On 12-02-21 05:41 AM, Alberto Gonzalez Iniesta wrote: > On Mon, Jan 30, 2012 at 12:13:35PM -0500, Simon Deziel wrote: >> Tag: patch >> >> Here is an improved patch that only touches the proc files associated >> with the tun device after the daemon was launched as the tun can be >> dynamically created. > > Hi Simon,
Hi Alberto, > Thanks for the patch. I was reviewing it when a couple of questions > arose: Thanks for the review. > What happens if the .conf contains "dev tun" instead of "dev tunX"? Hmm, that would fail to find the dynamically allocated tun device number. I'm not sure how to handle this (probably frequent) use case. Maybe I could disable ICMP redirects on the tun that was created last based on proc file timestamps of all tun devices ? Do you have a better idea ? >> + TUN_DEVNAME=$(sed -n 's/^[[:space:]]*dev[[:space:]]*\(tun.*\)$/\1/p' >> $CONFIG_DIR/$NAME.conf) >> + echo 0 > /proc/sys/net/ipv4/conf/$TUN_DEVNAME/send_redirects > It looks like that echo would fail since > /proc/sys/net/ipv4/conf/tun/send_redirects does not exist. This was indeed the problem in my first patch submission. The new version of the patch in message #15 moved that block after the daemon invocation. > Is this line really necessary?? >> + echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects Yes that is required, even if that sounds odd to me too. Thanks for the feedback and your work on OpenVPN. Simon -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
