OpenConnect & Firefox in Ubuntu Linux
Ben Kietzman
ben at kietzman.org
Wed Jan 18 21:32:46 EST 2012
David,
Doing the split tunneling did not help, but I did find out some
interesting information. I was watching the Firefox profile
directories and files. I noticed that the Firefox profile directory
(ex: /home/ben/.mozilla/firefox/e1mljmbg.default) kept getting wiped
out every time I established an OpenConnect VPN connection. The
directory itself remains, but it was emptied of all content. Even
more interesting was that all this took place without Firefox ever
being launched. The profile directory was full of files and
directories before connecting with OpenConnect and then empty after
the connection was established. This all happened without ever
launching Firefox.
I have no idea what would be causing this, but something is triggering
it. I also found out that I could keep this from happening if I chmod
the profile directory (ex: e1mljmbg.default) from 700 to 500 in order
to remove write permissions on that directory.
You mentioned that OpenConnect has nothing to do with the Firefox
directories. Could it be an issue with the Network Manager since it
would be responsible for running OpenConnect from the GUI? Hmm...I
will keep digging into it. Thanks again for your help thus far.
Ben Kietzman
ben at kietzman.org
On Wed, Jan 18, 2012 at 8:12 PM, David Woodhouse <dwmw2 at infradead.org> wrote:
> On Wed, 2012-01-18 at 19:32 -0600, Ben Kietzman wrote:
>> Thank you for the quick response. I will run the connection in split
>> tunnel mode tomorrow and see how it goes. I use the GUI in Ubuntu to
>> manage OpenConnect. I assume I enable the split tunnel using the
>> following steps (please correct me if I am wrong):
>>
>> Network Icon --> VPN Connections --> Configure VPN... --> Edit... -->
>> IPv4 Settings --> Routes... --> "Use this connection only for
>> resources on its network"
>
> Um, something like that I think. The NetworkManager options for this are
> stunningly badly named and set up, and don't always do what they say.
>
> --
> dwmw2
More information about the openconnect-devel
mailing list