From: Daniel Lenski Date: Tue, 30 Nov 2021 18:06:44 +0000 (-0800) Subject: Always use INTERNAL_IP4_ADDRESS as "gateway" on Windows X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=a850bc40d454041ed58f461cf35d7065013b1f90;p=users%2Fdwmw2%2Fvpnc-scripts.git Always use INTERNAL_IP4_ADDRESS as "gateway" on Windows It appears that Windows's 'netsh' utility doesn't like the VPN interface having a "gateway" address of 0.0.0.1, which is what vpnc-script-win.js would attempt to use if INTERNAL_IP4_NETMASK is /0. See https://gitlab.com/openconnect/openconnect/-/merge_requests/306#note_745139972. As noted in the OpenConnect source, "It's a tunnel; having a gateway is meaningless." Setting the "gateway" address for Windows to match INTERNAL_IP4_ADDRESS seems like the simplest way to make 'netsh' configure routingly correctly in all cases, including when the INTERNAL_IP4_NETMASK is either /0 or /32. Signed-off-by: Daniel Lenski --- diff --git a/vpnc-script-win.js b/vpnc-script-win.js index 63235c8..5e76f8e 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -66,18 +66,14 @@ case "pre-init": break; case "connect": var gw = getDefaultGateway(); - // Calculate the first legal host address in subnet - // (identical to the INTERNAL_IP4_ADDRESS if the netmask is - // 255.255.255.255, otherwise increment the last octet) - // We also need to work around the fact that - // INTERNAL_IP4_{NETMASK,NETADDR} are not always set for - // all protocols. + // Use INTERNAL_IP4_ADDRESS as the "gateway" address for the + // VPN tunnel connection. As noted in the OpenConnect source, + // "It's a tunnel; having a gateway is meaningless." Setting + // the gateway to match the INTERNAL_IP4_ADDRESS seems like + // the simplest way to behave correctly in all cases, + // including when the INTERNAL_IP4_NETMASK is /0 or /32. var internal_ip4_netmask = env("INTERNAL_IP4_NETMASK") || "255.255.255.255"; - var internal_ip4_netaddr = env("INTERNAL_IP4_NETADDR") || env("INTERNAL_IP4_ADDRESS"); - var internal_gw_array = internal_ip4_netaddr.split("."); - if (internal_ip4_netmask.trim() != "255.255.255.255" && env("INTERNAL_IP4_NETMASKLEN") != 32) - internal_gw_array[3]++; - var internal_gw = internal_gw_array.join("."); + var internal_gw = env("INTERNAL_IP4_ADDRESS"); echo("VPN Gateway: " + env("VPNGATEWAY")); echo("Internal Address: " + env("INTERNAL_IP4_ADDRESS"));