[prev in list] [next in list] [prev in thread] [next in thread]
List: openconnect-devel
Subject: Re: Tunnel UP, but no traffic
From: David Woodhouse <dwmw2 () infradead ! org>
Date: 2016-09-22 18:49:26
Message-ID: 1474570166.30494.60.camel () infradead ! org
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Thu, 2016-09-22 at 21:15 +0300, Ultimat wrote:
> Hello!
>
> I have a trouble with command line tool , details are here: https:/
> /github.com/openconnect/openconnect-gui/issues/132 .
> I think, this trouble is the same as this one: http://lists.infradea
> d.org/pipermail/openconnect-devel/2015-April/002936.html
>
> Can you help me with it or problem is in windows TAP driver?
Do you also have a netmask of 255.255.255.255? This is a limitation of
the Windows TAP driver... which I believe is down to a fundamental
limitation of the Windows network stack. It needs us to pretend to be
Ethernet and even fake doing ARP for the "router" on the subnet.
Perhaps we need to reduce the netmask to a /31 at least for the benefit
of the TAP driver? And maybe for the configuration given to
vpnc-scripts.js too?
Does this help?
diff --git a/tun-win32.c b/tun-win32.c
index a7f2258..b31713c 100644
--- a/tun-win32.c
+++ b/tun-win32.c
@@ -197,6 +197,10 @@ static intptr_t open_tun(struct openconnect_info *vpninfo, char *guid, char *nam
data[0] = inet_addr(vpninfo->ip_info.addr);
data[2] = inet_addr(vpninfo->ip_info.netmask);
data[1] = data[0] & data[2];
+ /* Because of the nasty way it fakes ARP, the Windows TAP
+ * driver really needs a netmask other than 255.255.255.255 */
+ if (data[2] == 0xffffffff)
+ data[2] = 0xfeffffff;
if (!DeviceIoControl(tun_fh, TAP_IOCTL_CONFIG_TUN,
data, sizeof(data), data, sizeof(data),
--
dwmw2
["smime.p7s" (application/x-pkcs7-signature)]
_______________________________________________
openconnect-devel mailing list
openconnect-devel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/openconnect-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic