mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-11-22 17:39:53 +03:00
src/Cedar/Proto_OpenVPN.c: push "block-outside-dns" to clients
From https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage: --block-outside-dns Block DNS servers on other network adapters to prevent DNS leaks. This option prevents any application from accessing TCP or UDP port 53 except one inside the tunnel. It uses Windows Filtering Platform (WFP) and works on Windows Vista or later. This option is considered unknown on non-Windows platforms and unsupported on Windows XP, resulting in fatal error. You may want to use --setenv opt or --ignore-unknown-option (not suitable for Windows XP) to ignore said error. Note that pushing unknown options from server does not trigger fatal errors.
This commit is contained in:
parent
c6f186bd73
commit
b6ef9f88c9
@ -2460,6 +2460,17 @@ void OvsRecvPacket(OPENVPN_SERVER *s, LIST *recv_packet_list)
|
||||
}
|
||||
}
|
||||
|
||||
// From https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage:
|
||||
//
|
||||
// --block-outside-dns
|
||||
// Block DNS servers on other network adapters to prevent DNS leaks.
|
||||
// This option prevents any application from accessing TCP or UDP port 53 except one inside the tunnel.
|
||||
// It uses Windows Filtering Platform (WFP) and works on Windows Vista or later.
|
||||
// This option is considered unknown on non-Windows platforms and unsupported on Windows XP, resulting in fatal error.
|
||||
// You may want to use --setenv opt or --ignore-unknown-option (not suitable for Windows XP) to ignore said error.
|
||||
// Note that pushing unknown options from server does not trigger fatal errors.
|
||||
StrCat(option_str, sizeof(option_str), ",block-outside-dns");
|
||||
|
||||
WriteFifo(c->SslPipe->SslInOut->SendFifo, option_str, StrSize(option_str));
|
||||
|
||||
Debug("Push Str: %s\n", option_str);
|
||||
|
Loading…
Reference in New Issue
Block a user