Make block-outside-dns work with persist-tun

- Remove and recreate WFP filters during restart even when
  tun/tap is not re-opened. This is needed for resolving the remote.

See also: http://article.gmane.org/gmane.network.openvpn.user/36990

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1465055649-13628-1-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11787
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 21487772c3d5707990fcba05bcb9978ac1a99711..593fbf46e0be2251cf3c7ab67ab7b5bb67316536 100644 (file)
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -1522,6 +1522,15 @@ do_open_tun (struct context *c)
                     NULL,
                     "up",
                     c->c2.es);
+#if defined(WIN32)
+      if (c->options.block_outside_dns)
+        {
+          dmsg (D_LOW, "Blocking outside DNS");
+          if (!win_wfp_block_dns(c->c1.tuntap->adapter_index))
+            msg (M_FATAL, "Blocking DNS failed!");
+        }
+#endif
+
     }
   gc_free (&gc);
   return ret;
@@ -1651,6 +1660,15 @@ do_close_tun (struct context *c, bool force)
                                             c->sig->signal_text),
                         "down",
                         c->c2.es);
+
+#if defined(WIN32)
+          if (c->options.block_outside_dns)
+            {
+              if (!win_wfp_uninit())
+                  msg (M_FATAL, "Uninitialising WFP failed!");
+            }
+#endif
+
        }
     }
   gc_free (&gc);