[Openvpn-devel] any reason output_peer_info_env isn't in 2.3.8?

2015-10-26 Thread Jason Haar
Hi there I've been running on openvpn-git for some time (2.3.4-ish?) due to my desire to rely on UV_* variables being passed from the client to the server/router. Anyway, I saw some other "git" features I used were in 2.3.8, so I decided to try that and discovered it still doesn't have the server

[Openvpn-devel] [PATCH] Added client-ip option to NAT

2015-10-26 Thread Rafael Gava
Allow the user to use the string 'client-ip' on the client-nat network configuration as a convenient way to use the leased IP address received from OpenVPN server. Usage Example: client-nat snat client-ip 255.255.255.255 172.20.1.15 # replaces the 'client-ip' string with the leased IP address re

[Openvpn-devel] [PATCH] Add Windows DNS Leak fix using WFP ('block-outside-dns')

2015-10-26 Thread ValdikSS
This option is silently ignored on non-Windows platforms and works on Vista+. External DNS is blocked even if no DNS server configured (user may configure it in the tap interface itself). This option could be ignored from server push using route-nopull. --- doc/openvpn.8 | 11 ++- src/

Re: [Openvpn-devel] Topics for today's (Monday, 26th Oct 2015) community meeting

2015-10-26 Thread Gmail
Yes. Maybe an option that defaults the ping to the tunnel gateway with a switch to choose some other IP? Sent from my iPhone > On Oct 26, 2015, at 8:20 AM, Morris, Russell wrote: > > Agreed! This is what I have done locally also - enter a machine on the server > side, and ping it at some inte

Re: [Openvpn-devel] Topics for today's (Monday, 26th Oct 2015) community meeting

2015-10-26 Thread Selva Nair
On Mon, Oct 26, 2015 at 11:17 AM, Gmail wrote: > Regarding the instability of connection in the windows version: I > overcame this long ago (and works well to this date) by building a tiny > script that periodically pings the the ovpn gateway (server). If no ping > reply then restart the service

Re: [Openvpn-devel] Topics for today's (Monday, 26th Oct 2015) community meeting

2015-10-26 Thread Morris, Russell
Agreed! This is what I have done locally also - enter a machine on the server side, and ping it at some interval. FYI, this doesn't have to be only the server itself. I use a different machine, to make sure my routes get set up properly also. Thanks, ... Russell -Original Message- Fr

Re: [Openvpn-devel] Topics for today's (Monday, 26th Oct 2015) community meeting

2015-10-26 Thread Gmail
Regarding the instability of connection in the windows version: I overcame this long ago (and works well to this date) by building a tiny script that periodically pings the the ovpn gateway (server). If no ping reply then restart the service. Very simple. Perhaps this could be built into the co

Re: [Openvpn-devel] Creating a Windows team for OpenVPN?

2015-10-26 Thread Pasi Kärkkäinen
On Mon, Oct 26, 2015 at 01:42:13PM -, debbie...@gmail.com wrote: > Hi > - Original Message - From: "Pasi Kärkkäinen" > To: "Samuli Seppänen" > Cc: > Sent: Monday, October 26, 2015 11:12 AM > Subject: Re: [Openvpn-devel] Creating a Windows team for OpenVPN? > > >- Windows OpenVPN-GUI

Re: [Openvpn-devel] Creating a Windows team for OpenVPN?

2015-10-26 Thread debbie10t
Hi - Original Message - From: "Pasi Kärkkäinen" To: "Samuli Seppänen" Cc: Sent: Monday, October 26, 2015 11:12 AM Subject: Re: [Openvpn-devel] Creating a Windows team for OpenVPN? - Windows OpenVPN-GUI needs to be able to read config files from under user's profile directory, not on

Re: [Openvpn-devel] [RFC] --passtos default on/off, and IPv6.

2015-10-26 Thread Arne Schwabe
> > I'm actually *more* interested in the potential for incompatibilities > > if we start setting the TOS bits — as we saw with stupid firewalls > > dropping packets when ECN was in use. That sounds like a much more > > reasonable argument for not doing --passtos by default, although even > > that

Re: [Openvpn-devel] Creating a Windows team for OpenVPN?

2015-10-26 Thread Pasi Kärkkäinen
On Fri, Oct 16, 2015 at 07:00:13PM +0300, Samuli Seppänen wrote: > Hi, > > In Delft we talked about issues with Windows version of OpenVPN quite a > lot. Of the top of my hat I can recall the following isuses: > > - The tap-windows/tap-windows6 drivers have fairly bad performance > - In Windows

[Openvpn-devel] Topics for today's (Monday, 26th Oct 2015) community meeting

2015-10-26 Thread Samuli Seppänen
Hi, We're going to have an IRC meeting today starting at 20:00 CET (19:00 UTC) on #openvpn-devel irc.freenode.net. Current topic list along with basic information is here: If you have any other things you'd like to bring up, res

Re: [Openvpn-devel] [RFC] --passtos default on/off, and IPv6.

2015-10-26 Thread Steffan Karger
On 26 Oct 2015 00:44, "David Woodhouse" wrote: > > On Mon, 2015-10-26 at 00:15 +0100, Steffan Karger wrote: > > On Mon, Oct 26, 2015 at 12:09 AM, Steffan Karger wrote: > > > For > > > covert channels, it means 23 possible values per 1500-byte packet, or > > > ~5 bits for BF, and 12 possible value

Re: [Openvpn-devel] [RFC] --passtos default on/off, and IPv6.

2015-10-26 Thread David Woodhouse
On Mon, 2015-10-26 at 00:15 +0100, Steffan Karger wrote: > On Mon, Oct 26, 2015 at 12:09 AM, Steffan Karger wrote: > > For > > covert channels, it means 23 possible values per 1500-byte packet, or > > ~5 bits for BF, and 12 possible values (~4 bits) for AES-CBC. That is > > still less than the 8 b