diff options
| author | David Sommerseth <davids@redhat.com> | 2011-07-25 01:44:27 +0200 |
|---|---|---|
| committer | David Sommerseth <davids@redhat.com> | 2011-08-19 08:46:43 +0200 |
| commit | 576dc96ca1ef1badb651e05ac694f07c91e02518 (patch) | |
| tree | f1d71d43a93853a6d44f34e6e38238ada1a9eb8b /openvpn.8 | |
| parent | b7e0d372e3aeb07d129642473d274d7d590eea1a (diff) | |
| parent | 9a105405a32cd3d7c4abafdb91e85494687392e9 (diff) | |
| download | openvpn-576dc96ca1ef1badb651e05ac694f07c91e02518.tar.gz openvpn-576dc96ca1ef1badb651e05ac694f07c91e02518.tar.xz openvpn-576dc96ca1ef1badb651e05ac694f07c91e02518.zip | |
Merge remote branch SVN 2.1 into the git tree
Hopefully the last SVN merge we need to do, as these merges are getting
more and more difficult. Most of the files had minor changes, but due to
the CRLF unification patch (commit 6b2883a637fe73492) we got an increased
number of conflicts. In addition inclusion of IPv6 support makes the
creates a lot of merge issues in route.c and socket.c
This merge also reverts commit 7c18c6353904f8c6e7 which merged
add_bypass_address() into add_host_route_if_nonlocal(). However the SVN
tree began to use add_bypass_address() another place, where at first glance
it did not be appropriate to use add_host_route_if_nonlocal().
This merge has gone through a 'make check' without any errors, but have
not been tested more thoroughly yet.
Conflicts:
ChangeLog
INSTALL
INSTALL-win32.txt
Makefile.am
acinclude.m4
base64.c
buffer.c
buffer.h
common.h
configure.ac
contrib/pull-resolv-conf/client.down
contrib/pull-resolv-conf/client.up
crypto.c
cryptoapi.c
easy-rsa/2.0/Makefile
easy-rsa/2.0/README
easy-rsa/2.0/build-ca
easy-rsa/2.0/build-dh
easy-rsa/2.0/build-inter
easy-rsa/2.0/build-key
easy-rsa/2.0/build-key-pass
easy-rsa/2.0/build-key-pkcs12
easy-rsa/2.0/build-key-server
easy-rsa/2.0/build-req
easy-rsa/2.0/build-req-pass
easy-rsa/2.0/clean-all
easy-rsa/2.0/inherit-inter
easy-rsa/2.0/list-crl
easy-rsa/2.0/pkitool
easy-rsa/2.0/revoke-full
easy-rsa/2.0/sign-req
easy-rsa/2.0/vars
easy-rsa/2.0/whichopensslcnf
easy-rsa/Windows/build-ca-pass.bat
easy-rsa/Windows/build-key-pass.bat
easy-rsa/Windows/build-key-server-pass.bat
easy-rsa/Windows/init-config.bat
easy-rsa/Windows/vars.bat.sample
error.c
error.h
forward.c
helper.c
httpdigest.c
httpdigest.h
ieproxy.c
init.c
init.h
install-win32/Makefile.am
install-win32/makeopenvpn
install-win32/openssl/openssl097.patch
install-win32/openssl/openssl098.patch
install-win32/openvpn.nsi
list.c
list.h
manage.c
manage.h
management/management-notes.txt
mbuf.c
mbuf.h
misc.c
misc.h
mroute.c
mroute.h
msvc/autodefs.h.in
msvc/config.py
msvc/msvc.mak
mtcp.c
mudp.c
multi.c
multi.h
occ.c
openvpn-plugin.h
openvpn.8
openvpn.h
options.c
options.h
otime.c
otime.h
perf.c
pf.c
ping.c
pkcs11.c
plugin.c
plugin.h
plugin/auth-pam/README
plugin/auth-pam/auth-pam.c
pool.c
pool.h
proto.h
proxy.c
ps.c
push.c
reliable.c
route.c
route.h
sample-config-files/firewall.sh
sample-scripts/bridge-start
sample-scripts/bridge-stop
sample-scripts/openvpn.init
sample-scripts/verify-cn
schedule.c
schedule.h
service-win32/openvpnserv.c
sig.c
socket.c
socket.h
socks.c
socks.h
ssl.c
ssl.h
status.c
syshead.h
tap-win32/SOURCES.in
tap-win32/common.h
tap-win32/proto.h
tap-win32/tapdrvr.c
tap-win32/types.h
tun.c
tun.h
version.m4
win/autodefs.h.in
win/build.py
win/build_all.py
win/build_ddk.py
win/build_exe.py
win/config.py
win/config_all.py
win/config_tap.py
win/config_ti.py
win/js.py
win/make_dist.py
win/msvc.mak.in
win/settings.in
win/show.py
win/sign.py
win/tap_span.py
win/wb.py
win32.c
win32.h
Signed-off-by: David Sommerseth <davids@redhat.com>
