Here is an improved patch: this explicitly preserves any proto or metric settings when the new default route is set. However, there is definitely a timing issue such that neither the previous patch nor this work reliably, at least on my Ubuntu wily kernel+userspace combination. On 12 February 2016 at 20:43, Shaheed Haque <srhaque at theiet.org> wrote: > [ This report concerns a defect originally reported at > https://bugs.launchpad.net/ubuntu/+source/vpnc-scripts/+bug/1544802 ] > > Bug Description > > The /usr/share/vpnc-scripts/vpnc-script handles updates to the default > route using two different codepaths. In one codepath, the command "ip > route replace" is used to update the original default route with new > one (and to restore it later). The replace command in the update case > does not work if the original route default route has non-standard > attributes. For example, an original default route like this: > > $ sudo ip route > default via 192.168.1.254 dev wlp3s0 proto static metric 600 > 169.254.0.0/16 dev wlp3s0 scope link metric 1000 > 192.168.1.0/24 dev wlp3s0 proto kernel scope link src 192.168.1.85 metric 600 > > cannot be simply "ip route replace"d by a command of the form "ip > route replace dev <foo>". Also, the present logic to save and then > restore the original rute is broken because not all the route > attributes are preserved AND the replacement attributes don't match > the attributes of the new default route. > > The attached patch addresses both these problems. > > The software versions in use are up-to-date Wily with: > > $ dpkg-query -l | egrep 'vpnc-scripts|iproute' > ii iproute 1:4.1.1-1ubuntu1 all transitional dummy package for iproute2 > ii iproute2 4.1.1-1ubuntu1 amd64 networking and traffic control tools > ii vpnc-scripts 0.1~git20140806-1 all Network configuration scripts > for VPNC and OpenConnect > > As requested at http://www.infradead.org/openconnect/contribute.html, > this patch is hereby: > > Signed-off-by: Shaheed R. Haque <srhaque at theiet.org> > > Thanks, Shaheed -------------- next part -------------- --- /usr/share/vpnc-scripts/vpnc-script.saved 2014-10-26 00:38:13.000000000 +0100 +++ /usr/share/vpnc-scripts/vpnc-script 2016-03-02 23:53:50.547478197 +0000 @@ -229,8 +229,10 @@ } set_default_route() { - $IPROUTE route | grep '^default' | fix_ip_get_output > "$DEFAULT_ROUTE_FILE" - $IPROUTE route replace default dev "$TUNDEV" + $IPROUTE route | grep '^default' > "$DEFAULT_ROUTE_FILE" + proto=$($IPROUTE route | grep '^default' | sed -r '/proto\s+\S+/s/.*(proto\s+\S+).*/\1/p;d') + metric=$($IPROUTE route | grep '^default' | sed -r '/metric\s+[0-9]+/s/.*(metric\s+[0-9]+).*/\1/p;d') + $IPROUTE route replace default dev "$TUNDEV" $proto $metric $IPROUTE route flush cache }
