git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Antonio Quartulli <a@unstable.cc>
	Wed, 9 Oct 2019 14:34:19 +0000 (16:34 +0200)
committer	Gert Doering <gert@greenie.muc.de>
	Fri, 8 Nov 2019 09:49:06 +0000 (10:49 +0100)
commit	e375a5ce555a66c8b6b2ac2869977e723a65982f
tree	3c006a6ad43704b5fbe6e073ff68f50bab8741d4	tree
parent	633fe5185d063a1d1a1bce4170b283ab4273d95d	commit \| diff

VLAN: implement support for forwarding only pre-tagged VLAN packets

By building on top of the VLAN basic support, allow the user to configure
the server in VLAN_TAGGED-only mode. This way, only packets that reach
the TAP interface with an 802.1Q header are considered for forwarding -
untagged packets are all dropped.

A VLAN-tagged packet is then treated like any other packet by the
OpenVPN routing engine, with the exception of being allowed to reach
only clients configured with the same VID.

The logic applies to all server-to-client and client-to-client traffic.

Signed-off-by: Fabian Knittel <fabian.knittel@lettink.de>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20191009143422.9419-7-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18918.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

src/openvpn/multi.c		diff \| blob \| blame \| history
src/openvpn/options.c		diff \| blob \| blame \| history
src/openvpn/options.h		diff \| blob \| blame \| history
src/openvpn/vlan.c		diff \| blob \| blame \| history
src/openvpn/vlan.h		diff \| blob \| blame \| history