ocserv-fw script design
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Tue May 10 04:32:29 PDT 2016
On Mon, May 9, 2016 at 4:34 PM, Lance LeFlore <lance at 3t218.org> wrote:
> I can do that.
Thank you.
> Would it be possible to get export_fw_info to also export ipv4-network
> so that ocserv-fw can configure SNATing on the POSTROUTING chain?
I think that would be interesting in general to have. I have an
untested patch at ocserv-export-net branch. It exports the
OCSERV_IPV4_POOL and IPV6 equivalent. However, the ocserv-fw script is
intended to be part of ocserv, i.e., not modified by an admin. Is your
plan to add the SNAT capability as a configuration option of ocserv?
regards,
Nikos
More information about the openconnect-devel
mailing list