aboutsummaryrefslogtreecommitdiff
path: root/route.c (follow)
AgeCommit message (Collapse)AuthorFilesLines
2009-09-27Eliminated the limitation on the number of options that can be pushedjames1-1/+1
to clients, including routes. Previously, all pushed options needed to fit within a 1024 byte options string. Remember that to make use of this feature to allow many routes to be pushed to clients, the client config file must specify the max-routes option, and the number of pushed routes cannot exceed this limit. Also, both server and client must include this commit. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4991 e7ae566f-a301-0410-adde-c780ea21d3b5
2009-09-17The maximum number of "route" directives (specified in the configjames1-9/+33
file or pulled from a server) can now be configured via the new "max-routes" directive. Previously, the limit was set to 100 and fixed by a compile-time constant. Now the limit is dynamic and can be modified by the "max-routes" directive. If max-routes is not specified, the default limit is 100. Note that this change does not address the maximum size of the pushed options string sent from server to client, which is still controlled by the TLS_CHANNEL_BUF_SIZE compile-time constant. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4967 e7ae566f-a301-0410-adde-c780ea21d3b5
2009-08-24Added PLATFORM-SPECIFIC comment tag to platform-specific functionsjames1-4/+4
in route.c to make it easier to spot them. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4851 e7ae566f-a301-0410-adde-c780ea21d3b5
2009-05-30Update copyright to 2009.james1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4477 e7ae566f-a301-0410-adde-c780ea21d3b5
2009-05-24Added new 'autolocal' redirect-gateway flag. When enabled, the OpenVPNjames1-23/+94
client will examine the routing table and determine whether (a) the OpenVPN server is reachable via a locally connected interface, or (b) traffic to the server must be forwarded through the default router. Only add a special bypass route for the OpenVPN server if (b) is true. If (a) is true, behave as if the 'local' flag is specified, and do not add a bypass route. The new 'autolocal' flag depends on the non-portable test_local_addr() function in route.c, which is currently only implemented for Windows. The 'autolocal' flag will act as a no-op on platforms that have not yet defined a test_local_addr() function. Increased TLS_CHANNEL_BUF_SIZE to 2048 from 1024 (this will allow for more option content to be pushed from server to client). Raised D_MULTI_DROPPED debug level to 4 from 3. Version 2.1_rc16b. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4446 e7ae566f-a301-0410-adde-c780ea21d3b5
2009-05-23Added "redirect-private" option which allows private subnetsjames1-66/+72
to be pushed to the client in such a way that they don't accidently obscure critical local addresses such as the DHCP server address and DNS server addresses. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4436 e7ae566f-a301-0410-adde-c780ea21d3b5
2009-01-27Fixed some issues with C++ style comments that leaked into the code.james1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3899 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-11-17* Added additional method parameter to --script-security to preservejames1-2/+2
backward compatibility with system() call semantics used in OpenVPN 2.1_rc8 and earlier. To preserve backward compatibility use: script-security 3 system git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3495 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-10-06Copyright notice changed to reflect change in name ofjames1-1/+1
Telethra to OpenVPN Technologies. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3409 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-08-05Added additional warnings to flag common gotchas:james1-25/+51
* Warn when ethernet bridging that the IP address of the bridge adapter is probably not the same address that the LAN adapter was set to previously. * When running as a server, warn if the LAN network address is the all-popular 192.168.[0|1].x, since this condition commonly leads to subnet conflicts down the road. * Primarily on the client, check for subnet conflicts between the local LAN and the VPN subnet. Added a 'netmask' parameter to get_default_gateway, to return the netmask of the adapter containing the default gateway. Only implemented on Windows so far. Other platforms will return 255.255.255.0. Currently the netmask information is only used to warn about subnet conflicts. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3179 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-08-04Fixed minor issue with --redirect-gateway bypass-dhcp or bypass-dnsjames1-1/+1
on Windows. If the bypass IP address is 0.0.0.0 or 255.255.255.255, ignore it. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3177 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-08-02Added "--server-bridge" (without parameters) to enablejames1-0/+10
DHCP proxy mode: Configure server mode for ethernet bridging using a DHCP-proxy, where clients talk to the OpenVPN server-side DHCP server to receive their IP address allocation and DNS server addresses. Added "--route-gateway dhcp", to enable the extraction of the gateway address from a DHCP negotiation with the OpenVPN server-side LAN. Modified client.conf and server.conf to reflect new option modes. Incremented version to 2.1_rc9a. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3164 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-26Perform additional input validation on options pulledjames1-16/+38
