Am 26.02.2018 um 16:27 schrieb David Woodhouse: > > > On Wed, 2018-02-21 at 17:46 +0100, Gernot Hillier wrote: >> OpenConnect already sets the according environment variables when the Pulse >> gateway sends "split-exclude" routes, so we only need to handle them >> in vpnc-script. >> >> Sorry for the delay in sending v3. >> >> We hopefully get an official Siemens approval for OpenConnect on Linux clients >> soon, so it would be great if you could apply patch no. 1 which is mandatory >> for us. Feel free to ignore or apply patches 2 and 3 if considered useful. >> >> Patch history: >> >> Original series (submitted 2017-10-11):? >> - assumed split-exclude targets and VPN gateway are reachable via the same uplink >> v2 (submitted 2017-10-30): >> - re-use current routing information for the "ip route" case for split-exclude >> ? routes, only guess about correct uplink for /sbin/route case >> - patches are now independent of each other, but I chose to leave them in the >> ? same series for better comparability. >> - throw away untested IPv6 code >> v3: >> - re-add IPv6 support >> - re-order patches to ease application of patch no. 1 only > > These look sane enough. I've applied them; thanks. Thanks, this really helps us promoting Open Source as alternative here! By the way, does it still make sense to maintain the script in a separate repo? Are there still people using your version with vpnc? Otherwise I'd suggest to move those to openconnect repo, that way all distros will automatically pick it up - as an example, OpenSUSE currently only ships the outdated vpnc version... -- Gernot
