[PATCH] [RFC] custom resolv.conf and route handling

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This patch implements something I have had hacked-in for years: the
ability to run vpnc/openconnect on a Linux box which functions as a
router without altering behavior of traffic from/to the router itself.
The router can provide multiple clients with routes and DNS such that
the clients are seamlessly connected to the VPN without really knowing
it.

There are other components to this setup which are not covered directly
by this patchset but which are left as an exercise to the
administrator:
* pdns-recursor set up to forward specific zones to the VPN
* dhcpd set to provide VPN-specific DNS to some/all clients on the LAN
* iproute2 to set up routing rules for some/all clients
* iptables to set up SNAT/MASQUERADE

I can document this stuff in more detail later if desired. Where would
I put the documentation though?

The tricky part here is that vpnc-script does not take arguments, nor
does it have a config file. Thus, the implementation I wrote works
entirely via hooks. This does not necessarily seem like the best way,
but it fits most closely with existing design. I wouldn't mind
reworking it if I can get some input as to what design is most
desirable.

[PATCH 1/4] minor simplification
[PATCH 2/4] allow custom resolv.conf handling via hooks
[PATCH 3/4] allow custom routing table specification via hooks
[PATCH 4/4] add a contrib script for setting up pdns-recursor

 contrib/hooks/modify-resolvconf.d/pdns-forward-zones | 20 ++++++++++++++++++++
 vpnc-script                                          | 44 ++++++++++++++++++++++++++++++--------------
 2 files changed, 50 insertions(+), 14 deletions(-)


Thanks,
Corey



[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux