diff options
author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-08-05 04:44:31 +0000 |
---|---|---|
committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-08-05 04:44:31 +0000 |
commit | f77c60d3d6a7567eb82d5856921b13eefef747b7 (patch) | |
tree | c3e0d0a44074bca5c4df15f28c4978ea00957f81 /init.c | |
parent | Fixed minor issue with --redirect-gateway bypass-dhcp or bypass-dns (diff) | |
download | openvpn-f77c60d3d6a7567eb82d5856921b13eefef747b7.tar.xz |
Added additional warnings to flag common gotchas:
* Warn when ethernet bridging that the IP address of the
bridge adapter is probably not the same address that
the LAN adapter was set to previously.
* When running as a server, warn if the LAN network address is
the all-popular 192.168.[0|1].x, since this condition commonly
leads to subnet conflicts down the road.
* Primarily on the client, check for subnet conflicts between
the local LAN and the VPN subnet.
Added a 'netmask' parameter to get_default_gateway, to return
the netmask of the adapter containing the default gateway.
Only implemented on Windows so far. Other platforms will
return 255.255.255.0. Currently the netmask information is
only used to warn about subnet conflicts.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3179 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'init.c')
-rw-r--r-- | init.c | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -1957,6 +1957,9 @@ do_option_warnings (struct context *c) msg (M_WARN, "WARNING: using --pull/--client and --ifconfig together is probably not what you want"); #if P2MP_SERVER + if (o->server_bridge_defined | o->server_bridge_proxy_dhcp) + msg (M_WARN, "NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to"); + if (o->mode == MODE_SERVER) { if (o->duplicate_cn && o->client_config_dir) @@ -1976,6 +1979,8 @@ do_option_warnings (struct context *c) msg (M_WARN, "WARNING: You have disabled Crypto IVs (--no-iv) which may make " PACKAGE_NAME " less secure"); #ifdef USE_SSL + if (o->tls_server) + warn_on_use_of_common_subnets (); if (o->tls_client && !o->tls_verify && !o->tls_remote |