05243166>
> <https://github.com/OpenVPN/openvpn-gui/issues/9>
> <https://github.com/OpenVPN/openvpn-gui/issues/183>
>
> This problem is probably not limited to OpenVPN GUI (Windows), but also
> affects other GUI's like NetworkManager. It was agreed that the best
On Fri, Sep 15, 2017 at 11:40 AM, Gert Doering wrote:
> Hi,
>
> On Fri, Sep 15, 2017 at 12:41:03AM -0400, selva.n...@gmail.com wrote:
> > From: Selva Nair
> >
> > Eliminate the confusing message that says "explicit-exit-notify is
> ignored by
> > pr
On Fri, Sep 15, 2017 at 11:44 AM, Arne Schwabe wrote:
> On 9/15/17 6:41 AM, selva.n...@gmail.com wrote:
> > From: Selva Nair
> >
> > Eliminate the confusing message that says "explicit-exit-notify is
> ignored by
> > previous blocks" when the option
Hi,
On Fri, Sep 15, 2017 at 12:14 PM, Gert Doering wrote:
> Hi,
>
> On Fri, Sep 15, 2017 at 11:53:59AM -0400, Selva wrote:
> > No it doesn't change any functionality. By not including OPT_P_CONNECTION
> > in the mask sent to verify permission the previous connec
Hi,
On Fri, Sep 15, 2017 at 2:46 PM, wrote:
> From: Selva Nair
>
> In particular, this eliminates the message that says "explicit-exit-notify
> is ignored by previous blocks" when the option is pushed.
>
> Note: pull_mode is identified as "allowed &
Hi,
On Thu, Sep 14, 2017 at 3:21 PM, Selva wrote:
> Hi,
>
> Quoting from the meeting logs:
>
>
>> Discussed having more fine-grained signalling from OpenVPN to OpenVPN
>> GUI. The lack of clear signals from OpenVPN to OpenVPN GUI has been a
>> rather
Hi David,
Thanks for taking time to look through this and for your well-considered
response.
Given that I may not remember the details when we get back to this topic,
let me add a few remarks.
On Thu, Sep 21, 2017 at 6:00 PM, David Sommerseth wrote:
> On 14/09/17 21:21, Selva wrote:
>
Hi,
On Thu, Sep 21, 2017 at 12:58 PM, Antonio Quartulli wrote:
>
>
> On 20/09/17 23:34, Selva wrote:
> > Hi,
> >
> > On Fri, Sep 15, 2017 at 2:46 PM, wrote:
> >
> >> From: Selva Nair
> >>
> >> In particular, this eliminates the
ow ("why is your server pushing
> it twice?"), but anyway.
>
Yes, muted when pushed. But such messages will still print at verb 0 if
present outside connection blocks in the config file.
>
> > > do_ifconfig, tt->did_ifconfig_ipv6_setup=0
>
> This one comes
on that and better continue the practice
of explicit nul termination). Note that swprintf is like snprintf in that
it takes the buffer size as an argument.
Selva
--
Chec
ns of mingw that I use (gcc 4.9.3 or later) will
build with those stripped but I can test again if you replace this patch
with one removing those declarations.
Selva
--
Check out the vibrant tech community on one of the worl
Hi,
On Tue, Oct 10, 2017 at 7:11 PM, wrote:
> From: Simon Rozman
>
> ---
> src/openvpnserv/interactive.c | 8
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c
> index 9d473e4..4b08086 100644
> --- a/src/op
ich never got much traction mainly
because it was for an older version of MSVC which did not support C99 and
thus included other changes.
Selva
--
Check out the vibrant tech community on one of the world's most
engag
Hi
On Wed, Oct 11, 2017 at 10:03 AM, Simon Rozman wrote:
> Hi,
>
>
>
> I agree migration towards ISO-C's snwprintf() is better.
>
Just to be sure, ISO-C is 'swprintf' not 'snwprintf'. In spite of 'n'
misisng from that name, it takes the buffer size argument and nul
terminates even if output is
Hi,
On Tue, Oct 10, 2017 at 7:11 PM, wrote:
> From: Simon Rozman
>
> ---
> src/openvpnserv/interactive.c | 10 +-
> 1 file changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c
> index 2019d38..7ff45b1 100644
> --- a/src
citly include it for RtlIpv4AddressToStringW etc.
