www.infradead.org Git - users/dwmw2/vpnc-scripts.git/log

]> www.infradead.org Git - users/dwmw2/vpnc-scripts.git/log

projects / users / dwmw2 / vpnc-scripts.git / log

David Woodhouse [Thu, 31 Jul 2014 22:03:00 +0000 (23:03 +0100)]

Fix quoting on network comparisons

Spotted by Marcus Müller <marcus@hostalia.de>

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Jonathan Lauvernier [Fri, 21 Mar 2014 09:02:40 +0000 (09:02 +0000)]

Fix default route handling in vpnc-script-win.js

Implement full tunnel route setup, and get the $VPNGATEWAY route correct.

Signed-off-by: Jonathan Lauvernier <Jonathan.Lauvernier@gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Tue, 11 Mar 2014 18:44:07 +0000 (11:44 -0700)]

Set MTU on Windows

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Thu, 13 Feb 2014 15:29:35 +0000 (15:29 +0000)]

Support IPv6 on Windows

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Wed, 12 Feb 2014 14:28:28 +0000 (14:28 +0000)]

Import vpnc-script-win.js from vpnc (r540).

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Antonio Borneo [Sun, 10 Mar 2013 11:53:37 +0000 (19:53 +0800)]

vpnc-script: document "reason=reconnect"

After recent modification, a new value can be passed through
environment variable "reason".
Add it in comment header.

Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Emanuel Haupt [Mon, 28 Jan 2013 15:33:38 +0000 (15:33 +0000)]

Fix various issues on FreeBSD

- duplicate creation of tun devices
- cleanup of created tun device
- deadlock of vpnc holding an open file descriptor on /dev/tunN
- properly restoring /etc/resolv.conf

Signed-off-by: Emanuel Haupt <ehaupt@FreeBSD.org>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Stuart Henderson [Thu, 8 Nov 2012 19:37:59 +0000 (19:37 +0000)]

handle creating/destroying the tun device on OpenBSD

Signed-off-by: Stuart Henderson <sthen@openbsd.org>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Stuart Henderson [Thu, 8 Nov 2012 19:37:35 +0000 (19:37 +0000)]

redirect stderr from which (not grep) to /dev/null

Signed-off-by: Stuart Henderson <sthen@openbsd.org>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Mike Miller [Fri, 1 Jun 2012 12:53:25 +0000 (08:53 -0400)]

Fix bashisms for shell compatibility

Signed-off-by: Mike Miller <mtmiller@ieee.org>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Mike Miller [Fri, 1 Jun 2012 12:53:12 +0000 (08:53 -0400)]

Handle IPv6 configuration in sshd variant

Signed-off-by: Mike Miller <mtmiller@ieee.org>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Mike Miller [Fri, 1 Jun 2012 12:53:03 +0000 (08:53 -0400)]

Replace netunshare with ip netns

Signed-off-by: Mike Miller <mtmiller@ieee.org>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Fri, 25 May 2012 07:03:37 +0000 (08:03 +0100)]

Use /32 for netmask to iproute, not /255.255.255.255

Older versions of iproute (e.g. 2.6.18-7 on RHEL5.2) can't cope with seeing
/255.255.255.255.

Thanks to Andrew Daviel for pointing it out.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Thu, 17 May 2012 00:19:36 +0000 (01:19 +0100)]

Add COPYING file and clarify licences

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Mon, 23 Apr 2012 00:20:34 +0000 (01:20 +0100)]

Add script hooks

This is based loosely in concept on the Debian patch, and is also needed for
OpenWrt unless we want to add a bunch of OpenWrt-specific stuff in here too.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Mon, 23 Apr 2012 00:04:54 +0000 (01:04 +0100)]

Add support for OpenWrt DNS management

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Mon, 23 Apr 2012 00:04:27 +0000 (01:04 +0100)]

BusyBox ifconfig doesn't like the "inet" argument.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Thu, 19 Apr 2012 23:21:31 +0000 (00:21 +0100)]

Fix compatibility with Solaris 10 /bin/sh

It doesn't support $( ) or $(( )) or [ -e ] or if !

