[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] iproute2 option


  • Subject: Re: [Openvpn-users] iproute2 option
  • From: James Yonan <jim@xxxxxxxxx>
  • Date: Tue, 25 Jan 2005 00:43:36 -0700 (MST)

On Mon, 24 Jan 2005, Whit Blauvelt wrote:

> On Mon, Jan 24, 2005 at 09:29:24PM -0000, James Yonan wrote:
> 
> > The best way to see the difference is to grep the source for
> > CONFIG_FEATURE_IPROUTE.
> 
> Thanks James! I'd thought of going into the source, but posted the query
> instead because I knew I'd find the source a bit vague, since I don't code
> C. I'm sure if I did the values of %s and %d in the code would be obvious -
> they must be the variables specified by the names following in the
> functions? But then I have to try to trace back farther and see where it
> derived those variables. For instance, "dev actual" is which device spec in
> a bridged situation? br0? eth0? I know I could just spend a lot of time
> experimenting, which could be both revealing and fun. (If only I had infinite
> time and many redundant systems to toy with.)

The variable "actual" is the tun/tap name with a specific unit number.  
For example if you start OpenVPN and it says:

TUN/TAP device tap0 opened

Then actual would be "tap0" even if OpenVPN was run with "--dev tap" only 
and without an explicit unit number.

> I've written code myself where, on being asked for more documentation, I
> insist that my code should be clearer than any additional docs I could
> write. So I know how that looks from the inside. From the outside, though,
> even well-written code (and everything about this project, both code and
> docs, is impressively clean) is more opaque than good docs.
> 
> Hope you have time to expand the docs to cover more of the background theory
> as well as the specific logic of operations like this in the future. But I
> know your time isn't infinite either. Thanks again for all you've
> accomplished so far. I'm sure I'll get it working (because I've promised a
> client...).

Yes, I know there's a huge amount of documention which could potentially
be written about these details.  If you want more info on the background
theory, see here:

http://openvpn.net/security.html

James


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users