home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.sys.raspberry-pi      Raspberry Pi computers & related hardwar      26,127 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 24,460 of 26,127   
   William Unruh to Markus Robert Kessler   
   Re: SOLVED: Where to get the sources (op   
   11 Apr 24 18:43:19   
   
   XPost: alt.os.linux.ubuntu, alt.os.linux.mageia   
   From: unruh@invalid.ca   
      
   On 2024-04-09, Markus Robert Kessler  wrote:   
   > Hello all,   
   >   
   > here is what I've done in short:   
   ...   
   >   
   > They are stored in ${CISCO_SPLIT_EXC_${i}_ADDR}, and their total number,   
      
    And ${CISCO_SPLIT_EXC_${i}_MASK } and ${${CISCO_SPLIT_EXC_${i}_MASKLEN}   
      
      
   My problem is that what I get pushed is   
   CISCO_SPLIT_EXC_0_ADDR=0.0.0.0   
   CISCO_SPLIT_EXC_0_MASK=255.255.255.255   
   CISCO_SPLIT_EXC_0_MASKLEN=32   
    Ie, everything gets routed through tun, which is completely nuts.   
      
   I presume that I could just have a file with the list of addresses I   
   want sent through the tun, and include that in vpnc-script.   
   The problem is how do I decide what to include if I want to use a number   
   of different vpns.   
   Is it reasonably robust to use   
   CISCO_DEF_DOMAIN=ubc.ca   
   to decide which routing  address file to use   
      
   Also, would a mask of 0.0.255.255 be MASKLENGTH of 32 or 16?   
      
   What I am thinking of is putting a line   
   source routes.${CISCO_DEF_DOMAIN}   
   at the beginning of the vpnc-script file   
      
   and have that file be full of the   
   CISCO_SPLIT_EXC_${i}_{ADDR,MASK,MASKLEN) triplets with an appropriate   
    CISCO_SPLIT_EXC at the end.   
   (with a test to make sure that the file exists before sourcing it)   
      
   That would seem to be much easier than the massive rewrite you did.   
      
   Would openconnect clean up the addresses that go through the tun when it   
   is stopped?   
      
    _   
      
      
   > i.e. the vector size is stored in $CISCO_SPLIT_EXC.   
   >   
   > To prevent openconnect from accepting all that trash, I could easily set   
   > this vector to empty, i.e. include   
   >   
   > CISCO_SPLIT_EXC=''   
   >   
   > as one the first commands in vpnc-script file, and, that's it!   
   >   
   > The reason why Suse's approach, which I took to build my own vpnc rpm   
   > from, and from which vpnc-script is taken from, does not accept all that   
   > routes, is that in this version the whole section is not included.   
   >   
   > If you are interested in seeing how they differ, you may have a look at   
   > the vimdiff file I created:   
   >   
   > https://www.dipl-ing-kessler.de/tmp/vpnc-script   
      
   White letters on light green is almost unreadable.   
   >   
   > This afternoon I tested above solution on Raspbian OS and it worked   
   > instantly.   
   >   
   > It took me some time to find out, but it was worth every minute :-)   
   >   
   > Best regards,   
   >   
   > Markus   
   >   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca