[ previous ] [ next ] [ threads ]
 
 From:  "Youri Kersloot" <YKersloot at CrossingChannels dot com>
 To:  "Peter Allgeyer" <allgeyer at web dot de>
 Cc:  <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall-dev] OpenVPN on beta10: missing routingoptionandsomebugs?
 Date:  Wed, 21 Sep 2005 11:48:23 +0200
Peter,

Unfortuanaly I don't have any C-skills (only with a #), but I totally
agree (doesn't come as a suprise) with your example of the accounting
department. The suggestion I made was only a quick win, just for simple
networks or to be used when you understand the "shortcommings" (your
example), until the export mode is active.

Grtz,
Youri

P.s. Bavaria is a Dutch brand of beer

-----Original Message-----
From: Peter Allgeyer [mailto:allgeyer at web dot de] 
Sent: woensdag 21 september 2005 11:38
To: Youri Kersloot
Cc: m0n0wall dash dev at lists dot m0n0 dot ch
Subject: RE: [m0n0wall-dev] OpenVPN on beta10: missing
routingoptionandsomebugs?

Hi Youri!

Am Mittwoch, den 21.09.2005, 11:16 +0200 schrieb Youri Kersloot:
> I've dug into this issue a little bit further and suddenly it'd hit
me.
> To support the push-route in a basic way, their shouldn't be only a 
> checkbox, but also a droplist for which subnet the route rule should 
> be made.
Yes I know that. But imagine not sending only one subnet but several
ones. For example: Having two internal subnets, one for accounting
department (10.0.4.0/24) and one for marketing (10.0.12.0/24).
Additionally you have a DMZ (172.18.1.0/24) with you webserver, that the
marketing is administering.

You want your clients to have access to the DMZ and the marketing
department, but not to the accounting department:

Push "route 10.0.12.0 255.255.255.0"
Push "route 172.18.1.0 255.255.255.0"

How do we add them by only one drop down list w/o having group objects?
Should we have more than one drop down list?

> The expert option would be really really reaaally great!!! Do you have

> a clue on which term this could be realised?
This will be the preferred way till we have a good and usuable new
object design. At the moment there are two things I'm working on:

1) bug fixing the actual 1.2b10-ovpnX tree
2) implementing new features in a 1.2b10-ovpn-test tree

Since 1) is prior to 2) I will code this, if I have time for it.
Sometimes where are questions to help coding so this would be a nice
project if anybody has time, skill and is looking to go for sth. It's
not difficult since there are enough examples how to do this in the
existing code.

Ciao ...
	... PIT ...


------------------------------------------------------------------------
---
 copyleft(c) by |   _-_      Where is 'bavaria' proper? I thought
 Peter Allgeyer | 0(o_o)0   it was austria.  -- Seen on #Linux
---------------oOO--(_)--OOo--------------------------------------------
---