Added additional warnings to flag common gotchas:

* Warn when ethernet bridging that the IP address of the
  bridge adapter is probably not the same address that
  the LAN adapter was set to previously.

* When running as a server, warn if the LAN network address is
  the all-popular 192.168.[0|1].x, since this condition commonly
  leads to subnet conflicts down the road.

* Primarily on the client, check for subnet conflicts between
  the local LAN and the VPN subnet.

Added a 'netmask' parameter to get_default_gateway, to return
the netmask of the adapter containing the default gateway.
Only implemented on Windows so far.  Other platforms will
return 255.255.255.0.  Currently the netmask information is
only used to warn about subnet conflicts.


git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3179 e7ae566f-a301-0410-adde-c780ea21d3b5

1 files changed, 5 insertions, 0 deletions

diff --git a/init.c b/init.c
index 4b84b9e..5bd8cf6 100644
--- a/init.c
+++ b/init.c
@@ -1957,6 +1957,9 @@ do_option_warnings (struct context *c)
     msg (M_WARN, "WARNING: using --pull/--client and --ifconfig together is probably not what you want");
 
 #if P2MP_SERVER
+  if (o->server_bridge_defined | o->server_bridge_proxy_dhcp)
+    msg (M_WARN, "NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to");
+
   if (o->mode == MODE_SERVER)
     {
       if (o->duplicate_cn && o->client_config_dir)
@@ -1976,6 +1979,8 @@ do_option_warnings (struct context *c)
     msg (M_WARN, "WARNING: You have disabled Crypto IVs (--no-iv) which may make " PACKAGE_NAME " less secure");
 
 #ifdef USE_SSL
+  if (o->tls_server)
+    warn_on_use_of_common_subnets ();
   if (o->tls_client
       && !o->tls_verify
       && !o->tls_remote