Discussion:
[Openvpn-devel] man openvpn(8): --block-outside-dns
d***@gmail.com
2015-12-29 12:31:35 UTC
Permalink
Is this considered to be sufficient documentation:

https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage

--block-outside-dns

Block DNS servers on other network adapters to prevent DNS leaks. This
option prevents any application from accessing TCP or UDP port 53 except one
inside the tunnel. It uses Windows Filtering Platform (WFP) and works on
Windows Vista or later.

--block-outside-dns is not an openvpn directive ... it cannot be used in a
config file as such.

Regards


------------------------------------------------------------------------------
Arne Schwabe
2015-12-29 12:36:40 UTC
Permalink
Post by d***@gmail.com
https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
--block-outside-dns
Block DNS servers on other network adapters to prevent DNS leaks. This
option prevents any application from accessing TCP or UDP port 53 except one
inside the tunnel. It uses Windows Filtering Platform (WFP) and works on
Windows Vista or later.
--block-outside-dns is not an openvpn directive ... it cannot be used in a
config file as such.
At least as I understood it, it is.

Arne

------------------------------------------------------------------------------
d***@gmail.com
2015-12-29 13:15:57 UTC
Permalink
----- Original Message -----
From: "Arne Schwabe" <***@rfc2549.org>
To: <***@gmail.com>; <openvpn-***@lists.sourceforge.net>
Sent: Tuesday, December 29, 2015 12:36 PM
Subject: Re: [Openvpn-devel] man openvpn(8): --block-outside-dns
Post by Arne Schwabe
Post by d***@gmail.com
https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
--block-outside-dns
Block DNS servers on other network adapters to prevent DNS leaks. This
option prevents any application from accessing TCP or UDP port 53 except one
inside the tunnel. It uses Windows Filtering Platform (WFP) and works on
Windows Vista or later.
--block-outside-dns is not an openvpn directive ... it cannot be used in a
config file as such.
At least as I understood it, it is.
Ahh ..
it is not ' push "setenv-safe opt block-outside-dns" '
( I presume this was a method used prior to 2.3.9 )

simply ' push "block-outside-dns" '
or in the client config "block-outside-dns"

I must have missed something .. doh!

Thanks :)


------------------------------------------------------------------------------
Gert Doering
2015-12-29 13:56:34 UTC
Permalink
Hi,
Post by d***@gmail.com
--block-outside-dns is not an openvpn directive ...
Uh, what?
Post by d***@gmail.com
it cannot be used in a config file as such.
By that logic, quite a lot of things that are platform specific would
not be "an openvpn directive" - most other windows specific options will
also cause parse errors when used on linux.

gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany ***@greenie.muc.de
fax: +49-89-35655025 ***@net.informatik.tu-muenchen.de
Loading...