On 15/11/2021 13:31, Gert Doering wrote:
Hi,
On Sat, Nov 13, 2021 at 09:05:19PM +, lejeczek via Openvpn-users wrote:
On Linux, OpenVPN does not modify the DNS servers itself (unlike Windows).
There's two ways to make it happen
- use Network Manager to run OpenVPN - it will parse the
On 13/11/2021 22:21, Gert Doering wrote:
Hi,
On Sat, Nov 13, 2021 at 09:11:03PM +, lejeczek via Openvpn-users wrote:
I wonder if that would be pipe wishes to think it should be
possible - to deny clients to clients and then work with
exception, exclusion where a given client(s) would be
Hi,
On Fri, Nov 19, 2021 at 01:52:20PM +, lejeczek via Openvpn-users wrote:
> > unset client-to-client in the openvpn config, make sure "a given client"
> > has a known IP address (ifconfig-push in ccd/), then do the filtering
> > by iptables on the linux side.
>
> How can it be determined wha
On 19/11/2021 13:57, Gert Doering wrote:
Hi,
On Fri, Nov 19, 2021 at 01:52:20PM +, lejeczek via Openvpn-users wrote:
unset client-to-client in the openvpn config, make sure "a given client"
has a known IP address (ifconfig-push in ccd/), then do the filtering
by iptables on the linux sid
Hi,
this might help:
https://community.openvpn.net/openvpn/wiki/HowPacketsFlow
https://community.openvpn.net/openvpn/wiki/AvoidRoutingConflicts
Pippin
Sent with ProtonMail Secure Email.
‐‐‐ Original Message ‐‐‐
Op vrijdag 19 november 2021 om 15:53 schreef lejeczek via Openvpn-use
client-to-client bypasses nftables entirely. With it enabled,
client-to-client packets are routed internally to openvpn via the
iroute table without ever being handed off to the kernel for
inspection, firewalling, routing, counting, capturing, mangling, or
anything else.
Without client-to-client,
On 19/11/2021 15:08, Joe Patterson wrote:
client-to-client bypasses nftables entirely. With it enabled,
client-to-client packets are routed internally to openvpn via the
iroute table without ever being handed off to the kernel for
inspection, firewalling, routing, counting, capturing, manglin
Hi,
On Fri, Nov 19, 2021 at 02:53:17PM +, lejeczek via Openvpn-users wrote:
> client-to-client works. I did disable it as per your
> suggestion to "unset" and am trying to work it out through
> rules which would allow.
> But similarly enabled 'client-to-client' also seems to
> escape my rul