ocserv 0.11.0rc0
Nikos Mavrogiannopoulos
nmav at gnutls.org
Fri Jan 8 04:53:45 PST 2016
Hello,
I've just released ocserv 0.11.0rc0. This release has improvements
for openconnect server to support setups with more than 1k users, and
includes several cleanups in configuration semantics.
* Version 0.11.0rc0 (released 2016-01-08)
- Simplified configuration semantics. Any routes or no-routes set on
the per-user configuration file will override any global ones instead
of being appended.
- Added config option 'append-routes'. If set to true it will restore
the old configuration semantics of appending the global routes to per
user/group config.
- Added the 'restrict-user-to-ports' configuration option. This
prevents the user from connecting to the given protocol/port
combinations. It is intended to be used as mechanism to restrict
certain users to accessing specific services (e.g., only web or ssh).
Combined with 'restrict-user-to-routes' it can be used to restrict a
user to accessing only a specific service to a specific server.
- Switched to an event-driven design in main; using libev
- occtl: Added the show events command to allow viewing the users
connecting in real time.
The current release is available at:
ftp://ftp.infradead.org/pub/ocserv/ocserv-0.11.0rc0.tar.xz
ftp://ftp.infradead.org/pub/ocserv/ocserv-0.11.0rc0.tar.xz.sig
The VPN server's web-site is at:
http://www.infradead.org/ocserv
regards,
Nikos
More information about the openconnect-devel
mailing list