[vpnc-devel] Can't specify specific route

Fri Jul 8 23:57:58 CEST 2011

On Fri, 2011-07-08 at 13:57 -0500, Richard Pickett wrote:
> Yeah, the only thing is, I'm trying to automate it so I can have the
> thing constantly reconnect and have the right routes. I'm thinking I
> need to modify the vpnc-script that it calls by default.

Or wrap it with something that sets all the environment variables as if
vpnc had set them. Here's what we do with OpenConnect (which uses the
same vpnc-script) to override the VPN-provided routing. There's code in
there which helps you make the GConf key to set NetworkManager up, too.

#!/bin/sh

ROUTES="10.0.0.0/8 172.16.0.0/12 192.168.21.0/24 192.168.65.0/24"
ROUTES="$ROUTES 128.215.0.0/16 132.233.0.0/16 134.134.0.0/16"
ROUTES="$ROUTES 137.102.0.0/16 140.248.0.0/16 143.180.0.0/14"
ROUTES="$ROUTES 143.184.0.0/15 146.152.0.0/16 156.153.0.0/16"
ROUTES="$ROUTES 163.33.0.0/16 194.234.16.0/23 198.175.0.0/16"
ROUTES="$ROUTES 198.93.0.0/16 204.30.0.0/16"

MASKS[1]="128.0.0.0"
MASKS[2]="192.0.0.0"
MASKS[3]="224.0.0.0"
MASKS[4]="240.0.0.0"
MASKS[5]="248.0.0.0"
MASKS[6]="252.0.0.0"
MASKS[7]="254.0.0.0"
MASKS[8]="255.0.0.0"
MASKS[9]="255.128.0.0"
MASKS[10]="255.192.0.0"
MASKS[11]="255.224.0.0"
MASKS[12]="255.240.0.0"
MASKS[13]="255.248.0.0"
MASKS[14]="255.252.0.0"
MASKS[15]="255.254.0.0"
MASKS[16]="255.255.0.0"
MASKS[17]="255.255.128.0"
MASKS[18]="255.255.192.0"
MASKS[19]="255.255.224.0"
MASKS[20]="255.255.240.0"
MASKS[21]="255.255.248.0"
MASKS[22]="255.255.252.0"
MASKS[23]="255.255.254.0"
MASKS[24]="255.255.255.0"
MASKS[25]="255.255.255.128"
MASKS[26]="255.255.255.192"
MASKS[27]="255.255.255.224"
MASKS[28]="255.255.255.240"
MASKS[29]="255.255.255.248"
MASKS[30]="255.255.255.252"
MASKS[31]="255.255.255.254"

export CISCO_SPLIT_INC=0

function addroute()
{
    local ROUTE="$1"
    export CISCO_SPLIT_INC_${CISCO_SPLIT_INC}_ADDR=${ROUTE%%/*}
    export CISCO_SPLIT_INC_${CISCO_SPLIT_INC}_MASKLEN=${ROUTE##*/}
    export CISCO_SPLIT_INC_${CISCO_SPLIT_INC}_MASK=${MASKS[${ROUTE##*/}]}
    export CISCO_SPLIT_INC=$((${CISCO_SPLIT_INC}+1))
}

function translateroute ()
{
    local IPADDR="${1%%/*}"
    local MASKLEN="${1##*/}"
    local OCTET1="$(echo $IPADDR | cut -f1 -d.)"
    local OCTET2="$(echo $IPADDR | cut -f2 -d.)"
    local OCTET3="$(echo $IPADDR | cut -f3 -d.)"
    local OCTET4="$(echo $IPADDR | cut -f4 -d.)"

    local NUMADDR=$(($OCTET1*16581375 + $OCTET2*65536 + $OCTET3*256 + $OCTET4))
    local NUMADDR=$(($OCTET4*16581375 + $OCTET3*65536 + $OCTET2*256 + $OCTET1))
    if [ "$ROUTESKEY" = "" ]; then
	ROUTESKEY="$NUMADDR,$MASKLEN,0,0"
    else
	ROUTESKEY="$ROUTESKEY,$NUMADDR,$MASKLEN,0,0"
    fi
}

for r in $ROUTES; do
    addroute $r
done

exec /etc/vpnc/vpnc-script
#echo [$ROUTESKEY]

-- 
dwmw2