diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2010-07-22 22:30:27 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2010-07-22 22:30:27 +0200 |
| commit | c70135d8ed31d133f2fb085bee01db8ad26d7fec (patch) | |
| tree | 6b1edab6b87bd4c0d5b4aeca747232e524d28b36 /pf.c | |
| parent | Added win/build_exe.py script, which is similar to (diff) | |
| parent | Fixed client hang when server don't PUSH (aka the NO_SOUP_FOR_YOU patch) (diff) | |
| download | openvpn-c70135d8ed31d133f2fb085bee01db8ad26d7fec.tar.xz | |
Merge branch 'bugfix2.1' into beta2.2
Conflicts:
openvpn.8
- New option descriped (--register-dns)
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Diffstat (limited to 'pf.c')
| -rw-r--r-- | pf.c | 38 |
1 files changed, 22 insertions, 16 deletions
@@ -109,6 +109,11 @@ add_subnet (const char *line, const char *prefix, const int line_num, struct pf_ return false; } netmask = netbits_to_netmask (netbits); + if ((network.s_addr & htonl (netmask)) != network.s_addr) + { + network.s_addr &= htonl (netmask); + msg (M_WARN, "WARNING: PF: %s/%d: incorrect subnet %s/%d changed to %s/%d", prefix, line_num, line, netbits, inet_ntoa (network), netbits); + } } else { @@ -554,24 +559,25 @@ pf_init_context (struct context *c) #ifdef PLUGIN_PF if (plugin_defined (c->plugins, OPENVPN_PLUGIN_ENABLE_PF)) { - const char *pf_file = create_temp_filename (c->options.tmp_dir, "pf", &gc); - delete_file (pf_file); - setenv_str (c->c2.es, "pf_file", pf_file); - - if (plugin_call (c->plugins, OPENVPN_PLUGIN_ENABLE_PF, NULL, NULL, c->c2.es) == OPENVPN_PLUGIN_FUNC_SUCCESS) - { - event_timeout_init (&c->c2.pf.reload, 1, now); - c->c2.pf.filename = string_alloc (pf_file, NULL); - c->c2.pf.enabled = true; + const char *pf_file = create_temp_file (c->options.tmp_dir, "pf", &gc); + if( pf_file ) { + setenv_str (c->c2.es, "pf_file", pf_file); + + if (plugin_call (c->plugins, OPENVPN_PLUGIN_ENABLE_PF, NULL, NULL, c->c2.es) == OPENVPN_PLUGIN_FUNC_SUCCESS) + { + event_timeout_init (&c->c2.pf.reload, 1, now); + c->c2.pf.filename = string_alloc (pf_file, NULL); + c->c2.pf.enabled = true; #ifdef ENABLE_DEBUG - if (check_debug_level (D_PF_DEBUG)) - pf_context_print (&c->c2.pf, "pf_init_context#1", D_PF_DEBUG); + if (check_debug_level (D_PF_DEBUG)) + pf_context_print (&c->c2.pf, "pf_init_context#1", D_PF_DEBUG); #endif - } - else - { - msg (M_WARN, "WARNING: OPENVPN_PLUGIN_ENABLE_PF disabled"); - } + } + else + { + msg (M_WARN, "WARNING: OPENVPN_PLUGIN_ENABLE_PF disabled"); + } + } } #endif #ifdef MANAGEMENT_PF |