ocserv proxy protocol support
Niels Peen
niels at peen.ch
Mon Aug 24 14:04:42 PDT 2015
> On 22 Aug 2015, at 20:53, Niels Peen <niels at peen.ch> wrote:
>
>
>> On 22 Aug 2015, at 20:16, Nikos Mavrogiannopoulos <n.mavrogiannopoulos at gmail.com> wrote:
>>
>> On Sat, 2015-08-22 at 19:31 +0200, Niels Peen wrote:
>>
>>> I can confirm the real IP address now shows up in occtl.
>>>
>>> Unable to test the script variables as configuring a connect script
>>> now causes below login failure. Removing the connect script from the
>>> configuration, or reverting to the regular 0.10.7 release fixes the
>>> issue.
>>
>> Thanks for testing. I realized there was a bug when setting the local
>> IP the client connected to. That should be fixed now, and pushed in
>> master, along with a small test suite.
>
> Works flawlessly now. Real IP's (both remote and local) can be used in the connect script.
Although I don’t use it myself, I noticed the banning mechanism still uses 127.0.0.1 instead of the real IP.
Niels
More information about the openconnect-devel
mailing list