Monday, May 4, 2009


Just thought I'd give a peek into my intentions for future features. As always, I'm open to comments/suggestions.
By the way, the comments section of this post would probably be the appropriate place for feature requests.
To-do items:
  • GUI for client-config-dir to allow full site-to-site
  • Get DNS over VPN working
  • Get client to accept dhcp-option items from server
    • At this point I'll also add a GUI option to push DNS from the server
  • GUI option to route Internet-bound traffic over the tunnel
    • This will probably include an option on the client and an option on the server to push it to clients
  • Upgrade OpenSSL
    • Might not be necessary now that fyellin ported AES back to the current OpenSSL version
  • Get OpenSSL to use encryption hardware where appropriate

Wish-list items (won't work on them until the to-do list is empty):
  • IPSec tunneling
  • PPTP tunneling

Not on the radar, but often requested:
  • SNMP
    • Perhaps it's that I don't fully see where this would be needed on the router, but I don't see myself taking time to learning about it and working out the kinks.
    • If someone can explain how it would greatly improve the VPN experience, I may reconsider
    • Of course, if someone adds a git branch with SNMP+GUI, it'd probably be easier to convince me to include it.

Friday, May 1, 2009

1.23vpn3.2 release

You can download the binaries from here.

Source is available at the Git repository.
Be sure to read the COPYING file if you plan to use/distribute the sources.
Direct links:
Notable changes from 1.23vpn3.0001
  • Status tab has nicer display for static-key servers
  • Added status tab for clients
  • GUI option to have server accept DNS requests from tunnel
  • Firewall rules now work when you have enabled logging of inbound blocked packets
    • Almost everyone shouldn't care about this
  • Various code cleanups/improvements