[Impact]
<fill me in with explanation of severity and frequency of bug on users and justification for backporting the fix to the stable release>
[Development Fix]
<fill me in with an explanation of how the bug has been addressed in the development branch, including the relevant version numbers of packages modified in order to implement the fix. >
[Stable Fix]
<fill me in by pointing out a minimal patch applicable to the stable version of the package.>
[Text Case]
<fill me in with detailed *instructions* on how to reproduce the bug. This will be used by people later on to verify the updated package fixes the problem.>
1.
2.
3.
Broken Behavior:
Fixed Behavior:
[Regression Potential]
<fill me in with a discussion of likelihood and potential severity of regressions and how users could get inadvertently affected.
[Original Report]
When a tun-based VPN is using the subnet topology, the communication between clients can confuse the routing code that will wrongly emit ICMP redirects. This problem is very well described here http://backreference.org/2010/05/02/controlling-client-to-client-connections-in-openvpn/. The same link also provides the workaround (disable ICMP redirect on the TUN device).
This problem affects Lucid to Precise (Hardy's version does not support the subnet mode).
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: openvpn 2.1.3-2ubuntu3
ProcVersionSignature: Ubuntu 2.6.38-13.53-generic 2.6.38.8
Uname: Linux 2.6.38-13-generic x86_64
Architecture: amd64
Date: Thu Dec 22 11:34:08 2011
ProcEnviron:
LANGUAGE=en_US:en
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: openvpn
UpgradeStatus: No upgrade log present (probably fresh install)
@simon, Thanks for the bug report and the associated branch. I'd quite like to get this resolved in Debian first, then merge it into Precise (current development version), then SRU it back to Oneiric.
Are you able to submit this to Debian, or would you like some support?
Thanks.