[Openvpn-devel] [XS] Change in openvpn[master]: redirect-gateway: only redirect traffic through TUN if address famili...
Attention is currently required from: flichtenheld, mrbff, plaisthos.
Hello cron2, flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email
to look at the new patch set (#4).
Change subject: redirect-gateway: only redirect traffic through TUN if address
families match
..
redirect-gateway: only redirect traffic through TUN if address families match
Adds a check in do_init_route_ipv6_list() to add default routes toward the TUN
only if the TUN has IPv6 addresses.
Github: fixes OpenVPN/openvpn#850
github.com/OpenVPN/openvpn/issues/850
Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c
---
M src/openvpn/init.c
1 file changed, 1 insertion(+), 1 deletion(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/10/1210/4
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index f8a0fee..aaa0573 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -1523,7 +1523,7 @@
/* redirect (IPv6) gateway to VPN? if yes, add a few more specifics
*/
-if (options->routes_ipv6->flags & RG_REROUTE_GW)
+if (options->routes_ipv6->flags & RG_REROUTE_GW &&
options->ifconfig_ipv6_local)
{
char *opt_list[] = { "::/3", "2000::/4", "3000::/4", "fc00::/7", NULL
};
int i;
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings?usp=email
Gerrit-MessageType: newpatchset
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c
Gerrit-Change-Number: 1210
Gerrit-PatchSet: 4
Gerrit-Owner: mrbff
Gerrit-Reviewer: cron2
Gerrit-Reviewer: flichtenheld
Gerrit-Reviewer: plaisthos
Gerrit-CC: openvpn-devel
Gerrit-Attention: plaisthos
Gerrit-Attention: flichtenheld
Gerrit-Attention: mrbff
___
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: redirect-gateway: Only redirect traffic through TUN if address famili...
Attention is currently required from: flichtenheld, mrbff, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email ) Change subject: redirect-gateway: Only redirect traffic through TUN if address families match .. Patch Set 1: (1 comment) Patchset: PS1: > No push-reply is correct, but actually is for push-update too. […] Can you link to an issue having a full log showing what happens and why this is a problem? I need to test this before merging, so need to know what to look for. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c Gerrit-Change-Number: 1210 Gerrit-PatchSet: 1 Gerrit-Owner: mrbff Gerrit-Reviewer: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: cron2 Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: flichtenheld Gerrit-Attention: mrbff Gerrit-Comment-Date: Wed, 24 Sep 2025 10:11:40 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: cron2 Comment-In-Reply-To: mrbff Gerrit-MessageType: comment ___ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: redirect-gateway: only redirect traffic through TUN if address famili...
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email ) Change subject: redirect-gateway: only redirect traffic through TUN if address families match .. redirect-gateway: only redirect traffic through TUN if address families match Adds a check in do_init_route_ipv6_list() to add default routes toward the TUN only if the TUN has IPv6 addresses. Github: fixes OpenVPN/openvpn#850 Github: see also OpenVPN/openvpn#863 Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c Signed-off-by: mrbff Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1210 Message-Id: <[email protected]> URL: https://sourceforge.net/p/openvpn/mailman/message/59245295/ Signed-off-by: Gert Doering --- M src/openvpn/init.c 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/openvpn/init.c b/src/openvpn/init.c index f8a0fee..aaa0573 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -1523,7 +1523,7 @@ /* redirect (IPv6) gateway to VPN? if yes, add a few more specifics */ -if (options->routes_ipv6->flags & RG_REROUTE_GW) +if (options->routes_ipv6->flags & RG_REROUTE_GW && options->ifconfig_ipv6_local) { char *opt_list[] = { "::/3", "2000::/4", "3000::/4", "fc00::/7", NULL }; int i; -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings?usp=email Gerrit-MessageType: merged Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c Gerrit-Change-Number: 1210 Gerrit-PatchSet: 5 Gerrit-Owner: mrbff Gerrit-Reviewer: cron2 Gerrit-Reviewer: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel ___ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: redirect-gateway: Only redirect traffic through TUN if address famili...
