On 2 Dec 2012, at 21:44, David Woodhouse <dwmw2 at infradead.org> wrote: > I could contrive a scenario in which your assumption isn't valid ? for > example if you want stuff to 'just work' regardless of whether you're > contacting a machine inside or outside the VPN, and don't want to have > to manually enable/disable SOCKS support. A user might want to just > configure their software to use SOCKS for everything, and have it the > SOCKS proxy do the right thing. This would imply that the SOCKS server is running when the VPN is down. That's not the case with ocproxy. One could chain a normal SOCKS proxy in front of ocproxy, of course, but then the configuration that you describe would be part of that proxy rather than ocproxy.