Anyway mingw is still happy at least with this order of includes, so looks
good to me.
ACK.
Selva
--
Check out the vibrant tech community on one of the world&
> +#include "validate.h"
> +
> /*
> * These are necessary due to certain buggy implementations of
> (v)snprintf,
> * that don't guarantee null termination for size > 0.
>
In mingw builds it works either way as our Makefile i
get
to
those before I may find time..
Thanks,
Selva
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot_
en neither build
would depend on non-standard variants.
That said its fine if you want to keep this as just an MSVC compliance
patch..
> MSVC also provides _snwprintf(), however using it leads to
> unportable code.
>
> After a discussion with Selva Nair on devel mailing list, an agreement
);
> -static FlushIpNetTable2Fn flush_fn = NULL;
> -
> if (msg->family == AF_INET)
> {
> return FlushIpNetTable(msg->iface.index);
> }
>
> -if (!flush_fn)
> -{
> -HMODULE iphlpapi = GetModuleHandle(TEXT
here this was broken ---
I'll test your latest patch. That said, I would not depend on any of these
for nul-termination, we should continue to append an explicit L'\0'.
Selva
--
Check out the vibrant t
Hi,
On Mon, Oct 16, 2017 at 4:05 AM, Samuli Seppänen wrote:
> On 13/10/2017 20:48, Selva wrote:
>
> > @samuli: Which versions of mingw-w64 should we test against to ensure
> > release and snapshot builds would succeed?
>
> Right now _we_ use Ubuntu 16.04 for buildin
Hi
On Mon, Oct 16, 2017 at 4:22 AM, Илья Шипицин wrote:
>
>
> 2017-10-16 13:05 GMT+05:00 Samuli Seppänen :
>
>> On 13/10/2017 20:48, Selva wrote:
>>
>> > @samuli: Which versions of mingw-w64 should we test against to ensure
>> > release and snapshot
Hi,
On Mon, Oct 16, 2017 at 12:57 PM, Gert Doering wrote:
> Hi,
>
> On Mon, Oct 16, 2017 at 11:33:02AM -0400, Selva wrote:
> > I did a quick test on ubuntu trusty (14.04.05 LTS), and as you pointed
> > out, it fails while
> > compiling block_dns.c because of some er
onst WCHAR
> *fname, const settings_t *s)
> /* convert fname to full path */
> if (PathIsRelativeW(fname) )
> {
> -snwprintf(tmp, _countof(tmp), L"%s\\%s", workdir, fname);
> +swprintf(tmp, _countof(tmp), L"%s\\%s", workdir, fname);
27;cryptoapicert' implementation is already in
need of a major re-write to support TLS 1.2 and newer.
>From that point of view, instead of file-based wrapped keys, if a pkcs11
compatible API can be used to access TPM (that's possible isn't it?) TPM
could be more widely usab
Hi,
On Mon, Oct 30, 2017 at 4:41 AM, Simon Rozman wrote:
> Hi Selva,
>
> We are considering distributing a local copy of OpenVPN with eduVPN Client:
> - To provide better app isolation;
> - To allow eduVPN to manage and update own OpenVPN copy.
This is fine, but I would lik
vpnserviceinteractive as is. Does eduVPN really need its own instance
of the service?
That said, I like the idea of being able to run multiple (named) instances
of the service each with its own service pipe.
Selva
--
ifferent versions) of the service.
>
> Because of those issues, we would like to install local OpenVPN - and keep
> it
> up-to-date - using an MSI package. While openvpn.exe and its dependency
> DLLs
> can easily be m
Hi,
On Wed, Nov 1, 2017 at 2:18 PM, Steffan Karger wrote:
> Hi,
>
> On 29-10-17 22:03, Selva wrote:
> > I would like to see new features transparently supported on Windows
> > as well without the need for too much extra code and associated
> > maintenance
as Windows is not our primary build platform. The need for
occasional patching to get MSVC build working again is going to continue.
At least that's my view.