Attention is currently required from: flichtenheld, mrbff, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email ) Change subject: redirect-gateway: Only redirect traffic through TUN if address families match .. Patch Set 1: (1 comment) Patchset: PS1: Is this about `push-reply`, as the commit message says, or about `PUSH_UPDATE`, as the code suggests? -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c Gerrit-Change-Number: 1210 Gerrit-PatchSet: 1 Gerrit-Owner: mrbff Gerrit-Reviewer: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: cron2 Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: flichtenheld Gerrit-Attention: mrbff Gerrit-Comment-Date: Wed, 24 Sep 2025 09:55:56 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Gerrit-MessageType: comment ___ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: redirect-gateway: only redirect traffic through TUN if address famili...
Attention is currently required from: flichtenheld, mrbff, plaisthos. cron2 has posted comments on this change by mrbff. ( http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email ) Change subject: redirect-gateway: only redirect traffic through TUN if address families match .. Patch Set 4: Code-Review+2 (1 comment) Patchset: PS4: This has become nicely small :-) I still think it's not the fully correct fix (if we have a "stale" redirect-gateway ipv6, we should fix that at config saving/restoral, and not just ignore it later on). But for beta3, we can move ahead, and in the new GH issue we can then revert it if we conclude that we want to. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings?usp=email Gerrit-MessageType: comment Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c Gerrit-Change-Number: 1210 Gerrit-PatchSet: 4 Gerrit-Owner: mrbff Gerrit-Reviewer: cron2 Gerrit-Reviewer: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: flichtenheld Gerrit-Attention: mrbff Gerrit-Comment-Date: Sat, 11 Oct 2025 11:12:31 + Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes ___ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: redirect-gateway: Only redirect traffic through TUN if address famili...
Attention is currently required from: cron2, flichtenheld, plaisthos. mrbff has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email ) Change subject: redirect-gateway: Only redirect traffic through TUN if address families match .. Patch Set 1: (1 comment) Patchset: PS1: > Is this about `push-reply`, as the commit message says, or about > `PUSH_UPDATE`, as the code suggests […] No push-reply is correct, but actually is for push-update too. The bug can be triggered just adding a sequence of remote-ipv4 and remote-ipv6, so if server disconnect, the connection is switched to the next remote and if the family is not the same it can creates some problems. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c Gerrit-Change-Number: 1210 Gerrit-PatchSet: 1 Gerrit-Owner: mrbff Gerrit-Reviewer: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: cron2 Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: cron2 Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Wed, 24 Sep 2025 10:10:15 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: cron2 Gerrit-MessageType: comment ___ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: redirect-gateway: only redirect traffic through TUN if address famili...
cron2 has uploaded a new patch set (#5) to the change originally created by mrbff. ( http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by cron2 Change subject: redirect-gateway: only redirect traffic through TUN if address families match .. redirect-gateway: only redirect traffic through TUN if address families match Adds a check in do_init_route_ipv6_list() to add default routes toward the TUN only if the TUN has IPv6 addresses. Github: fixes OpenVPN/openvpn#850 Github: see also OpenVPN/openvpn#863 Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c Signed-off-by: mrbff Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1210 Message-Id: <[email protected]> URL: https://sourceforge.net/p/openvpn/mailman/message/59245295/ Signed-off-by: Gert Doering --- M src/openvpn/init.c 1 file changed, 1 insertion(+), 1 deletion(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/10/1210/5 diff --git a/src/openvpn/init.c b/src/openvpn/init.c index f8a0fee..aaa0573 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -1523,7 +1523,7 @@ /* redirect (IPv6) gateway to VPN? if yes, add a few more specifics */ -if (options->routes_ipv6->flags & RG_REROUTE_GW) +if (options->routes_ipv6->flags & RG_REROUTE_GW && options->ifconfig_ipv6_local) { char *opt_list[] = { "::/3", "2000::/4", "3000::/4", "fc00::/7", NULL }; int i; -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings?usp=email Gerrit-MessageType: newpatchset Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c Gerrit-Change-Number: 1210 Gerrit-PatchSet: 5 Gerrit-Owner: mrbff Gerrit-Reviewer: cron2 Gerrit-Reviewer: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel ___ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: redirect-gateway: only redirect traffic through TUN if address famili...
