1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-22 17:39:53 +03:00

Cedar/Proto_OpenVPN: Make timeout and ping transmission interval configurable

Also, the default timeout value is set to 30000 (milliseconds) instead of 10000.

The change is made because it was reported that some routers failed to connect in time.
This commit is contained in:
Davide Beatrici 2021-04-21 08:29:30 +02:00
parent 4b05de1a93
commit 2aaf9012a0
9 changed files with 31 additions and 8 deletions

View File

@ -57,8 +57,10 @@ const PROTO_OPTION *OvsOptions()
{ {
{ .Name = "DefaultClientOption", .Type = PROTO_OPTION_STRING, .String = "dev-type tun,link-mtu 1500,tun-mtu 1500,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client" }, { .Name = "DefaultClientOption", .Type = PROTO_OPTION_STRING, .String = "dev-type tun,link-mtu 1500,tun-mtu 1500,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client" },
{ .Name = "Obfuscation", .Type = PROTO_OPTION_BOOL, .Bool = false }, { .Name = "Obfuscation", .Type = PROTO_OPTION_BOOL, .Bool = false },
{ .Name = "ObfuscationMask", .Type = PROTO_OPTION_STRING, .String = ""}, { .Name = "ObfuscationMask", .Type = PROTO_OPTION_STRING, .String = "" },
{ .Name = "PingSendInterval", .Type = PROTO_OPTION_UINT32, .UInt32 = 3000 },
{ .Name = "PushDummyIPv4AddressOnL2Mode", .Type = PROTO_OPTION_BOOL, .Bool = true }, { .Name = "PushDummyIPv4AddressOnL2Mode", .Type = PROTO_OPTION_BOOL, .Bool = true },
{ .Name = "Timeout", .Type = PROTO_OPTION_UINT32, .UInt32 = 30000 },
{ .Name = NULL, .Type = PROTO_OPTION_UNKNOWN } { .Name = NULL, .Type = PROTO_OPTION_UNKNOWN }
}; };
@ -2344,8 +2346,8 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
// Return the PUSH_REPLY // Return the PUSH_REPLY
Format(option_str, sizeof(option_str), Format(option_str, sizeof(option_str),
"PUSH_REPLY,ping %u,ping-restart %u", "PUSH_REPLY,ping %u,ping-restart %u",
(OPENVPN_PING_SEND_INTERVAL / 1000), s->PingSendInterval / 1000,
(OPENVPN_RECV_TIMEOUT / 1000)); s->Timeout / 1000);
if (se->Mode == OPENVPN_MODE_L3) if (se->Mode == OPENVPN_MODE_L3)
{ {
@ -2752,11 +2754,10 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
{ {
if ((se->NextPingSendTick == 0) || (se->NextPingSendTick <= s->Now)) if ((se->NextPingSendTick == 0) || (se->NextPingSendTick <= s->Now))
{ {
se->NextPingSendTick = s->Now + (UINT64)(OPENVPN_PING_SEND_INTERVAL); se->NextPingSendTick = s->Now + s->PingSendInterval;
OvsSendDataPacket(latest_channel, latest_channel->KeyId, ++latest_channel->LastDataPacketId, OvsSendDataPacket(latest_channel, latest_channel->KeyId, ++latest_channel->LastDataPacketId,
ping_signature, sizeof(ping_signature)); ping_signature, sizeof(ping_signature));
//Debug(".");
AddInterrupt(s->Interrupt, se->NextPingSendTick); AddInterrupt(s->Interrupt, se->NextPingSendTick);
} }
@ -2767,7 +2768,7 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list, UINT protocol)
is_disconnected = true; is_disconnected = true;
} }
if (se->Established && (s->Now >= (se->LastCommTick + (UINT64)OPENVPN_RECV_TIMEOUT))) if (se->Established && (s->Now >= (se->LastCommTick + s->Timeout)))
{ {
is_disconnected = true; is_disconnected = true;
} }
@ -2977,10 +2978,18 @@ OPENVPN_SERVER *NewOpenVpnServer(const LIST *options, CEDAR *cedar, INTERRUPT_MA
{ {
s->ObfuscationMask = CopyStr(option->String); s->ObfuscationMask = CopyStr(option->String);
} }
else if (StrCmp(option->Name, "PingSendInterval") == 0)
{
s->PingSendInterval = option->UInt32;
}
else if (StrCmp(option->Name, "PushDummyIPv4AddressOnL2Mode") == 0) else if (StrCmp(option->Name, "PushDummyIPv4AddressOnL2Mode") == 0)
{ {
s->PushDummyIPv4AddressOnL2Mode = option->Bool; s->PushDummyIPv4AddressOnL2Mode = option->Bool;
} }
else if (StrCmp(option->Name, "Timeout") == 0)
{
s->Timeout = option->UInt32;
}
} }
s->Cedar = cedar; s->Cedar = cedar;

