[PATCH v3 0/3] [vpnc-scripts] Support for Pulse's split-exclude routes
Gernot Hillier
gernot.hillier at siemens.com
Wed Feb 21 08:46:41 PST 2018
OpenConnect already sets the according environment variables when the Pulse
gateway sends "split-exclude" routes, so we only need to handle them
in vpnc-script.
Sorry for the delay in sending v3.
We hopefully get an official Siemens approval for OpenConnect on Linux clients
soon, so it would be great if you could apply patch no. 1 which is mandatory
for us. Feel free to ignore or apply patches 2 and 3 if considered useful.
Patch history:
Original series (submitted 2017-10-11):
- assumed split-exclude targets and VPN gateway are reachable via the same uplink
v2 (submitted 2017-10-30):
- re-use current routing information for the "ip route" case for split-exclude
routes, only guess about correct uplink for /sbin/route case
- patches are now independent of each other, but I chose to leave them in the
same series for better comparability.
- throw away untested IPv6 code
v3:
- re-add IPv6 support
- re-order patches to ease application of patch no. 1 only
Original patches were tested successfully on Linux and FreeBSD and
"partially-acked" by dlenski at gmail.com. v3 is successfully tested on Linux
using "ip route" and /sbin/route mode. Unfortunately, our (scarce) BSD users
had no chance to test v3 so far and I didn't want to further delay patch
submission.
Gernot Hillier (3):
Support split-exclude rules from Pulse gateway
Revive route cleanup for /sbin/route code
Support routes with different devs and gateways
vpnc-script | 193 ++++++++++++++++++++++++++++++++++++++++++++++++++++--------
1 file changed, 169 insertions(+), 24 deletions(-)
--
2.13.6
More information about the openconnect-devel
mailing list