by client from server. Fixes --iproute vulnerability. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3126 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-26Fixed compiler warnings in Windows build (MinGW).james1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3125 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-26Completely revamped the system for calling external programs and scripts:james1-70/+89
* All external programs and scripts are now called by execve() on unix and CreateProcess on Windows. * The system() function is no longer used. * Argument lists for external programs and scripts are now built by the new argv_printf function which natively outputs to string arrays (i.e. char *argv[] lists), never truncates its output, and eliminates the security issues inherent in formatting and parsing command lines, and dealing with argument quoting. * The --script-security directive has been added to offer policy controls on OpenVPN's execution of external programs and scripts. Also added a new plugin example (openvpn/plugin/examples/log.c) that logs information to stdout for every plugin method called by OpenVPN. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3122 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-07-14Copyright change OpenVPN Solutions LLC -> Telethra, Inc.james1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3048 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-06-11Updated copyright notice to 2008.james1-1/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2995 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-05-12Moved branch into official BETA21 position.james1-7/+28
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2959 e7ae566f-a301-0410-adde-c780ea21d3b5
2008-01-21Allow OpenVPN to run completely unprivileged under Linuxjames1-2/+4
by allowing openvpn --mktun to be used with --user and --group to set the UID/GID of the tun device node. Also added --iproute option to allow an alternative command to be executed in place of the default iproute2 command (Alon Bar-Lev). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2639 e7ae566f-a301-0410-adde-c780ea21d3b5
2007-02-28Worked around an incompatibility in the Windows Vistajames1-7/+25
version of CreateIpForwardEntry as described in http://www.nynaeve.net/?p=59 This issue would cause route additions using the IP Helper API to fail on Vista. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1748 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-11-13New try at AUTO_USERID.james1-0/+149
Implemented AUTO_USERID using MD5(MAC address(primary network adapter)). Currently implemented for Linux and Windows. Basically if ENABLE_AUTO_USERID is defined, the --auth-user-pass option will not prompt for username/password, but will rather generate a unique username and blank password. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1459 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-13Added --route-metric option to set a default route metricjames1-3/+10
for --route (Roy Marples). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1011 e7ae566f-a301-0410-adde-c780ea21d3b5
2006-04-05svn merge -r 886:987 $SO/trunk/openvpn .james1-0/+2
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@991 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-22Added new option --route-method adaptive (Win32)james1-2/+24
which tries IP helper API first, then falls back to route.exe. Made --route-method adaptive the default. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@858 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-12-05Patch to support --topology subnet on Mac OS X (Mathias Sundman).james1-2/+1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@832 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-11-03svn merge -r 760:764 $SO/trunk/openvpnjames1-3/+11
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@766 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-10-31Windows reliability changes:james1-0/+2
* Added code to make sure that the local PATH environmental variable points to the Windows system32 directory. * Added new --ip-win32 adaptive mode which tries 'dynamic' and then fails over to 'netsh' if the DHCP negotiation fails. * Made --ip-win32 adaptive the default. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@739 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-10-20Added actual remote address used to the ">STATE" alertjames1-0/+1
in the management interface (Rolf Fokkens). git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@701 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-10-20Modified get_default_gateway code for Linuxjames1-13/+27
to return the route with the smallest metric if multiple 0.0.0.0/0.0.0.0 entries are present. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@692 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-10-20Modified get_default_gateway code for Windowsjames1-10/+17
to return the route with the smallest metric if multiple 0.0.0.0/0.0.0.0 entries are present. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@691 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-09-26version 2.1_beta1james1-36/+217
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@581 e7ae566f-a301-0410-adde-c780ea21d3b5
2005-09-26This is the start of the BETA21 branch.james1-0/+1776
It includes the --topology feature, and TAP-Win32 driver changes to allow non-admin access. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@580 e7ae566f-a301-0410-adde-c780ea21d3b5
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 11:17:23 +0000