Re: [Openvpn-users] Debian Jessie repository ?

2015-12-16 Thread Samuli Seppänen 

> Hi everyone,
>
> I'm sorry if this question was already asked, but I didn't find any answer.
>
> Why Jessie is not present in http://swupdate.openvpn.net/apt/ repository ?
>
> Is it planned to be supported ?

Hi,

I'm the one who builds the official Debian/Ubuntu packages for OpenVPN.

I intend to support Debian 8 eventually, but so far there hasn't been a 
pressing need for it, because the version in Debian's own repos is 
fairly recent, and the fixes introduced in the 2.3.x tree have not been 
in the "must have" category. That said, quite a lot of useful stuff has 
started to accumulate in recent 2.3.x releases, and building packages 
for Debian 8 starts to make sense.

I'll see if I could produce packages the upcoming Friday. I suspect I 
can just borrow the control files from Debian and do a rebuild.

Best regards,

-- 
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc

irc freenode net: mattock

--
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] OpenVPN 2.3.9 released

2015-12-16 Thread debbie10t 
I just want to check this is not an error of some sort:
https://forums.openvpn.net/topic20433.html#p56941

Note: 
Unpacking openvpn (2.3.9-debian0) over (2.3.2-7ubuntu3.1) ...

Debian over Ubuntu ?

I double checked my sources.list.d twice:
deb http://swupdate.openvpn.net/apt trusty main



--
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

[Openvpn-users] OpenVPN 2.3.9 released

2015-12-16 Thread Samuli Seppänen 
The OpenVPN community project team is proud to release OpenVPN 2.3.9. It 
can be downloaded from here:



This release includes many small improvements and fixes. The biggest 
change is the addition of --block-outside-dns option, which can be used 
to fix DNS leaks in Windows 8.1 and 10. There are also improvements to 
behavior during suspend/resume on Windows and integration with external 
service managers such as NSSM. Client-side part of server restart 
notification is also included. A full list of changes is available here:



For generic help use these support channels:

Official documentation: 

Wiki: 
Forums: 
User mailing list: 
User IRC channel: #openvpn at irc.freenode.net

Please report bugs and ask development questions here:

Bug tracker and wiki: 
Developer mailing list: 
Developer IRC channel: #openvpn-devel at irc.freenode.net (requires 
Freenode registration)

-- 
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc

irc freenode net: mattock

-- 
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc

irc freenode net: mattock

--
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] OpenVPN 2.3.9 released

2015-12-16 Thread Gert Doering 
Hi,

On Wed, Dec 16, 2015 at 03:12:52PM +0100, Ralf Hildebrandt wrote:
> * Samuli Seppänen :
> 
> > This release includes many small improvements and fixes. The biggest 
> > change is the addition of --block-outside-dns option, which can be used 
> > to fix DNS leaks in Windows 8.1 and 10. 
> 
> Where's the docs for that?

"man openvpn" has a bit 

.B \-\-block\-outside\-dns
Block DNS servers on other network adapters to prevent
DNS leaks. This option prevents any application from accessing
TCP or UDP port 53 except one inside the tunnel. It uses
Windows Filtering Platform (WFP) and works on Windows Vista or
later.

> What I need to know is:
> 
> * does it work on Win32 only (ignoring it on osx/linux is ok)

Yes.  But you need to either push it, or configure it as

  setenv opt block-outside-dns

which will make the "unrecognized option" bit a warning only, not a fatal
(when pushed, it's always warning-only)

Plus, it only works on Vista+, so on XP it will trigger an error (or warning,
same rules as for the option itself on Linux/Mac)

> * do I need to change the config on the client or can that be pushed from the 
> server?

Can be pushed.

It might need to be pushed along with "register-dns", or a configured --up-
script that does "ipconfig /registerdns" to make sure that Windows really
really understands that "hey, there is new nameservers, please USE THEM!!!"
- otherwise some testers reported DNS latencies in the first few minutes
of VPN usage.

(Lev, Valdikss, feel free to chime in and explain better)

gert
-- 
USENET is *not* the non-clickable part of WWW!
   //www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025g...@net.informatik.tu-muenchen.de


signature.asc
Description: PGP signature
--
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users