Selva
--
Check out the vibrant tech community on one
ServiceCtrlHandler()) does state that the
name is not checked in case of OWN_PROCESS. Probably that got carried
over to the ...Ex() though not documented as such.
Cheers,
Selva
--
Check out the vibrant tech community on
happen automatically in this particular case as the patch
uses
SSL_CTX_get_default_passwd_cb_userdata() which would result in openssl using
to the password callback previously set in ssl_openssl.c ? And that
callback is
get_userpass() which should know whether to query the management, console or
somethin
Hi Simon,
On Thu, Nov 2, 2017 at 11:26 PM, Selva wrote:
> Hi Simon,
>
> On Thu, Nov 2, 2017 at 3:21 PM, Simon Rozman wrote:
>
>> While openvpn.exe can run multiple concurrent processes, openvpnserv.exe
>> is usually only one single globally unique running process.
ith hostnames anonymized)
>
> This indeed is a regression, or a "non-handled special case in the
> iservice"
> (waking up Selva and Heiko).
> 2.3 is calling route.exe, which seems to just handle this case fine
> ("the given gateway address is present on two diff
the first matching adapter and
the number of matching adapters found. If the count is > 1
windows_route_find_if_index() in route.c sets the index to
TUN_ADAPTER_INDEX_INVALID and route addition gets aborted.
We could slightly modify adapter_index_o
onvinced...
>
> what exactly are the warnings MSVC spits out here?
>
I think these are needed to silence signed/unsigned comparison warnings
(== is ok, but < and > would warn). gcc also would warn if -Wextra or
-Wsign-compare is used.
Simon may have more to say.
Selva
-
y
interpret as valid result.
This is hypothetical as Windows system err codes do not get that large.
But then the original is as good as the replacement except for a
C++-trained compiler being silenced.
While most of the MSVC compiler warnings are false-alarms, one out of man
antics. Apart from the ill-chosen -err as a return
value, currently it returns 0 if automatic metric is in use, making it
impossible
to use it as a generic function to find the current metric of an interface.
In fact I've a pending patch where such a change wou
tartAutomaticOwn },
> +{ NULL, NULL }
> +};
Agreed this array has to live beyond the for loop, but why static? Statics
live for ever while this need not exist beyond the function. Putting it at
the
top where dispatchTable_shared is defined (or anywhere before the
out of the "Action Required" list, although Acked patches still
need attention to get merged.
Thanks,
Selva
--
Check out the vibrant tech community on one of the wor
Hi,
On Wed, Nov 8, 2017 at 11:18 AM, Gert Doering wrote:
> Hi,
>
> On Wed, Nov 08, 2017 at 11:07:16AM -0500, Selva wrote:
> > Confused as to how patchwork works:
>
> Welcome to the club :-)
>
I already feel better :)
>
> I had some ideas how it should work
> PACKAGE_NAME/PACKAGE as the left part again, and only append the ""
> service_instance for official OpenVPN and "$eduVPN" for named instance.
>
Not sure I follow, but will wait for the p
g to the latest [PATCH( v3
> missing)], one would need to start the default instance of the interactive
> service only using the following service command line:
>
> openvpnserv.exe -instance interactive ""
>
Yes that would work in a pinch and, once installed, the use
gt;
> /* max cmdline length in wchars -- include room for worst case and
> some */
> -int ncmdline = wcslen(fmt) + wcslen(if_name) + wcslen(addr) + 32 + 1;
> +size_t ncmdline = wcslen(fmt) + wcslen(if_name) + wcslen(addr) + 32
lines
> at all and just responds as:
>
> SUCCESS: { ... }
>
One of the niceties of JSON is its readability which is greatly reduced
if formatted without line breaks. Multi-line with the same
format used for management and console would be nice. Exc
uted it by an
> explicit cast, so we can focus on more important warnings.
