summaryrefslogtreecommitdiffstats
path: root/src/openvpn
diff options
context:
space:
mode:
authorLev Stipakov <lstipakov@gmail.com>2015-10-15 14:39:42 +0300
committerDavid Sommerseth <davids@redhat.com>2015-10-15 16:54:02 +0200
commit5203d8094f38a9d23d983377171c11b1d3a82ad2 (patch)
tree88dffb7f8c611d50f3a39be09e17905c0dd205fd /src/openvpn
parentcba33989101175ac07434b9c5cceba116bf38127 (diff)
downloadopenvpn-5203d8094f38a9d23d983377171c11b1d3a82ad2.zip
openvpn-5203d8094f38a9d23d983377171c11b1d3a82ad2.tar.gz
openvpn-5203d8094f38a9d23d983377171c11b1d3a82ad2.tar.xz
Refine float loggingHEADmaster
v2: * Bump log level for attack attempt message * More clear message for float event v1: * Decrease log level for peer float message Signed-off-by: Lev Stipakov <lstipakov@gmail.com> Acked-by: Steffan Karger <steffan.karger@fox-it.com> Message-Id: 1444909182-11785-1-git-send-email-lstipakov@gmail.com URL: http://article.gmane.org/gmane.network.openvpn.devel/10276 Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'src/openvpn')
-rw-r--r--src/openvpn/mudp.c2
-rw-r--r--src/openvpn/multi.c2
2 files changed, 2 insertions, 2 deletions
diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c
index 3aed3a0..ce67206 100644
--- a/src/openvpn/mudp.c
+++ b/src/openvpn/mudp.c
@@ -79,7 +79,7 @@ multi_get_create_instance_udp (struct multi_context *m, bool *floated)
{
/* reset prefix, since here we are not sure peer is the one it claims to be */
ungenerate_prefix(mi);
- msg (D_MULTI_ERRORS, "Untrusted peer %" PRIu32 " wants to float to %s", peer_id,
+ msg (D_MULTI_MEDIUM, "Float requested for peer %" PRIu32 " to %s", peer_id,
mroute_addr_print (&real, &gc));
}
}
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index 05c36db..7c3aaac 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -2286,7 +2286,7 @@ void multi_process_float (struct multi_context* m, struct multi_instance* mi)
/* do not float if target address is taken by client with another cert */
if (!cert_hash_compare(m1->locked_cert_hash_set, m2->locked_cert_hash_set))
{
- msg (D_MULTI_MEDIUM, "Disallow float to an address taken by another client %s",
+ msg (D_MULTI_LOW, "Disallow float to an address taken by another client %s",
multi_instance_string (ex_mi, false, &gc));
mi->context.c2.buf.len = 0;