[PATCH v3 0/3] [vpnc-scripts] Support for Pulse's split-exclude routes
Gernot Hillier
gernot.hillier at siemens.com
Tue Feb 27 03:12:29 PST 2018
Am 26.02.2018 um 16:27 schrieb David Woodhouse:
>
>
> On Wed, 2018-02-21 at 17:46 +0100, Gernot Hillier wrote:
>> OpenConnect already sets the according environment variables when the Pulse
>> gateway sends "split-exclude" routes, so we only need to handle them
>> in vpnc-script.
>>
>> Sorry for the delay in sending v3.
>>
>> We hopefully get an official Siemens approval for OpenConnect on Linux clients
>> soon, so it would be great if you could apply patch no. 1 which is mandatory
>> for us. Feel free to ignore or apply patches 2 and 3 if considered useful.
>>
>> Patch history:
>>
>> Original series (submitted 2017-10-11):
>> - assumed split-exclude targets and VPN gateway are reachable via the same uplink
>> v2 (submitted 2017-10-30):
>> - re-use current routing information for the "ip route" case for split-exclude
>> routes, only guess about correct uplink for /sbin/route case
>> - patches are now independent of each other, but I chose to leave them in the
>> same series for better comparability.
>> - throw away untested IPv6 code
>> v3:
>> - re-add IPv6 support
>> - re-order patches to ease application of patch no. 1 only
>
> These look sane enough. I've applied them; thanks.
Thanks, this really helps us promoting Open Source as alternative here!
By the way, does it still make sense to maintain the script in a
separate repo? Are there still people using your version with vpnc?
Otherwise I'd suggest to move those to openconnect repo, that way all
distros will automatically pick it up - as an example, OpenSUSE
currently only ships the outdated vpnc version...
--
Gernot
More information about the openconnect-devel
mailing list