Routing setup with --script-tun
David Woodhouse
dwmw2 at infradead.org
Sun Dec 2 16:44:06 EST 2012
On Sun, 2012-12-02 at 11:35 -0800, Kevin Cernekee wrote:
> All of this assumes that the user will not try to send local (non-VPN)
> traffic through the proxy.
Given that assumption, it's fairly sane — with the potential exception
of $CISCO_PROXY_PAC... but if you're doing a SOCKS proxy, and not an
HTTP proxy, then it's not clear what you would do with that anyway.
I could contrive a scenario in which your assumption isn't valid — for
example if you want stuff to 'just work' regardless of whether you're
contacting a machine inside or outside the VPN, and don't want to have
to manually enable/disable SOCKS support. A user might want to just
configure their software to use SOCKS for everything, and have it the
SOCKS proxy do the right thing.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6171 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20121202/8aca1b80/attachment.bin>
More information about the openconnect-devel
mailing list