ocserv 0.11.0rc0

Nikos Mavrogiannopoulos nmav at gnutls.org
Fri Jan 8 04:53:45 PST 2016

  I've just released ocserv 0.11.0rc0. This release has improvements
for openconnect server to support setups with more than 1k users, and
includes several cleanups in configuration semantics.

* Version 0.11.0rc0 (released 2016-01-08)
- Simplified configuration semantics. Any routes or no-routes set on
  the per-user configuration file will override any global ones instead
  of being appended.
- Added config option 'append-routes'. If set to true it will restore
  the old configuration semantics of appending the global routes to per
  user/group config.
- Added the 'restrict-user-to-ports' configuration option. This
  prevents the user from connecting to the given protocol/port 
  combinations. It is intended to be used as mechanism to restrict
  certain users to accessing specific services (e.g., only web or ssh).
  Combined with 'restrict-user-to-routes' it can be used to restrict a
  user to accessing only a specific service to a specific server.
- Switched to an event-driven design in main; using libev
- occtl: Added the show events command to allow viewing the users
  connecting in real time. 

The current release is available at:

The VPN server's web-site is at:


More information about the openconnect-devel mailing list