From: Heiko Schabert <hs@hs-automation.net>
Date: Fri, 6 May 2022 12:08:32 +0000 (+0200)
Subject: Removed automatic adding of NS routes
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=refs%2Fheads%2Fmaster;p=users%2Fdwmw2%2Fvpnc-scripts.git

Removed automatic adding of NS routes

With openconnect version 9.01 include-split was modified, in a way that
a announced route with netwask 0.0.0.0 will leverage env variable `CISCO_SPLIT_INC`.

Entries inside `CISCO_SPLIT_INC`, always causes that routes to the NS
`INTERNAL_IP4_DNS` are created.

This commit, removes that NS routes are automatically are added.

The same mechanism applies to IP6 as well, which uses
env variable `CISCO_IPV6_SPLIT_INC`

Resolves #38. Alignment with behaviour of NetworkManager openconnect
see [1].

[1] https://gitlab.gnome.org/GNOME/NetworkManager-openconnect/-/blob/main/src/nm-openconnect-service-openconnect-helper.c

Signed-off-by: Heiko Schabert <heiko.schabert@siemens.com>
---

diff --git a/vpnc-script b/vpnc-script
index bc026ab..74ccd30 100755
--- a/vpnc-script
+++ b/vpnc-script
@@ -1006,10 +1006,6 @@ do_connect() {
 			fi
 			i=`expr $i + 1`
 		done
-		for i in $INTERNAL_IP4_DNS ; do
-			echo "$i" | grep : >/dev/null || \
-				set_network_route "$i" "255.255.255.255" "32" "$TUNDEV"
-		done
 	elif [ -n "$INTERNAL_IP4_ADDRESS" ]; then
 		set_default_route
 	fi
@@ -1025,11 +1021,6 @@ do_connect() {
 			fi
 			i=`expr $i + 1`
 		done
-		for i in $INTERNAL_IP4_DNS ; do
-			if echo "$i" | grep : >/dev/null; then
-				set_ipv6_network_route "$i" "128" "$TUNDEV"
-			fi
-		done
 	elif [ -n "$INTERNAL_IP6_NETMASK" -o -n "$INTERNAL_IP6_ADDRESS" ]; then
 		set_ipv6_default_route
 	fi
@@ -1055,9 +1046,6 @@ do_disconnect() {
 			fi
 			i=`expr $i + 1`
 		done
-		for i in $INTERNAL_IP4_DNS ; do
-			del_network_route "$i" "255.255.255.255" "32" "$TUNDEV"
-		done
 	else
 		reset_default_route
 	fi
@@ -1096,9 +1084,6 @@ do_disconnect() {
 			fi
 			i=`expr $i + 1`
 		done
-		for i in $INTERNAL_IP6_DNS ; do
-			del_ipv6_network_route "$i" "128" "$TUNDEV"
-		done
 	elif [ -n "$INTERNAL_IP6_NETMASK" -o -n "$INTERNAL_IP6_ADDRESS" ]; then
 		reset_ipv6_default_route
 	fi