Agreed, reducing compiler warnings is a useful side effect and we know the
type coercion here is safe.
cheers,
Selva
--
Check out the vibrant
}
> -
> -return find->cFileName[i] == '.' && !_tcsicmp(find->cFileName + i +
> 1, ext);
> +const TCHAR *p = _tcsrchr(find->cFileName, TEXT('.'));
> +return p && p != find->cFileName && _tcsicmp(p + 1, ext) == 0;
FWIW, ensu
addition to "status" in
> > management interface
> > 3. do not print "END" marker any longer
>
I suppose that means no "END" as a part of the JSON output (ie., not written
to console or file) but if the output is multi-line, management still needs
to g
from
>> need to be encoded ") - and as long as we do not need to parse
>> *incoming* JSON, a full-blown new library is mainly adding complications
>> (like, configure flags, #ifdefs, library version dependencies, ...).
>>
>> But you knew that this respo
management interface uses a line based
protocol with '\n' as the delimiter, it can't be a part of input strings
and breaks quoting.
Is there any other character that should be disallowed?
Thanks,
Selva
--
Chec
On Sun, Nov 19, 2017 at 12:06 AM, Илья Шипицин wrote:
>
>
> 2017-11-18 8:25 GMT+05:00 Selva :
>
>> Hi,
>>
>> I want to add some form of validation for user input in the GUI so that
>> the user can be alerted when username, password etc. contains characters
&g
away and move on to patches that would benefit
from it.
Thanks,
Selva
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot_
Hi David,
On Mon, Nov 20, 2017 at 3:10 PM, David Sommerseth wrote:
> On 19/11/17 22:21, Selva wrote:
> > Hi David,
> >
> > On Fri, May 5, 2017 at 5:46 PM, David Sommerseth > <mailto:dav...@openvpn.net>> wrote:
> >
> > This patch builds on th
ng there was the flag in the header. Not so for the executables.
>>
>> We need to find some fix for this, else I fear this will be ASLR in name
>> only.
>>
>> Selva
>>
>
> So we need a small code change in OpenVPN to get ASLR actually working,
> like in OpenVPN G
Hi,
On Sat, Jan 14, 2017 at 4:16 PM, wrote:
> From: Selva Nair
>
> Currently the username unqualified by the domain is used to validate
> a user which fails for domain users. Instead authorize the user
>
> (i) if the built-in admin group or ovpn_admin group is in the process
reviews, but a bug fix may wait for ever
and even lost under the pile.
It all depends what catches our fancy, personal interest, expertise and
mood. No point in trying to rationalize it beyond that.
Selva
--
ol to set -rpath properly (and/or
use a wrapper) so that uninstalled test programs pick up the library it was
linked with. Else a developer building using custom libs gets wrong
libraries loaded while running tests. A proper fix will eliminate the need
for tweaking LD_LIBRARY_PATH in the first plac
pleteness I will copy what I wrote before:
While this patch is good enough for travis builds, there is a more general
issue here. I think its the job of libtool to set -rpath properly (and/or
use a wrapper) so that uninstalled test programs pick up the library it was
linked with.
Selva
man page is to have proxy password
work the same way as auth-user-pass with an implicit auth-nocache assumed.
Then multiple credentials is not expected, but could still work if the
proxy password is purged when an authentication error
cached copy is available.
With only one cache per password type, this expects passwords are not
remote-specific. As we support only one auth-user-pass or one private key
pass per config I think the intent was to support only one proxy password.
Allowing http-proxy in block g
From: Selva Nair
- Keep the username even if auth-nocache is specified so that
any auth_token pushed by the server could be utilized
- When auth-token is received, set nocache = false in user_pass
Note: When handling of auth failure due to token expiry is fixed, remember
to re-instate nocache
Hi,
On Wed, Feb 8, 2017 at 10:01 PM, Antonio Quartulli wrote:
> On Wed, Feb 08, 2017 at 02:25:44PM -0500, selva.n...@gmail.com wrote:
> > From: Selva Nair
> >
> > - Keep the username even if auth-nocache is specified so that
> > any auth_token pushed by the server
smtpServer = smtp.gmail.com
smtpUser = user.n...@gmail.com
smtpServerPort = 587
No smtpsslcertpath specified, I suppose it verifies the cert using
/etc/ssl/certs as the capath, which is the default.
Possibly your /etc/ssl/cert.pem is to blame? I do not have such a
On Mon, Feb 20, 2017 at 7:18 AM, Gert Doering wrote:
> On Sat, Jan 14, 2017 at 04:16:29PM -0500, selva.n...@gmail.com wrote:
> > From: Selva Nair
> >
> > Currently the username unqualified by the domain is used to validate
> > a user which fails for domain users.
e do not
>> rely on $PATH resolution at runtime.
