diff options
| author | Lev Stipakov <lstipakov@gmail.com> | 2015-10-15 14:39:42 +0300 |
|---|---|---|
| committer | David Sommerseth <davids@redhat.com> | 2015-10-15 16:54:02 +0200 |
| commit | 5203d8094f38a9d23d983377171c11b1d3a82ad2 (patch) | |
| tree | 88dffb7f8c611d50f3a39be09e17905c0dd205fd /src/openvpn | |
| parent | cba33989101175ac07434b9c5cceba116bf38127 (diff) | |
| download | openvpn-5203d8094f38a9d23d983377171c11b1d3a82ad2.tar.gz openvpn-5203d8094f38a9d23d983377171c11b1d3a82ad2.tar.xz openvpn-5203d8094f38a9d23d983377171c11b1d3a82ad2.zip | |
v2:
* Bump log level for attack attempt message
* More clear message for float event
v1:
* Decrease log level for peer float message
Signed-off-by: Lev Stipakov <lstipakov@gmail.com>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: 1444909182-11785-1-git-send-email-lstipakov@gmail.com
URL: http://article.gmane.org/gmane.network.openvpn.devel/10276
Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'src/openvpn')
| -rw-r--r-- | src/openvpn/mudp.c | 2 | ||||
| -rw-r--r-- | src/openvpn/multi.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c index 3aed3a0..ce67206 100644 --- a/src/openvpn/mudp.c +++ b/src/openvpn/mudp.c @@ -79,7 +79,7 @@ multi_get_create_instance_udp (struct multi_context *m, bool *floated) { /* reset prefix, since here we are not sure peer is the one it claims to be */ ungenerate_prefix(mi); - msg (D_MULTI_ERRORS, "Untrusted peer %" PRIu32 " wants to float to %s", peer_id, + msg (D_MULTI_MEDIUM, "Float requested for peer %" PRIu32 " to %s", peer_id, mroute_addr_print (&real, &gc)); } } diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 05c36db..7c3aaac 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -2286,7 +2286,7 @@ void multi_process_float (struct multi_context* m, struct multi_instance* mi) /* do not float if target address is taken by client with another cert */ if (!cert_hash_compare(m1->locked_cert_hash_set, m2->locked_cert_hash_set)) { - msg (D_MULTI_MEDIUM, "Disallow float to an address taken by another client %s", + msg (D_MULTI_LOW, "Disallow float to an address taken by another client %s", multi_instance_string (ex_mi, false, &gc)); mi->context.c2.buf.len = 0; |