aboutsummaryrefslogtreecommitdiff
path: root/init.c
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-08-05 04:44:31 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-08-05 04:44:31 +0000
commitf77c60d3d6a7567eb82d5856921b13eefef747b7 (patch)
treec3e0d0a44074bca5c4df15f28c4978ea00957f81 /init.c
parentFixed minor issue with --redirect-gateway bypass-dhcp or bypass-dns (diff)
downloadopenvpn-f77c60d3d6a7567eb82d5856921b13eefef747b7.tar.xz
Added additional warnings to flag common gotchas:
* Warn when ethernet bridging that the IP address of the bridge adapter is probably not the same address that the LAN adapter was set to previously. * When running as a server, warn if the LAN network address is the all-popular 192.168.[0|1].x, since this condition commonly leads to subnet conflicts down the road. * Primarily on the client, check for subnet conflicts between the local LAN and the VPN subnet. Added a 'netmask' parameter to get_default_gateway, to return the netmask of the adapter containing the default gateway. Only implemented on Windows so far. Other platforms will return 255.255.255.0. Currently the netmask information is only used to warn about subnet conflicts. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3179 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'init.c')
-rw-r--r--init.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/init.c b/init.c
index 4b84b9e..5bd8cf6 100644
--- a/init.c
+++ b/init.c
@@ -1957,6 +1957,9 @@ do_option_warnings (struct context *c)
msg (M_WARN, "WARNING: using --pull/--client and --ifconfig together is probably not what you want");
#if P2MP_SERVER
+ if (o->server_bridge_defined | o->server_bridge_proxy_dhcp)
+ msg (M_WARN, "NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to");
+
if (o->mode == MODE_SERVER)
{
if (o->duplicate_cn && o->client_config_dir)
@@ -1976,6 +1979,8 @@ do_option_warnings (struct context *c)
msg (M_WARN, "WARNING: You have disabled Crypto IVs (--no-iv) which may make " PACKAGE_NAME " less secure");
#ifdef USE_SSL
+ if (o->tls_server)
+ warn_on_use_of_common_subnets ();
if (o->tls_client
&& !o->tls_verify
&& !o->tls_remote