diff options
author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-11-03 13:07:33 +0000 |
---|---|---|
committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-11-03 13:07:33 +0000 |
commit | 223b2c513b3470bd97f868a4acab62b1f471e495 (patch) | |
tree | 037a453a695b9ef215a349ef7a2020c76c86c845 /helper.c | |
parent | Updated docs to reflect the addition of (diff) | |
download | openvpn-223b2c513b3470bd97f868a4acab62b1f471e495.tar.xz |
Fixed some ifconfig-pool issues that precluded
it from being combined with --server directive.
Now, for example, we can configure thusly:
server 10.8.0.0 255.255.255.0 nopool
ifconfig-pool 10.8.0.2 10.8.0.99 255.255.255.0
to have ifconfig-pool manage only a subset
of the VPN subnet.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3471 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'helper.c')
-rw-r--r-- | helper.c | 11 |
1 files changed, 5 insertions, 6 deletions
@@ -158,7 +158,6 @@ helper_client_server (struct options *o) * * if tap OR (tun AND topology == subnet): * ifconfig 10.8.0.1 255.255.255.0 - * ifconfig-pool-constraint 10.8.0.0 255.255.255.0 * if !nopool: * ifconfig-pool 10.8.0.2 10.8.0.254 255.255.255.0 * push "route-gateway 10.8.0.1" @@ -184,7 +183,7 @@ helper_client_server (struct options *o) if (o->shared_secret_file) msg (M_USAGE, "--server and --secret cannot be used together (you must use SSL/TLS keys)"); - if (o->ifconfig_pool_defined) + if (!(o->server_flags & SF_NOPOOL) && o->ifconfig_pool_defined) msg (M_USAGE, "--server already defines an ifconfig-pool, so you can't also specify --ifconfig-pool explicitly"); if (!(dev == DEV_TYPE_TAP || dev == DEV_TYPE_TUN)) @@ -245,9 +244,9 @@ helper_client_server (struct options *o) o->ifconfig_pool_start = o->server_network + 2; o->ifconfig_pool_end = (o->server_network | ~o->server_netmask) - 2; ifconfig_pool_verify_range (M_USAGE, o->ifconfig_pool_start, o->ifconfig_pool_end); - o->ifconfig_pool_netmask = o->server_netmask; } - + o->ifconfig_pool_netmask = o->server_netmask; + push_option (o, print_opt_route_gateway (o->server_network + 1, &o->gc), M_USAGE); } else @@ -272,8 +271,8 @@ helper_client_server (struct options *o) o->ifconfig_pool_start = o->server_network + 2; o->ifconfig_pool_end = (o->server_network | ~o->server_netmask) - 1; ifconfig_pool_verify_range (M_USAGE, o->ifconfig_pool_start, o->ifconfig_pool_end); - o->ifconfig_pool_netmask = o->server_netmask; } + o->ifconfig_pool_netmask = o->server_netmask; push_option (o, print_opt_route_gateway (o->server_network + 1, &o->gc), M_USAGE); } @@ -320,7 +319,7 @@ helper_client_server (struct options *o) if (o->client) msg (M_USAGE, "--server-bridge and --client cannot be used together"); - if (o->ifconfig_pool_defined) + if (!(o->server_flags & SF_NOPOOL) && o->ifconfig_pool_defined) msg (M_USAGE, "--server-bridge already defines an ifconfig-pool, so you can't also specify --ifconfig-pool explicitly"); if (o->shared_secret_file) |