diff options
| author | Heiko Hund <heiko.hund@sophos.com> | 2012-07-11 14:16:50 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2012-07-19 21:37:54 +0200 |
| commit | af1bf85aee836f2b729c38990028c035b6c69152 (patch) | |
| tree | 88d0bce58fedade815ef121d2cc597e2df00f6e3 /doc | |
| parent | af417baa93f4ebcc545486cbd9635fbc602ba148 (diff) | |
| download | openvpn-af1bf85aee836f2b729c38990028c035b6c69152.tar.gz openvpn-af1bf85aee836f2b729c38990028c035b6c69152.tar.xz openvpn-af1bf85aee836f2b729c38990028c035b6c69152.zip | |
add option --management-query-proxy
Make openvpn query for proxy information through the
management interface. This allows GUIs to provide (automatically
detected) proxy information on a per connection basis.
This new option supersedes the undocumented --http-proxy-fallback
option and puts the responsibilty for HTTP proxy fallback handling
to the GUI caring for such.
Signed-off-by: Heiko Hund <heiko.hund@sophos.com>
Reviewed-by: James Yonan <james@openvpn.net>
Message-Id: 1342009010-9735-1-git-send-email-heiko.hund@sophos.com
URL: http://article.gmane.org/gmane.network.openvpn.devel/6841
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/management-notes.txt | 31 | ||||
| -rw-r--r-- | doc/openvpn.8 | 6 |
2 files changed, 37 insertions, 0 deletions
diff --git a/doc/management-notes.txt b/doc/management-notes.txt index 785eb88..a07a514 100644 --- a/doc/management-notes.txt +++ b/doc/management-notes.txt @@ -719,6 +719,37 @@ use this command: remote SKIP +COMMAND -- proxy (OpenVPN 2.3 or higher) +-------------------------------------------- + +Provide proxy server host/port and flags in response to a >PROXY +notification (client only). Requires that the --management-query-proxy +directive is used. + + proxy TYPE HOST PORT ["nct"] + +The "proxy" command must only be given in response to a >PROXY +notification. Use the "nct" flag if you only want to allow +non-cleartext auth with the proxy server. The following >PROXY +notification indicates that the client config file would ordinarily +connect to the first --remote configured, vpn.example.com using TCP: + + >PROXY:1,TCP,vpn.example.com + +Now, suppose we want to connect to the remote host using the proxy server +proxy.intranet port 8080 with secure authentication only, if required. +After receiving the above notification, use this command: + + proxy HTTP proxy.intranet 8080 nct + +You can also use the SOCKS keyword to pass a SOCKS server address, like: + + proxy SOCKS fe00::1 1080 + +To accept connecting to the host and port directly, use this command: + + proxy NONE + OUTPUT FORMAT ------------- diff --git a/doc/openvpn.8 b/doc/openvpn.8 index a821b5e..56be29e 100644 --- a/doc/openvpn.8 +++ b/doc/openvpn.8 @@ -2446,6 +2446,12 @@ for inputs which ordinarily would have been queried from the console. .\"********************************************************* .TP +.B \-\-management-query-proxy +Query management channel for proxy server information for a specific +.B \-\-remote +(client-only). +.\"********************************************************* +.TP .B \-\-management-query-remote Allow management interface to override .B \-\-remote |