Date: Tue, 27 Nov 2012 10:58:44 -0300 From: Fernando Gont <fernando@gont.com.ar> To: FreeBSD Net <freebsd-net@freebsd.org> Subject: VPN traffic leaks in IPv6/IPv4 dual-stack networks/hosts Message-ID: <50B4C714.6080206@gont.com.ar>
next in thread | raw e-mail | index | archive | help
Folks, FYI. This is might affect FreeBSD users employing e.g. OpenVPN: <http://tools.ietf.org/html/draft-gont-opsec-vpn-leakages>. For a project such as OpenVPN, a (portable) fix might be non-trivial. However, I guess FreeBSD might hook some PF rules when establishing the VPN tunnel, such that e.g. all v6 traffic is filtered (yes, this is certainly not the most desirable fix, but still probably better than having your supposedly-secured traffic being sent in the clear). P.S.: Please check the corresponding thread (same "Subject") on the tech@openbsd.org mailing-list, since they have some patches for some of these issues... Thanks, -- Fernando Gont e-mail: fernando@gont.com.ar || fgont@si6networks.com PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50B4C714.6080206>