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Antonio Borneo [Sun, 8 Jan 2012 03:37:00 +0000 (11:37 +0800)]

document INTERNAL_IP4_MTU

Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Mike Kienenberger [Sun, 8 Jan 2012 03:36:59 +0000 (11:36 +0800)]

Support for /sbin/netconfig under OpenSuse 11.1

I added support for OpenSuse 11.1's netconfig system for managing
resolv.conf as modify_resolvconf no longer exists.

Signed-off-by: Mike Kienenberger <mkienenb@gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Antonio Borneo [Sun, 8 Jan 2012 03:36:58 +0000 (11:36 +0800)]

Fix typo inside comment

Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Antonio Borneo [Sun, 8 Jan 2012 03:36:57 +0000 (11:36 +0800)]

Add IPv6 new variables to comment header

Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Antonio Borneo [Sun, 8 Jan 2012 03:36:56 +0000 (11:36 +0800)]

Reuse function and value for default GW

Remove duplicated code to get default GW and
use existing get_default_gw().

Reuse default GW value just obtained, don't
call get_default_gw() twice.

Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Tue, 13 Dec 2011 23:39:14 +0000 (23:39 +0000)]

No need to add link-local address on Solaris.

Revert commit 9e277b5e64315aa3e1a2f2472e9c2d55f9b0f788. Now that we plumb
the interface from openconnect instead of with ifconfig from vpnc-script,
the issues with link-local addresses no longer seem to bother us.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Antonio Borneo [Mon, 12 Dec 2011 20:39:06 +0000 (04:39 +0800)]

vpnc-script: fix for Suse pre 11.1

To handle /etc/resolv.conf file, Suse Linux pre 11.1
uses /sbin/modify_resolvconf script.
The same parameter "-s <service>" have to be passed
to modify_resolvconf on both "modify" and "restore".

Original vpnc-script.in from vpnc project runs:
/sbin/modify_resolvconf modify -s $SCRIPTNAME ...
/sbin/modify_resolvconf restore -s vpnc ...
with $SCRIPTNAME=="vpnc".

In this repository, vpnc-script.in has been converted
to vpnc-script. Doing this, the value $SCRIPTNAME has
changed from "vpnc" to "vpnc-script".
This breaks the "restore" and left /etc/resolv.conf
modified for the (already closed) VPN tunnel.

Replace "-s $SCRIPTNAME" with fixed value "-s vpnc".

Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Mon, 12 Dec 2011 18:16:54 +0000 (18:16 +0000)]

Do not plumb interface for IPv6 on Solaris. The VPN client should do that.

... and does, as of openconnect commit c77af62db. (vpnc doesn't do IPv6 yet)

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Fri, 9 Dec 2011 13:14:07 +0000 (13:14 +0000)]

Manually assign link-local IPv6 addresses on Solaris

Solaris 11 *really* wants the interface to have a link-local address, and
doesn't add one automatically.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Fri, 9 Dec 2011 13:13:10 +0000 (13:13 +0000)]

Fix stderr redirection for 'which ip' output

We really want to redirect stderr from 'which'; not from 'grep'.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Thu, 8 Dec 2011 01:04:35 +0000 (01:04 +0000)]

Tidy up IPv6 address/netmask handling a little, fix netmask handling on *BSD.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Thu, 8 Dec 2011 00:55:30 +0000 (00:55 +0000)]

Remove dest_address from IPv6 ifconfig for all but Solaris

This makes OpenBSD unhappy, and it looks like OpenVPN *only* does it on
Solaris.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Thu, 24 Nov 2011 12:42:33 +0000 (12:42 +0000)]

Add restorecon calls for /var/run/vpnc and /dev/net/tun (Red Hat bug #731382)

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Christian Krause [Sun, 4 Sep 2011 23:21:51 +0000 (00:21 +0100)]

Fix calculation of MTU. Bash doesn't like numbers in quotes.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Fred Wittekind IV [Sun, 4 Sep 2011 22:10:40 +0000 (23:10 +0100)]

Fix MTU calculation (Red Hat bug #693235)

Newer iproute doesn't give the mtu in 'ip route get' output, so get the
device and then get the device's MTU (which theoretically could be
different to the route MTU but this is good enough for now).

