ocserv 0.10.10

Nikos Mavrogiannopoulos nmav at gnutls.org
Sat Nov 28 11:29:46 PST 2015

  I've just released ocserv 0.10.10. This is a minor feature
enhancement release in the 0.10.x branch.

* Version 0.10.10 (released 2015-11-28)
- Increase the number of log messages logged in the default level. That
  is added messages that could be of use to administrators.
- Introduced ipv6-subnet-prefix config option. That option allows to
  specify the IPv6 subnet prefix to be given to client. That is, allow 
  providing the clients networks larger than /128. The default setting 
  is 128 to keep backwards compatibility.
- Introduced the expose-iroutes config option. That option allows the 
  server to advertise routes offered by some clients to all of them. 
  This requires the config-per-user option.
- When a client has assigned iroutes which cannot be applied, he will 
  be denied access.
- Added restrict-user-to-routes configuration option which will execute
  ocserv-fw script on user connection. The script will set firewall 
  rules which deny the user access to any other networks than the
  routes set for the user. This is added as a tech preview; details of 
  this option may change on later releases.
- When banning IPv6 addresses treat a /64 network as a single address.
- Fixed conflict with isolate-workers and user-profile.
- occtl: Allow disabling the pager functionality on compile time using 

The current release is available at:

The VPN server's web-site is at:


More information about the openconnect-devel mailing list