(Moving the discussion to -ports.)
Am 31.07.2009 um 00:57 schrieb Matthias Andree:
Am 31.07.2009, 00:36 Uhr, schrieb Bjoern A. Zeeb <bzeeb-li...@lists.zabbadoz.net
>:
Yeah that is as great as we are or rather were.
So really, fix the openvpn scripts that assign the address to
interfaces to do something that would make sense from the ``man ip''
(not the literal command) point of view. Just that it's "working"
somewhere or used to work elswhere neither means that it was correct
nor made sense at any time before.
It's actually in the C code where it was advertised as FreeBSD fix.
OpenVPN runs in 'topology subnet' mode here, which is documented as
follows:
Use a subnet rather than a point-to-point topology by
configuring the tun interface with a local IP address and
subnet
mask, similar to the topology used in --dev tap and
ethernet
bridging mode. This mode allocates a single IP address per
con-
necting client [... MS-Windows stuff here ...]
When used on *nix, requires that the
tun driver supports an ifconfig(8) command which sets a
subnet
instead of a remote endpoint IP address.
I wonder if TUNSIFMODE (see tun(4)) is somehow needed and if so,
already done, and how the proper ifconfig call would look like in
this case. Stefan already uttered some ideas in that direction.
Here's a first draft at a patch for OpenVPN. With this, the tun
interface gets set to IFF_BROADCAST mode. One small piece is still
missing: OpenVPN tries to install a route for the subnet, but that
fails because now ifconfig has already inserted that route. I'll try
to look into that a bit later on. I also haven't tested the server
side yet, or any other mode.
r...@freebsd-current:/usr/ports/security/openvpn-devel# cat files/
patch-tun.c
--- tun.c.orig 2009-05-30 23:34:13.000000000 +0200
+++ tun.c 2009-07-31 14:22:31.000000000 +0200
@@ -863,11 +863,10 @@
else {
if (tt->topology == TOP_SUBNET)
argv_printf (&argv,
- "%s %s %s %s netmask %s mtu %d up",
+ "%s %s %s netmask %s mtu %d up",
IFCONFIG_PATH,
actual,
ifconfig_local,
- ifconfig_local,
ifconfig_remote_netmask,
tun_mtu
);
@@ -1745,14 +1744,15 @@
{
open_tun_generic (dev, dev_type, dev_node, ipv6, true, true, tt);
- if (tt->fd >= 0)
+ if (tt->fd >= 0 && tt->type == DEV_TYPE_TUN)
{
int i = 0;
- /* Disable extended modes */
+ i = tt->topology == TOP_SUBNET ? IFF_BROADCAST : IFF_POINTOPOINT;
+ i |= IFF_MULTICAST;
+ ioctl (tt->fd, TUNSIFMODE, &i);
+ i = 0;
ioctl (tt->fd, TUNSLMODE, &i);
- i = 1;
- ioctl (tt->fd, TUNSIFHEAD, &i);
}
}
Stefan
--
Stefan Bethke <s...@lassitu.de> Fon +49 151 14070811
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
