100644
--- a
t the point wtmp_init() is called.)
Signed-off-by: Maximilian Wilhelm
---
wtmp.c | 47 +++
1 files changed, 43 insertions(+), 4 deletions(-)
diff --git a/wtmp.c b/wtmp.c
index 50dd5f9..374cf53 100644
--- a/wtmp.c
+++ b/wtmp.c
@@ -12,14 +12,16 @@
#define
Am Monday, den 3 September hub Maximilian Wilhelm folgendes in die Tasten:
Hi!
> This is an initial attempt to let OpenVPN 2.1 write a wtmp log of all
> connections including the username, it's VPN IP and the real remote IP
> the user connected from.
[...]
Is nobody interested
Hi!
This little patch fixes a silly bug in init_ssl() in ssl.c where
options->ca_file is accessed without prior check if it's not NULL.
The bug was introduced in revision 784.
Ciao
Max
--
Follow the white penguin.
diff --git a/ssl.c b/ssl.c
index 85e9c6f..868edc2 100644
--- a/ssl.c
+++
100644
index 000..1c1a0af
--- /dev/null
+++ b/wtmp.c
@@ -0,0 +1,397 @@
+/*
+ * OpenVPN wtmp support
+ *
+ * (C) 2007 Maximilian Wilhelm
+ * (C) 2007 Jan-Benedict Glaw
+ *
+ */
+
+#include "config.h"
+#include "syshead.h"
+
+#ifdef ENABLE_WTMP
+
+#define _GNU_SOURCE
+
+#in
Am Friday, den 12 October hub Maximilian Wilhelm folgendes in die Tasten:
Hi!
What about this patch?
I think it should be included in the next -rc as it fixes a crash.
> This little patch fixes a silly bug in init_ssl() in ssl.c where
> options->ca_file is accessed without prior chec
Hi!
While watching the preparations for release 2.1 I'm wondering if there
will be prepared binaries or installable packages for Mac users when
the release is there?
Thanks,
Ciao
Max
--
Follow the white penguin.
Maximilian Wilhelm scripsit:
> While watching the preparations for release 2.1 I'm wondering if there
> will be prepared binaries or installable packages for Mac users when
> the release is there?
So really nobody is interested in OpenVPN for MAC?
Sad.
Ciao
Max
--
Fo
Anno domini Noam Rathaus scripsit:
Hi!
> Don't get discouraged, one thing that I learned over the year, as there is no
> MAC binary now, little if any use OpenVPN on MAC causing lack of interest on
> both ends - developers and consumers for OpenVPN support for MAC.
> If you are willing to com
Hi,
this set reintroduces the patch for "VRF support on Linux" by implementing
--bind-dev option from 2016 as well as some real live documentation
as requested by Gert :)
I wrote a .rst file in the style of the "man-page overhaul project" in the
hope that this format is useful and can easily be
making connections using
the non-default VRF and having the tun/tap interface in the default VRF.
Thanks to David Ahern (Cumulus Networks) for insights on this.
[0]
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/networking/vrf.txt
Signed-off-by: Maximilian
From: Maximilian Wilhelm
Signed-off-by: Maximilian Wilhelm
---
doc/man-sections/vrf.rst | 75
1 file changed, 75 insertions(+)
create mode 100644 doc/man-sections/vrf.rst
diff --git a/doc/man-sections/vrf.rst b/doc/man-sections/vrf.rst
new
Anno domini 2020 Gert Doering scripsit:
Hi,
> reading this more closely at merging/testing time, I do have a change
> request...
>
> On Fri, Jun 26, 2020 at 08:49:44PM +0200, Maximilian Wilhelm wrote:
> > +#ifdef TARGET_LINUX
> > +else if (streq (
Hi,
once again, this time with added error handling in the setsockopt(). Sorry
for missing this before.
Best
Max
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
From: Maximilian Wilhelm
This options allows the user to specify a network device the OpenVPN process
should use when making a connection or binding to an address. This translates
in setting the SO_BINDTODEVICE option to the corresponding socket (on Linux).
When for example using VRFs
From: Maximilian Wilhelm
Signed-off-by: Maximilian Wilhelm
---
doc/man-sections/vrf.rst | 75
1 file changed, 75 insertions(+)
create mode 100644 doc/man-sections/vrf.rst
diff --git a/doc/man-sections/vrf.rst b/doc/man-sections/vrf.rst
new
Anno domini 2020 Greg Cox scripsit:
Hi,
[...]
> So IMO, 1-2 are fundamental, 3-5 are
> wishlist/consideration/extensions/ideas, use or ignore as you see fit:
> * Make the ability for receiving messages on a client as described.
> Enabled by default, maybe selectively disable-able because someone
31 matches
Mail list logo