Reviewed-by: Gert Doering <gert@greenie.muc.de>
Reviewed-by: James Yonan <james@openvpn.net>
Reviewed-by: Adriaan de Jong <dejong@fox-it.com>
Diffstat (limited to 'openvpn.8')
| -rw-r--r-- | openvpn.8 | 47 |
1 files changed, 39 insertions, 8 deletions
@@ -1114,8 +1114,8 @@ addresses in packets. .\"********************************************************* .TP .B \-\-redirect-gateway flags... -(Experimental) Automatically execute routing commands to cause all outgoing IP traffic -to be redirected over the VPN. +Automatically execute routing commands to cause all outgoing IP traffic +to be redirected over the VPN. This is a client-side option. This option performs three steps: @@ -1154,6 +1154,11 @@ flag will cause step .B 1 above to be omitted. +.B autolocal \-\- +Try to automatically determine whether to enable +.B local +flag above. + .B def1 \-\- Use this flag to override the default gateway by using 0.0.0.0/1 and 128.0.0.0/1 @@ -1172,12 +1177,10 @@ bypasses the tunnel (Available on Windows clients, may not be available on non-Windows clients). -Using the def1 flag is highly recommended. -.\"********************************************************* -.TP -.B \-\-redirect-private [flags] -Like \-\-redirect-gateway, but omit actually changing the default -gateway. Useful when pushing private subnets. +.B block-local \-\- +Block access to local LAN when the tunnel is active, except for +the LAN gateway itself. This is accomplished by routing the local +LAN (except for the LAN gateway address) into the tunnel. .\"********************************************************* .TP .B \-\-link-mtu n @@ -1185,6 +1188,12 @@ Sets an upper bound on the size of UDP packets which are sent between OpenVPN peers. It's best not to set this parameter unless you know what you're doing. .\"********************************************************* +.\"********************************************************* +.TP +.B \-\-redirect-private [flags] +Like \-\-redirect-gateway, but omit actually changing the default +gateway. Useful when pushing private subnets. +.\"********************************************************* .TP .B \-\-tun-mtu n Take the TUN device MTU to be @@ -2406,6 +2415,12 @@ for inputs which ordinarily would have been queried from the console. .\"********************************************************* .TP +.B \-\-management-query-remote +Allow management interface to override +.B \-\-remote +directives (client-only). +.\"********************************************************* +.TP .B \-\-management-forget-disconnect Make OpenVPN forget passwords when management session disconnects. @@ -3425,6 +3440,21 @@ Note that while this option cannot be pushed, it can be controlled from the management interface. .\"********************************************************* .TP +.B \-\-static\-challenge t e +Enable static challenge/response protocol using challenge text +.B t, +with +echo flag given by +.B e +(0|1). + +The echo flag indicates whether or not the user's response +to the challenge should be echoed. + +See management\-notes.txt in the OpenVPN distribution for a +description of the OpenVPN challenge/response protocol. +.\"********************************************************* +.TP .B \-\-server-poll-timeout n when polling possible remote servers to connect to in a round-robin fashion, spend no more than @@ -5532,6 +5562,7 @@ script being run. It can be one of the following: .B client-connect, client-disconnect, or .B learn-address. +Set prior to execution of any script. .\"********************************************************* .TP .B signal |