[PATCH] Fixes for vpnc-script with Juniper VPN

Sean Millichamp sean at bruenor.org
Tue Aug 4 11:40:47 PDT 2015


Hello,

I have recently started using openconnect's Juniper VPN support. It
works great (thanks!) but the vpnc-script needs a couple of minor
tweaks. Attached are two patches for vpnc-script to address two issues
I have encountered.

1) When openconnect calls vpnc-script at the termination of the session
(e.g. when a SIGINT is received) the tun0 device seems to already be
absent and as a result the /sbin/ip route commands return a 'Cannot
find device "tun0"' error for each occurance of a route deletion.

2) Juniper VPN sends a comma-separated list of multiple search domains
in the "CISCO_DEF_DOMAIN" variable (at least ours does). This replaces
the comma with a blank space, which makes it work with resolv.conf.
Given that you should never see a comma in a domain name I don't
foresee any negative impacts from this.

Thank you.

Regards,
Sean
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Silence-errors-from-ip-if-device-is-absent.patch
Type: text/x-patch
Size: 1458 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150804/3d6caf6a/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Handle-comma-separated-DNS-domain-lists.patch
Type: text/x-patch
Size: 874 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150804/3d6caf6a/attachment-0001.bin>


More information about the openconnect-devel mailing list