Package: openvpn Version: 2.2.0-2ubuntu1 Severity: normal
When a tun-based VPN is using the subnet topology, the communication between clients can confuse the routing code that will wrongly emit ICMP redirects. This problem is very well described here http://backreference.org/2010/05/02/controlling-client-to-client-connections-in-openvpn/. The same link also provides the workaround (disable ICMP redirect on the TUN device). The orignal bug report was done in Ubuntu's LP and a bzr branch with a fix was also added : https://bugs.launchpad.net/ubuntu/oneiric/+source/openvpn/+bug/907828 -- System Information: Debian Release: wheezy/sid APT prefers oneiric-updates APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric-proposed'), (500, 'oneiric') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-15-generic (SMP w/4 CPU cores) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages openvpn depends on: ii debconf [debconf-2.0] 1.5.40ubuntu1 Debian configuration management sy ii libc6 2.13-20ubuntu5 Embedded GNU C Library: Shared lib ii liblzo2-2 2.05-1 data compression library ii libpam0g 1.1.3-2ubuntu2.1 Pluggable Authentication Modules l ii libpkcs11-helper1 1.08-1build1 library that simplifies the intera ii libssl1.0.0 1.0.0e-2ubuntu4 SSL shared libraries ii lsb-base 4.0-0ubuntu16 Linux Standard Base 4.0 init scrip ii net-tools 1.60-23ubuntu3 The NET-3 networking toolkit openvpn recommends no packages. Versions of packages openvpn suggests: ii openssl 1.0.0e-2ubuntu4 Secure Socket Layer (SSL) binary a pn resolvconf <none> (no description available) -- Configuration Files: /etc/default/openvpn changed [not included] -- debconf information: openvpn/create_tun: false -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
