Project

General

Profile

Feature #8788

« Previous | 6 of 44 | Next »

Disable compression by default for OpenVPN

Added by Anonymous over 2 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Jim Pingle
Category:
OpenVPN
Target version:
2.4.4
Start date:
08/15/2018
Due date:
% Done:

100%

Estimated time:
Release Notes:
Default

Description

In light of the voracle attack, this feature request is to disable compression by default for OpenVPN in pfSense.

Associated revisions

Revision 38922574 (diff)
Added by Jim Pingle over 2 years ago

Disable OpenVPN compression for new instances by default. Fixes #8788

Also add warning text that cautions against enabling compression.

While here, also add missing "stub-v2" compression mode.

History

#1 Updated by Jim Pingle over 2 years ago

  • Status changed from New to In Progress
  • Assignee set to Jim Pingle

#2 Updated by Jim Pingle over 2 years ago

  • Status changed from In Progress to Feedback
  • % Done changed from 0 to 100

Applied in changeset 3892257442d732c601c9f5e889327fb59d375437.

#3 Updated by Anonymous over 2 years ago

On 2.4.4.a.20180815.1003 (gitsync'd to master), OpenVPN (server and client) default to "Disable Compression, retain compression packet framing [compress]". Looks good.

#4 Updated by Jim Pingle over 2 years ago

  • Status changed from Feedback to Resolved

#5 Updated by Jim Pingle over 2 years ago

  • Private changed from Yes to No

Also available in: Atom PDF