Hi,
On 01/05/21 11:03, Gert Doering wrote:
On Fri, Apr 30, 2021 at 09:15:07PM +0000, tincantech via Openvpn-users wrote:
Ref: https://forums.openvpn.net/viewtopic.php?f=6&t=32193#p99021
(This also applies to --http-proxy)
The question is, how/what does openvpn do in the case that the client
is connecting via a proxy server when using --redirect-gateway def1 ?
From man openvpn (8):
(1) Create a static route for the --remote address which forwards to the
pre-existing default gateway.
But if the proxy is non-local then --redirect-gateway will break connectivity.
Obviously, I am missing some key information here but the manual has nothing
either and I have dug deep enough already.
(I would test this myself but .. well, what are mailing lists for ? )
I would expect this to do the same thing it would do for the "non proxy"
case - install a host route to the existing default gateway so packets
to the server (and with proxy, to the proxy) can still flow. Then,
change the default route into the tunnel.
Of course there might be bugs - so you'll end up having to test this.
AFAIK this does *not* work for the "non proxy" case; just checked the
v2.5 sources and I cannot find anything special there:
init.c:do_init_route_list() calls route.c:init_route_list()
with "remote_host" set to "link_socket_current_remote(link_socket_info)"
and that does not seem to take any proxy hosts into account. Also, as
far as I remember this behaviour has not changed since OpenVPN 2.0/2.1 .
Bug-worthy?
share and enjoy,
JJK
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
