honour X-Forwarded-For header, and permissions on socket

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Tue Mar 17 04:31:51 PDT 2015


On Mon, Mar 16, 2015 at 8:32 PM, Claudio Luck <cluck at ethz.ch> wrote:
> Hi,
>
> It seems ocserv is considering connections over UNIX socket as coming from
> "localhost". This causes some erroneous decisions later in the code, as seen
> in the logs:
> ocserv: added 1 points (total 1) for IP 'localhost' to ban list
> ocserv: localhost error in getting TCP_MAXSEG: Operation not supported
> ...

Thanks. A fix is applied in master. Did you see any other side-effects
when using the unix socket?

regards,
Nikos



More information about the openconnect-devel mailing list