xingplus / tunnelblick

Automatically exported from code.google.com/p/tunnelblick
0 stars 0 forks source link

"Set nameserver" block vpn reconnection if the pushed dns server if an local ip #75

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Connect Tunnelblick with "Set nameserver" checked
2. Wait for your client lose the vpn connection
3. Tunnelblick will try to reconnect and do a nslookup for the server name,
but this will fail (the dns entry is only valid when the vpn is up)

What is the expected output? What do you see instead?
Tunnelbrick should set the dns entry back to the original value when it
lose connection (like when the connection is stopped correctly).

What version of Tunnelblick are you using? On what version of OS X? PPC or
Intel?
3.0b10 on OSX 10.4/ppc

Please provide any additional information below.

Original issue reported on code.google.com by fduf...@som.ca on 27 Feb 2009 at 7:19

GoogleCodeExporter commented 9 years ago
I suggest instead that Tunnelblick use the original DNS value to look up the 
server
and reestablish the connection. Only if that fails should the original network
connection be restored, after notifying the user.

The user should be informed* that the secure connection is no longer being used,
otherwise they may think they have a secure connection when they do not. If the
"--redirect-gateway" OpenVPN directive has been specified, once the tunnel is
established no IP traffic should go outside of the tunnel without the user's
permission. The user may be sending sensitive information out when the 
connection
goes down; that information should not be sent to the pre-tunnel network.

* In my view, it would not be enough to change the Tunnelblick icon to show the
change in status; a popup window should be used to force the user's 
acknowledgement,
preferably before restoring the original network connection.

Original comment by jkbull...@gmail.com on 17 Mar 2009 at 10:03

GoogleCodeExporter commented 9 years ago
Does version 3.0b12 fix this?

Original comment by jkbull...@gmail.com on 5 Aug 2009 at 7:40

GoogleCodeExporter commented 9 years ago

Original comment by jkbull...@gmail.com on 30 Aug 2009 at 4:06