From fe5cb8a6d9791aa5217db31825b66eb185066a8d Mon Sep 17 00:00:00 2001 From: =?utf8?q?Rafa=C5=82=20Florczak?= Date: Sun, 29 Sep 2019 22:05:46 +0200 Subject: [PATCH] iproute2 5.1+ doesn't allow prefixlen!=32 in get MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit In order to set up routing exclusions properly, we now ask for routes without specified prefixlen and later add it manually before calling `ip route add`. Older versions of `ip` silently ignored the prefixlen -- as confirmed in: https://www.spinics.net/lists/netdev/msg570803.html. Reproduction: $ ip route get 1.2.0.0/24 Error: ipv4: Invalid values in header for route get request. Signed-off-by: Rafał Florczak --- vpnc-script | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/vpnc-script b/vpnc-script index 93c70cc..0133eb7 100755 --- a/vpnc-script +++ b/vpnc-script @@ -226,7 +226,8 @@ destroy_tun_device() { if [ -n "$IPROUTE" ]; then fix_ip_get_output () { sed -e 's/ /\n/g' | \ - sed -ne '1p;/via/{N;p};/dev/{N;p};/src/{N;p};/mtu/{N;p}' + sed -ne '1p;/via/{N;p};/dev/{N;p};/src/{N;p};/mtu/{N;p}' | \ + sed -e "1 s|$|${1}|" } set_vpngateway_route() { @@ -265,7 +266,7 @@ if [ -n "$IPROUTE" ]; then NETWORK="$1" NETMASK="$2" NETMASKLEN="$3" - $IPROUTE route add `$IPROUTE route get "$NETWORK/$NETMASKLEN" | fix_ip_get_output` + $IPROUTE route add `$IPROUTE route get "$NETWORK" | fix_ip_get_output "/$NETMASKLEN"` $IPROUTE route flush cache 2>/dev/null } @@ -320,7 +321,7 @@ if [ -n "$IPROUTE" ]; then # (keep traffic separate from VPN tunnel) NETWORK="$1" NETMASKLEN="$2" - $IPROUTE -6 route add `$IPROUTE route get "$NETWORK/$NETMASKLEN" | fix_ip_get_output` + $IPROUTE -6 route add `$IPROUTE route get "$NETWORK" | fix_ip_get_output "/$NETMASKLEN"` $IPROUTE route flush cache 2>/dev/null } -- 2.50.1