diff options
| -rw-r--r-- | forward.c | 5 | ||||
| -rw-r--r-- | openvpn.8 | 20 | ||||
| -rw-r--r-- | ping.c | 2 |
3 files changed, 20 insertions, 7 deletions
@@ -1168,8 +1168,9 @@ process_outgoing_link (struct context *c) size); } - /* indicate activity regarding --inactive parameter */ - register_activity (c, size); + /* if not a ping/control message, indicate activity regarding --inactive parameter */ + if (c->c2.buf.len > 0 ) + register_activity (c, size); } else { @@ -1366,15 +1366,25 @@ to be between 100 bytes/sec and 100 Mbytes/sec. .B \-\-inactive n [bytes] Causes OpenVPN to exit after .B n -seconds of inactivity on the TUN/TAP device. The time length -of inactivity is measured since the last incoming tunnel packet. +seconds of inactivity on the TUN/TAP device. The time length of +inactivity is measured since the last incoming or outgoing tunnel +packet. If the optional .B bytes parameter is included, -exit after n seconds of activity on tun/tap device -produces a combined in/out byte count that is less than -.B bytes. +exit if less than +.B bytes +of combined in/out traffic are produced on the tun/tap device +in +.B n +seconds. + +In any case, OpenVPN's internal ping packets (which are just +keepalives) and TLS control packets are not considered +"activity", nor are they counted as traffic, as they are used +internally by OpenVPN and are not an indication of actual user +activity. .\"********************************************************* .TP .B \-\-ping n @@ -86,5 +86,7 @@ check_ping_send_dowork (struct context *c) * encrypt, sign, etc. */ encrypt_sign (c, true); + /* Set length to 0, so it won't be counted as activity */ + c->c2.buf.len = 0; dmsg (D_PING, "SENT PING"); } |