>>
>
> well, what if I will not change current (i.e. default behaviour), but
> instead I will add a possibility to specify ifconfig explicitly
>
You can set custom path during conf
> fe80::8 value. Only do this for "on tap adapter" routes.
>
> Pinpointed by Selva Nair.
>
> Trac #850
>
> Signed-off-by: Gert Doering
> ---
> src/openvpn/route.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/src/openvpn/r
--
> $ time openssl gendh -out test 4096
> [...snip...]
>
> real35m40.098s
> user35m38.922s
> sys 0m0.367s
> $ cat /proc/cpuinfo | grep model\
means that if for some reason a non-ephemeral diffie-hellman
> cipher suite is selected, you are at risk of these attacks.
>
Thanks for the clarification.
Selva
--
Check out the vibrant tech community on one of
While cleaning up my local branches this one came up..
Any comments? -- a NAK will do as well so that I can delete it :)
Selva
On Fri, Nov 25, 2016 at 12:21 AM, Selva Nair wrote:
> This was missing on Windows when interactive service is in use.
>
> - Added route_ipv6_clear_host_bi
I did not get this mail
https://sourceforge.net/p/openvpn/mailman/message/35789733/
Something up with the list or is it only me?
Selva
--
Check out the vibrant tech community on one of the world's most
engaging
as a foot note in
plain text ?
Thanks,
Selva
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
x27;t include win32.h/c so I had to copy/paste code into it. How
> could this be improved?
>
Code shared between to openvpn core and the service could go into
block_dns.c and block_dns.h. Do not make the service code dependent on
win32.h as that will pull-in a lot of unwanted
From: Selva Nair
If static challenge is in use, the password passed to the plugin by openvpn
is of the form "SCRV1:base64-pass:base64-response". Parse this string to
separate it into password and response and use them to respond to queries
in the pam conversation function.
On
From: Selva Nair
This adds a minimal secure_memzero()
Signed-off-by: Selva Nair
---
src/plugins/auth-pam/auth-pam.c | 2 ++
src/plugins/auth-pam/utils.h| 16
2 files changed, 18 insertions(+)
diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c
On Fri, May 5, 2017 at 3:01 PM, David Sommerseth <
open...@sf.lists.topphemmelig.net> wrote:
> On 05/05/17 20:28, Gert Doering wrote:
> > Hi,
> >
> > On Fri, May 05, 2017 at 02:24:01PM -0400, selva.n...@gmail.com wrote:
> >> From: Selva Nair
> >
, setting low metric for the TAP interface solves this issue,
> making Windows always pick with TAP adapter first.
Well, I'm looking for to excuses to avoid the hard work of a careful review
:) If reducing metric is indeed the right approach in this cat and mouse
game with MS, I
t
also refers to
*type_mask instead of type_mask.which is not right either.
.
Am I missing something?
Selva
[*] By the way, this being an example, it may be best to show the correct
type by casting the
return value of calloc to (openvpn_plugin_handle_t)
> correct type by casting the
> > return value of calloc to (openvpn_plugin_handle_t)
>
> Yes, but shouldn't it be `(openvpn_plugin_handle_t *)` ?
>
I assumed the fix would be to change the struct.
Thanks,
Selva
-
dle in this struct.
Reference to *handle in line 390 needs correction too (comment only --
struct is fine).
Thanks,
Selva
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashd
interface_data->metric > 0)
>
Here ">" should be ">=0", else automatic metric is not restored.