View File

@ -26,8 +26,6 @@
#define OPENVPN_TMP_BUFFER_SIZE (65536 + 256) // Temporary buffer size #define OPENVPN_TMP_BUFFER_SIZE (65536 + 256) // Temporary buffer size
#define OPENVPN_PING_SEND_INTERVAL 3000 // Transmission interval of Ping
#define OPENVPN_RECV_TIMEOUT 10000 // Communication time-out
#define OPENVPN_NEW_SESSION_DEADLINE_TIMEOUT 30000 // Grace time to complete new VPN session connection since it was created #define OPENVPN_NEW_SESSION_DEADLINE_TIMEOUT 30000 // Grace time to complete new VPN session connection since it was created
#define OPENVPN_MAX_PACKET_ID_FOR_TRIGGER_REKEY 0xFF000000 // Packet ID that is a trigger to start the re-key #define OPENVPN_MAX_PACKET_ID_FOR_TRIGGER_REKEY 0xFF000000 // Packet ID that is a trigger to start the re-key
@ -207,7 +205,9 @@ struct OPENVPN_SERVER
char *DefaultClientOption; // Default option string to push to client char *DefaultClientOption; // Default option string to push to client
bool Obfuscation; // Obfuscation enabled/disabled bool Obfuscation; // Obfuscation enabled/disabled
char *ObfuscationMask; // String (mask) for XOR obfuscation char *ObfuscationMask; // String (mask) for XOR obfuscation
UINT PingSendInterval; // Ping transmission interval
bool PushDummyIPv4AddressOnL2Mode; // Push a dummy IPv4 address in L2 mode bool PushDummyIPv4AddressOnL2Mode; // Push a dummy IPv4 address in L2 mode
UINT Timeout; // Communication timeout
}; };
//// Function prototype //// Function prototype

View File

@ -4626,7 +4626,9 @@ CMD_ProtoOptionsGet_Column_Description Description
CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect. CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect.
CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods! CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods!
CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes). CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes).
CMD_ProtoOptions_Description_OpenVPN_PingSendInterval Interval in milliseconds between each ping packet transmission.
CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP. CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP.
CMD_ProtoOptions_Description_OpenVPN_Timeout Time in milliseconds after which the session is forcifully interrupted if no packets are received from the client in the meantime.
# ServerPasswordSet 命令 # ServerPasswordSet 命令

View File

@ -4608,7 +4608,9 @@ CMD_ProtoOptionsGet_Column_Description Description
CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect. CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect.
CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods! CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods!
CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes). CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes).
CMD_ProtoOptions_Description_OpenVPN_PingSendInterval Interval in milliseconds between each ping packet transmission.
CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP. CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP.
CMD_ProtoOptions_Description_OpenVPN_Timeout Time in milliseconds after which the session is forcifully interrupted if no packets are received from the client in the meantime.
# ServerPasswordSet command # ServerPasswordSet command
CMD_ServerPasswordSet Set VPN Server Administrator Password CMD_ServerPasswordSet Set VPN Server Administrator Password

View File

@ -4612,7 +4612,9 @@ CMD_ProtoOptionsGet_Column_Description 説明
CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption OpenVPN の OCC codeRT 版以外の場合は、OpenVPN はサーバーに対してオプション文字列を送信しません。OpenVPN サーバーのオリジナル版は、オプションを固定で指定する仕組みになっているため、その場合でも動作します。一方、SoftEther VPN は、様々なオプションを動的に設定することができる機能を有しております。そこで、このオプションを使用することにより、OCC code なしでビルドされた OpenVPN に対してデフォルトの静的オプション文字列を送付することができるようになります。これにより、OCC code なしでビルドされた OpenVPN からの接続が成功するようになります。 CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption OpenVPN の OCC codeRT 版以外の場合は、OpenVPN はサーバーに対してオプション文字列を送信しません。OpenVPN サーバーのオリジナル版は、オプションを固定で指定する仕組みになっているため、その場合でも動作します。一方、SoftEther VPN は、様々なオプションを動的に設定することができる機能を有しております。そこで、このオプションを使用することにより、OCC code なしでビルドされた OpenVPN に対してデフォルトの静的オプション文字列を送付することができるようになります。これにより、OCC code なしでビルドされた OpenVPN からの接続が成功するようになります。
CMD_ProtoOptions_Description_OpenVPN_Obfuscation OpenVPN クライアントが検閲用ファイアウォールを回避するための難読化コードを設定します。クライアント側とサーバー側では、同一の XOR マスクを設定する必要があります。コードが異なると、接続ができません。 CMD_ProtoOptions_Description_OpenVPN_Obfuscation OpenVPN クライアントが検閲用ファイアウォールを回避するための難読化コードを設定します。クライアント側とサーバー側では、同一の XOR マスクを設定する必要があります。コードが異なると、接続ができません。
CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask パケットで使用される XOR マスクを指定します。OpenVPN クライアントが検閲用ファイアウォールを回避するための難読化コードとして使用されます。 CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask パケットで使用される XOR マスクを指定します。OpenVPN クライアントが検閲用ファイアウォールを回避するための難読化コードとして使用されます。
CMD_ProtoOptions_Description_OpenVPN_PingSendInterval Interval in milliseconds between each ping packet transmission.
CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode Linux における特定の状況下では manifests に不具合があります。この不具合により、OpenVPN クライアントは TAP デバイスが UP 状態であるにもかかわらず、切断状態となります。このオプションを使用することにより、VPN サーバーは、ダミーの IPv4 アドレス (RFC7600 で規定) をクライアントに対してプッシュ送信することができるようになります。これにより、TAP アダプタが常に UP 状態になります。 CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode Linux における特定の状況下では manifests に不具合があります。この不具合により、OpenVPN クライアントは TAP デバイスが UP 状態であるにもかかわらず、切断状態となります。このオプションを使用することにより、VPN サーバーは、ダミーの IPv4 アドレス (RFC7600 で規定) をクライアントに対してプッシュ送信することができるようになります。これにより、TAP アダプタが常に UP 状態になります。
CMD_ProtoOptions_Description_OpenVPN_Timeout Time in milliseconds after which the session is forcifully interrupted if no packets are received from the client in the meantime.
# ServerPasswordSet コマンド # ServerPasswordSet コマンド

