Package: secvpn
Version: 2.19
Severity: wishlist
Tags: patch
secvpn would benefit from a mechanism to specify different ppp options
on the local and remote side. For instance a laptop that is a local
side and wanders from network environment to environment may want to
be able to get DNS server information from the remote side for the
private DNS information about the VPN that secvpn is providing access
to. But the remote side would not want to have arbitrary DNS servers
inserted into its look ups.
This affect would be accomplished by having
LOCAL_PPP_OPTS="usepeerdns"
REMOTE_PPP_OPTS="ms-dns 10.1.1.2"
configured in secvpn.conf.
/usr/bin/secvpn can implement this feature with a line like:
# 2006-10-17 [EMAIL PROTECTED]
# Add LOCAL_PPP_OPTS and REMOTE_PPP_OPTS. Needed in cases where
# want options only on one side. E.g. LOCAL_PPP_OPTS="usepeerdns"
# REMOTE_PPP_OPTS="ms-dns 10.1.1.2". Having options on both side
# would create undesired site effect like causing remote server
# to take on DNS of wandering local client.
[ "$NOTHING" ] || /usr/sbin/pppd $T_CRYPT_IP:$O_CRYPT_IP \
$PPP_OPTS $LOCAL_PPP_OPTS \
netmask $CRYPT_MASK pty \
"ssh $SSH_OPTS -t -o 'BatchMode yes' $O_BAD_IP \
$ROOTCMD /usr/sbin/pppd $O_CRYPT_IP:$T_CRYPT_IP \
$PPP_OPTS $REMOTE_PPP_OPTS passive"
-- System Information:
Debian Release: 3.1
APT prefers experimental
APT policy: (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.4.22-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages secvpn depends on:
ii bc 1.06-15 The GNU bc arbitrary precision cal
ii ppp 2.4.3-20050321+2sarge1 Point-to-Point Protocol (PPP) daem
ii ssh 1:3.8.1p1-8.sarge.4 Secure rlogin/rsh/rcp replacement
ii sudo 1.6.8p7-1.4 Provide limited super user privile
ii timeout 1.11-6.1 Run a command with a time limit.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