Attention is currently required from: cron2, flichtenheld, plaisthos. mrbff has posted comments on this change by mrbff. ( http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email ) Change subject: redirect-gateway: only redirect traffic through TUN if address families match .. Patch Set 4: (1 comment) Patchset: PS1: > please do also link to the issue in the commit message (`Github: fixes > OpenVPN/openvpn#850`) Done -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings?usp=email Gerrit-MessageType: comment Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c Gerrit-Change-Number: 1210 Gerrit-PatchSet: 4 Gerrit-Owner: mrbff Gerrit-Reviewer: cron2 Gerrit-Reviewer: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: cron2 Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Fri, 10 Oct 2025 15:50:09 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: cron2 Comment-In-Reply-To: mrbff ___ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: redirect-gateway: Only redirect traffic through TUN if address famili...
Attention is currently required from: cron2, flichtenheld, plaisthos. mrbff has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email ) Change subject: redirect-gateway: Only redirect traffic through TUN if address families match .. Patch Set 1: (1 comment) Patchset: PS1: > Can you link to an issue having a full log showing what happens and why this > is a problem? I need t […] https://github.com/OpenVPN/openvpn/issues/850 Issue opened, hope it's clear enough. Anyway you can just watch the test logs provided in the issue. If you want to easily test by yourself i also provided some scripts i used. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c Gerrit-Change-Number: 1210 Gerrit-PatchSet: 1 Gerrit-Owner: mrbff Gerrit-Reviewer: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: cron2 Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: cron2 Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Thu, 25 Sep 2025 13:07:24 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: cron2 Comment-In-Reply-To: mrbff Gerrit-MessageType: comment ___ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: redirect-gateway: Only redirect traffic through TUN if address famili...
Attention is currently required from: flichtenheld, plaisthos.
Hello plaisthos, flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email
to review the following change.
Change subject: redirect-gateway: Only redirect traffic through TUN if address
families match
..
redirect-gateway: Only redirect traffic through TUN if address families match
Fixes an ifconfig push-reply bug where, if the remote is switched and the new
TUN has a different address family, the previous ifconfig options remain
assigned to the new TUN.
Adds a check in do_init_route_ipv6_list() to add default routes toward the TUN
only if the TUN has IPv6 addresses.
Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c
---
M src/openvpn/init.c
M src/openvpn/options.c
2 files changed, 6 insertions(+), 1 deletion(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/10/1210/1
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 0d7a2ec..a5be243 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -1518,7 +1518,7 @@
/* redirect (IPv6) gateway to VPN? if yes, add a few more specifics
*/
-if (options->routes_ipv6->flags & RG_REROUTE_GW)
+if (options->routes_ipv6->flags & RG_REROUTE_GW &&
options->ifconfig_ipv6_local)
{
char *opt_list[] = { "::/3", "2000::/4", "3000::/4", "fc00::/7", NULL
};
int i;
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 151a016..5972cb9 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -5464,6 +5464,11 @@
const msglvl_t msglevel = D_PUSH_ERRORS | M_OPTERR;
unsigned int update_options_found = 0;
+options->ifconfig_local = NULL;
+options->ifconfig_remote_netmask = NULL;
+options->ifconfig_ipv6_local = NULL;
+options->ifconfig_ipv6_netbits = 0;
+options->ifconfig_ipv6_remote = NULL;
while (buf_parse(buf, ',', line, sizeof(line)))
{
char *p[MAX_PARMS + 1];
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1210?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c
Gerrit-Change-Number: 1210
Gerrit-PatchSet: 1
Gerrit-Owner: mrbff
Gerrit-Reviewer: flichtenheld
Gerrit-Reviewer: plaisthos
Gerrit-CC: openvpn-devel
Gerrit-Attention: plaisthos
Gerrit-Attention: flichtenheld
Gerrit-MessageType: newchange
___
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
