From f77c60d3d6a7567eb82d5856921b13eefef747b7 Mon Sep 17 00:00:00 2001 From: james Date: Tue, 5 Aug 2008 04:44:31 +0000 Subject: Added additional warnings to flag common gotchas: * Warn when ethernet bridging that the IP address of the bridge adapter is probably not the same address that the LAN adapter was set to previously. * When running as a server, warn if the LAN network address is the all-popular 192.168.[0|1].x, since this condition commonly leads to subnet conflicts down the road. * Primarily on the client, check for subnet conflicts between the local LAN and the VPN subnet. Added a 'netmask' parameter to get_default_gateway, to return the netmask of the adapter containing the default gateway. Only implemented on Windows so far. Other platforms will return 255.255.255.0. Currently the netmask information is only used to warn about subnet conflicts. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3179 e7ae566f-a301-0410-adde-c780ea21d3b5 --- init.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'init.c') diff --git a/init.c b/init.c index 4b84b9e..5bd8cf6 100644 --- a/init.c +++ b/init.c @@ -1957,6 +1957,9 @@ do_option_warnings (struct context *c) msg (M_WARN, "WARNING: using --pull/--client and --ifconfig together is probably not what you want"); #if P2MP_SERVER + if (o->server_bridge_defined | o->server_bridge_proxy_dhcp) + msg (M_WARN, "NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to"); + if (o->mode == MODE_SERVER) { if (o->duplicate_cn && o->client_config_dir) @@ -1976,6 +1979,8 @@ do_option_warnings (struct context *c) msg (M_WARN, "WARNING: You have disabled Crypto IVs (--no-iv) which may make " PACKAGE_NAME " less secure"); #ifdef USE_SSL + if (o->tls_server) + warn_on_use_of_common_subnets (); if (o->tls_client && !o->tls_verify && !o->tls_remote -- cgit v1.2.3