diff options
author | James Yonan <james@openvpn.net> | 2011-06-12 01:14:36 +0000 |
---|---|---|
committer | James Yonan <james@openvpn.net> | 2011-06-12 01:14:36 +0000 |
commit | 7fb0e07ec3f7c5f6514523085dbe02ea6b8933e2 (patch) | |
tree | de7e157cc9c513a1870ae9bce16b04fd908e9295 /options.c | |
parent | 759873034018f597e52dfbbfe91ff9d20530ea91 (diff) | |
download | openvpn-7fb0e07ec3f7c5f6514523085dbe02ea6b8933e2.tar.gz openvpn-7fb0e07ec3f7c5f6514523085dbe02ea6b8933e2.tar.xz openvpn-7fb0e07ec3f7c5f6514523085dbe02ea6b8933e2.zip |
Added redirect-gateway block-local flag, with support for
Linux, Mac OS X, and Linux. This flag (which is pushable
from server) blocks client access to local LAN while VPN
session is active.
Added standalone --show-gateway option to show info about
default gateway.
Extensively refactored get_default_gateway function in
route.c to ease implementation of block-local.
Removed "Experimental" disclaimer from redirect-gateway
man page.
Version 2.1.3y.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7334 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'options.c')
-rw-r--r-- | options.c | 13 |
1 files changed, 13 insertions, 0 deletions
@@ -670,6 +670,9 @@ static const char usage_message[] = "--show-pkcs11-ids provider [cert_private] : Show PKCS#11 available ids.\n" " --verb option can be added *BEFORE* this.\n" #endif /* ENABLE_PKCS11 */ + "\n" + "General Standalone Options:\n" + "--show-gateway : Show info about default gateway.\n" ; #endif /* !ENABLE_SMALL */ @@ -3611,6 +3614,14 @@ add_option (struct options *options, read_config_file (options, p[1], level, file, line, msglevel, permission_mask, option_types_found, es); } + else if (streq (p[0], "show-gateway")) + { + struct route_gateway_info rgi; + VERIFY_PERMISSION (OPT_P_GENERAL); + get_default_gateway(&rgi); + print_default_gateway(M_INFO, &rgi); + openvpn_exit (OPENVPN_EXIT_STATUS_GOOD); /* exit point */ + } #if 0 else if (streq (p[0], "foreign-option") && p[1]) { @@ -4768,6 +4779,8 @@ add_option (struct options *options, options->routes->flags |= RG_BYPASS_DHCP; else if (streq (p[j], "bypass-dns")) options->routes->flags |= RG_BYPASS_DNS; + else if (streq (p[j], "block-local")) + options->routes->flags |= RG_BLOCK_LOCAL; else { msg (msglevel, "unknown --%s flag: %s", p[0], p[j]); |