From 95da6b6cd15d574c9cf22a6124596e7df0eae4e7 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Fri, 23 Sep 2016 21:35:32 +0100 Subject: [PATCH] Better attempt at handling TAP-Windows tun setup Just set the network and mask to all zeros. It means it'll do proxy ARP for *everything* and we can configure them all as on-link routes. Signed-off-by: David Woodhouse --- tun-win32.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/tun-win32.c b/tun-win32.c index 1df3e46a..b5f6f83c 100644 --- a/tun-win32.c +++ b/tun-win32.c @@ -195,13 +195,12 @@ static intptr_t open_tun(struct openconnect_info *vpninfo, char *guid, char *nam data[0], data[1], data[2]); data[0] = inet_addr(vpninfo->ip_info.addr); - /* Always ensure the netmask is no smaller than /31. This isn't a - * sensible Ethernet netmask, but at least as far as the TAP-Windows - * driver is concerned, it does allow for the existence of *one* other - * host for which ARP replies can be faked, and which we can use as - * the "router". */ - data[2] = inet_addr(vpninfo->ip_info.netmask) & 0xfeffffff; - data[1] = data[0] & data[2]; + /* Set network and mask both to 0.0.0.0. It's not about routing; + * it just ensures that the TAP driver fakes ARP responses for + * *everything* we throw at it, and we can just configure them + * as on-link routes. */ + data[1] = 0; + data[2] = 0; if (!DeviceIoControl(tun_fh, TAP_IOCTL_CONFIG_TUN, data, sizeof(data), data, sizeof(data), -- 2.49.0