> +{
> +set_interface_metric(interface_data->index,
> AF_INET,
> + interface_data->metric);
Hi,
On Mon, May 8, 2017 at 10:57 AM, David Sommerseth <
open...@sf.lists.topphemmelig.net> wrote:
> On 08/05/17 16:38, Selva Nair wrote:
> > Hi,
> >
>
On Mon, May 8, 2017 at 10:19 AM, David Sommerseth
>> wrote:
>> *
>> * STRUCT MEMBERS
>> *
rc/openvpn/plugin.c
> index 05cbae3e..a652d528 100644
> --- a/src/openvpn/plugin.c
> +++ b/src/openvpn/plugin.c
> @@ -410,7 +410,8 @@ plugin_log(openvpn_plugin_log_flags_t flags, const
> char *name, const char *forma
>
> static struct openvpn_plugin_callbacks callbacks = {
>
From: Selva Nair
v2: Change the plugin open to use v3 API so that
openvpn_secure_memzero() exported from OpenVPN can be used.
Note: context is cast as (openvpn_plugin_handle_t *) for consistency
with the current plugin header. If/when the header is fixed, change
this cast as well.
Signed-off
if future revisions is guaranteed not to reorder/remove items in the
structs, a less strict check
is definitely better.
> The plug-ins in src/plugins should use, which ensures forward
> compatibility against the OpenVPN binary:
>
>if (v3structver < OPENVPN_PLUGIN
variables as initialization
can hide errors.
Selva
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot__
From: Selva Nair
v2: Change the plugin open to use v3 API so that secure_memzero()
exported from OpenVPN can be used.
v3: Relaxe API compatibility check: struct version 4 or higher
will have secure_memzero exported.
Note: context is cast as (openvpn_plugin_handle_t *) for consistency
same security as using
> +.B \-\-tls\-auth\fR.
> +That is, the control channel still benefits from the extra protection
> against
> +active man-in-the-middle-attacks and DoS attacks, but may no longer offe
I_
InitializeIpInterfaceEntry(PMIB_IPINTERFACE_ROW Row );
Do a test build for 32 bit to see now this function compiles without
warnings
and links without errors. 32 bit is a more stringent test because only in
this
case the linker will fail to find stdcall functions witho
any adverse effects except for the metric change
which will also affect the metric of routes added.
Cross compiles without issues for 32 bit and 64 bit -- tested on Debain 8.7
with
mingw32-w64 included in the distribution.
Selva
---
From: Selva Nair
Fixes finding 5.6 of OSTIF/Quarkslab audit
Signed-off-by: Selva Nair
---
src/openvpn/win32.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/openvpn/win32.c b/src/openvpn/win32.c
index 0cbf5fd..9a03681 100644
--- a/src/openvpn/win32.c
+++ b/src
ld add error checking there. If the
buffer is too small we will get a truncated but null terminated name, so
that's not too bad. But if the call fails the buffer may contain random
bytes.
Selva
--
Check out the vibrant
From: Selva Nair
Also replace MAX_PATH by _countof(openvpnpath) as the latter
is arguably more robust.
Signed-off-by: Selva Nair
---
src/openvpn/win32.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/openvpn/win32.c b/src/openvpn/win32.c
index b271597..56c3a1d
From: Selva Nair
- This is an opaque pointer so the change should not affect existing plugins.
But it makes the code consistent and clears up the documentation as the handle
pointer is treated as of type "openvpn_plugin_handle_t" in the rest of the
code.
Signed-off-by:
see the client logs and any error event logged by the
service when this happens. Can you get the user to open a ticket with logs?
>
> Works fine with persist-tun on client side.
>
Selva
--
Check out the vibra
1AM -0700, Selva Nair wrote:
> > As I said, get openvpn to report route errors in the status and then we
> can
> > add a warning to the status popup, turn the icon red etc instead of the
> > current misleading "successfully connected" behaviour.
>
> This is actu
due to fatal error
Obviously "access denied" due to not running as admin and service not in
use.
Selva
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Sl
On Mon, Jun 12, 2017 at 2:14 PM, Gert Doering wrote:
> Hi,
>
> wading through my heap of mails that did not get proper attention...
>
> On Fri, May 05, 2017 at 02:24:02PM -0400, selva.n...@gmail.com wrote:
> > From: Selva Nair
> >
> > If static challenge is i
ion failed using
> service: The object already exists. [status=5010 if_index=17]
This is a known issue (route not deleted on termination so fails to
recreate later) and is not a critical. FWIW, there is a patch on the ML to
fix it.
Selva
---
ne interface cannot show up on another.
Selva
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
1 - 100 of 1509 matches
Mail list logo