Signed-off-by: Antonio Quartulli
---
Changes from v5:
- restyle base addr computation to avoid odd line wrapping
Changes from v4:
- make the base computation depending on the size of the pool:
- large pools will still start at +0x1000 (backward compatible)
- smaller pools will st
Acked-by: Gert Doering
Thanks :-)
Tested with "redirect-private", "redirect-gateway", "redirect-gateay !ipv4",
and it seems to do what we want - not fumble any hostroutes if !ipv4 is
set, but *do* fumble them if needed.
If you do "--redirect-private --redirect-gateway !ipv4 ipv6", it will
unset
Signed-off-by: Antonio Quartulli
---
Changes from v4:
- make the base computation depending on the size of the pool:
- large pools will still start at +0x1000 (backward compatible)
- smaller pools will start at +2
src/openvpn/helper.c | 21 +
src/openvpn/opt
Hi,
On 07/06/2020 12:59, Gert Doering wrote:
> My idea would be to make this conditional on the pool size - if the size
> is /64.../111, make it +0x1000 ("keep existing behaviour for large-enough
> pools"), if it's /112.../124, make it +2
>
> Thoughts?
I think it makes sense, especially to prese
From: Antonio Quartulli
If no IPv4 redirection flag is set, do not enable the IPv4
redirection logic at all so that it won't bother adding any
useless IPv4 route.
Trac: #208
Signed-off-by: Antonio Quartulli
---
Changes from v4:
- add warning about undefined behaviour when specifying
redirect
Hi,
On Sun, Jun 07, 2020 at 01:25:01PM +0200, Gert Doering wrote:
> Can we make this conditional in a way that does not break "redirect-private"?
A very simple patch would be
if (streq(p[0], "redirect-gateway"))
{
options->routes->flags |= RG_REROUTE_GW;
}
+
Your patch has been applied to the master branch.
commit 25266ebba97d7f4169f902b8b0d3c38eaa4c43a4
Author: James Bottomley
Date: Sun Jun 7 15:10:58 2020 -0700
crypto_openssl: add include for openssl/conf.h
Signed-off-by: James Bottomley
Acked-by: Arne Schwabe
Message-Id: <
пн, 8 июн. 2020 г. в 15:06, Arne Schwabe :
>
> >
> > Sorry about that. Best guess is it's missing an include for
> > openssl/conf.h. You don't need that today because pretty much every
> > other openssl header includes it, but that may not always have been so.
> >
> > Does the below patch fix it
>
> Sorry about that. Best guess is it's missing an include for
> openssl/conf.h. You don't need that today because pretty much every
> other openssl header includes it, but that may not always have been so.
>
> Does the below patch fix it? If it does, it should probably be folded
> into the