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Wed, 17 Aug 2011 12:58:46 +0000 (13:58 +0100)]

Merge branch 'vpnc-script' of git://github.com/falconindy/vpnc-scripts

commit | commitdiff | tree

David Woodhouse [Wed, 17 Aug 2011 10:20:24 +0000 (11:20 +0100)]

Be more robust with unknown 'ip route get' output.

Make it opt-in, not opt-out for unknown options.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Dave Reisner [Mon, 15 Aug 2011 00:39:11 +0000 (20:39 -0400)]

vpnc-script: use iproute to create ptp link if possible

This should make net-tools completely optional on Linux.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>

commit | commitdiff | tree

Dave Reisner [Mon, 15 Aug 2011 00:01:24 +0000 (20:01 -0400)]

vpnc-script: prevent negative MTU

We can't be sure that the route shown by 'ip route get' will return
anything. Restructure the logic to only perform the subtraction if it
does. Otherwise, fall back to the default 1412.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>

commit | commitdiff | tree

Alessandro Suardi [Sat, 28 May 2011 22:20:15 +0000 (23:20 +0100)]

Cope with new kernel/iproute including ipid in route list

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

Bernhard Schmidt [Tue, 23 Feb 2010 18:11:53 +0000 (18:11 +0000)]

Set route to VPN gateway before configuring tunnel

In some circumstances (with $VPNGATEWAY being inside of
$INTERNAL_IP4_ADDRESS/$INTERNAL_IP4_NETMASK, for example when the netmask
was set incorrectly) the hostroute to $VPNGATEWAY pointed to the
tunnel device, creating a routing recursion.

Set the host route before configuring the tun interface to fix this.

Signed-off-by: Bernhard Schmidt <berni@birkenwald.de>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Mon, 25 Jan 2010 05:27:20 +0000 (18:27 +1300)]

Only remove IPv6 default route if we had IPv6

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Fri, 13 Nov 2009 16:24:00 +0000 (16:24 +0000)]

Fix up FreeBSD support

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Fri, 13 Nov 2009 15:02:51 +0000 (15:02 +0000)]

Add IPv6 support for Solaris (and maybe BSD)

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Fri, 13 Nov 2009 14:56:01 +0000 (14:56 +0000)]

no grep -q on solaris

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Wed, 11 Nov 2009 00:52:24 +0000 (00:52 +0000)]

Handle IPv6 nameservers (in $INTERNAL_IP4_DNS variable)

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Wed, 11 Nov 2009 00:42:28 +0000 (00:42 +0000)]

Handle IPv6 routes

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Wed, 4 Nov 2009 07:34:49 +0000 (07:34 +0000)]

Set IPv6 address on interface; no routes yet

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Tue, 3 Nov 2009 20:57:46 +0000 (20:57 +0000)]

Fix MTU when no default route

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525389

Patch from Jonathan Miner

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Tue, 3 Nov 2009 19:11:55 +0000 (19:11 +0000)]

Make basic vpnc-script work with Solaris

Add -interface flag when adding routes, specify gateway for default
route when deleting it.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Sat, 6 Jun 2009 13:45:55 +0000 (14:45 +0100)]

Add pTRTd script for NAT-PT address to VPN

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Sat, 6 Jun 2009 12:19:27 +0000 (13:19 +0100)]

Add netunshare

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Sat, 6 Jun 2009 11:55:57 +0000 (12:55 +0100)]

set up dnsmasq in netns

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Sat, 6 Jun 2009 11:22:54 +0000 (12:22 +0100)]

Add ssh-inside-vpn-namespace script

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Sat, 6 Jun 2009 09:01:26 +0000 (10:01 +0100)]

Remove the substitution in vpnc-script, to remove the need for vpnc-script.in

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

commit | commitdiff | tree

David Woodhouse [Sat, 6 Jun 2009 08:53:01 +0000 (09:53 +0100)]

Import vpnc-script from vpnc

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom