14.11.2023 11:05, Gert Doering пишет:
Hi,
On Sun, Nov 12, 2023 at 06:08:48PM +0000, Greg Cox wrote:
Spun this config up, then ran:
iptables -t nat -A PREROUTING -i eth0 -p tcp -m multiport --dports 443,80
-j REDIRECT --to-ports 1194
Within 5 minutes the random web scanners found and segfaulted me.
... your port scanners are definitely better than mine - took more like 5
hours here to crash, but it confirms the current assumptions, ks->state
being S_UNDEF and ks->send_reliable being NULL.
Now, Arne's patch (if (ks->state == S_UNDEF) { continue; }) *should* have
fully fixed this, so I'm a bit surprised that we get "it still crashes"
reports... will re-test with this setup and see what happens.
gert
I'd like to confirm that after patch and more then 24hours run I have no
issues.
Thank you!
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