View File

@ -4589,7 +4589,9 @@ CMD_ProtoOptionsGet_Column_Description Description
CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect. CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect.
CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods! CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods!
CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes). CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes).
CMD_ProtoOptions_Description_OpenVPN_PingSendInterval Interval in milliseconds between each ping packet transmission.
CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP. CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP.
CMD_ProtoOptions_Description_OpenVPN_Timeout Time in milliseconds after which the session is forcifully interrupted if no packets are received from the client in the meantime.
# ServerPasswordSet 명령 # ServerPasswordSet 명령

View File

@ -4329,7 +4329,9 @@ CMD_ProtoOptionsGet_Column_Description Description
CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect. CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect.
CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods! CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods!
CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes). CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes).
CMD_ProtoOptions_Description_OpenVPN_PingSendInterval Interval in milliseconds between each ping packet transmission.
CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP. CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP.
CMD_ProtoOptions_Description_OpenVPN_Timeout Time in milliseconds after which the session is forcifully interrupted if no packets are received from the client in the meantime.
# ServerPasswordSet command # ServerPasswordSet command

View File

@ -4607,7 +4607,9 @@ CMD_ProtoOptionsGet_Column_Description Description
CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect. CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect.
CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods! CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods!
CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes). CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes).
CMD_ProtoOptions_Description_OpenVPN_PingSendInterval Interval in milliseconds between each ping packet transmission.
CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP. CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP.
CMD_ProtoOptions_Description_OpenVPN_Timeout Time in milliseconds after which the session is forcifully interrupted if no packets are received from the client in the meantime.
# ServerPasswordSet command # ServerPasswordSet command

View File

@ -4626,7 +4626,9 @@ CMD_ProtoOptionsGet_Column_Description Description
CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect. CMD_ProtoOptions_Description_OpenVPN_DefaultClientOption When OpenVPN is compiled without OCC code, it doesn't send the options string to the server. The original OpenVPN server still works, because the configuration is static. SoftEther VPN is heuristic and wants to support as many different configurations as possible. This option allows to define the string that is sent to clients built without OCC code, so that they can successfully connect.
CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods! CMD_ProtoOptions_Description_OpenVPN_Obfuscation This may help an OpenVPN client bypass firewalls that are aware of the protocol and block it. The same XOR mask has to be applied client-side, otherwise it will not be able to connect with certain obfuscation methods!
CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes). CMD_ProtoOptions_Description_OpenVPN_ObfuscationMask Mask used to XOR the bytes in the packet (used for certain obfuscation modes).
CMD_ProtoOptions_Description_OpenVPN_PingSendInterval Interval in milliseconds between each ping packet transmission.
CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP. CMD_ProtoOptions_Description_OpenVPN_PushDummyIPv4AddressOnL2Mode There's a bug that manifests under certain circumstances on Linux. It causes the OpenVPN client to disconnect unless the TAP device is UP. This option tells the server to push a dummy IPv4 address (RFC7600) to the client, so that the TAP adapter is forced to be UP.
CMD_ProtoOptions_Description_OpenVPN_Timeout Time in milliseconds after which the session is forcifully interrupted if no packets are received from the client in the meantime.
# ServerPasswordSet 命令 # ServerPasswordSet 命令