Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 327416 Details for
Bug 384099
Version bump net-misc/openconnect-4.07
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
openconnect-script
openconnect-script (text/plain), 21.37 KB, created by
Matthew Schultz
on 2012-10-25 19:07:36 UTC
(
hide
)
Description:
openconnect-script
Filename:
MIME Type:
Creator:
Matthew Schultz
Created:
2012-10-25 19:07:36 UTC
Size:
21.37 KB
patch
obsolete
>#!/bin/sh ># ># Originally part of vpnc source code: ># © 2005-2012 Maurice Massar, Jörg Mayer, Antonio Borneo et al. ># © 2009-2012 David Woodhouse <dwmw2@infradead.org> ># ># This program is free software; you can redistribute it and/or modify ># it under the terms of the GNU General Public License as published by ># the Free Software Foundation; either version 2 of the License, or ># (at your option) any later version. ># ># This program is distributed in the hope that it will be useful, ># but WITHOUT ANY WARRANTY; without even the implied warranty of ># MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ># GNU General Public License for more details. ># ># You should have received a copy of the GNU General Public License ># along with this program; if not, write to the Free Software ># Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA ># >################ ># ># List of parameters passed through environment >#* reason -- why this script was called, one of: pre-init connect disconnect >#* VPNGATEWAY -- vpn gateway address (always present) >#* TUNDEV -- tunnel device (always present) >#* INTERNAL_IP4_ADDRESS -- address (always present) >#* INTERNAL_IP4_MTU -- mtu (often unset) >#* INTERNAL_IP4_NETMASK -- netmask (often unset) >#* INTERNAL_IP4_NETMASKLEN -- netmask length (often unset) >#* INTERNAL_IP4_NETADDR -- address of network (only present if netmask is set) >#* INTERNAL_IP4_DNS -- list of dns servers >#* INTERNAL_IP4_NBNS -- list of wins servers >#* INTERNAL_IP6_ADDRESS -- IPv6 address >#* INTERNAL_IP6_NETMASK -- IPv6 netmask >#* INTERNAL_IP6_DNS -- IPv6 list of dns servers >#* CISCO_DEF_DOMAIN -- default domain name >#* CISCO_BANNER -- banner from server >#* CISCO_SPLIT_INC -- number of networks in split-network-list >#* CISCO_SPLIT_INC_%d_ADDR -- network address >#* CISCO_SPLIT_INC_%d_MASK -- subnet mask (for example: 255.255.255.0) >#* CISCO_SPLIT_INC_%d_MASKLEN -- subnet masklen (for example: 24) >#* CISCO_SPLIT_INC_%d_PROTOCOL -- protocol (often just 0) >#* CISCO_SPLIT_INC_%d_SPORT -- source port (often just 0) >#* CISCO_SPLIT_INC_%d_DPORT -- destination port (often just 0) >#* CISCO_IPV6_SPLIT_INC -- number of networks in IPv6 split-network-list >#* CISCO_IPV6_SPLIT_INC_%d_ADDR -- IPv6 network address >#* CISCO_IPV6_SPLIT_INC_$%d_MASKLEN -- IPv6 subnet masklen > ># FIXMEs: > ># Section A: route handling > ># 1) The 3 values CISCO_SPLIT_INC_%d_PROTOCOL/SPORT/DPORT are currently being ignored ># In order to use them, we'll probably need os specific solutions ># * Linux: iptables -t mangle -I PREROUTING <conditions> -j ROUTE --oif $TUNDEV ># This would be an *alternative* to changing the routes (and thus 2) and 3) ># shouldn't be relevant at all) ># 2) There are two different functions to set routes: generic routes and the ># default route. Why isn't the defaultroute handled via the generic route case? ># 3) In the split tunnel case, all routes but the default route might get replaced ># without getting restored later. We should explicitely check and save them just ># like the defaultroute ># 4) Replies to a dhcp-server should never be sent into the tunnel > ># Section B: Split DNS handling > ># 1) Maybe dnsmasq can do something like that ># 2) Parse dns packets going out via tunnel and redirect them to original dns-server > >#env | sort >#set -x > ># =========== script (variable) setup ==================================== > >PATH=/sbin:/usr/sbin:$PATH > >OS="`uname -s`" > >HOOKS_DIR=/etc/vpnc >DEFAULT_ROUTE_FILE=/var/run/vpnc/defaultroute >RESOLV_CONF_BACKUP=/var/run/vpnc/resolv.conf-backup >SCRIPTNAME=`basename $0` > ># some systems, eg. Darwin & FreeBSD, prune /var/run on boot >if [ ! -d "/var/run/vpnc" ]; then > mkdir -p /var/run/vpnc > [ -x /sbin/restorecon ] && /sbin/restorecon /var/run/vpnc >fi > ># stupid SunOS: no blubber in /usr/local/bin ... (on stdout) >IPROUTE="`which ip | grep '^/'`" 2> /dev/null > >if ifconfig --help 2>&1 | grep BusyBox > /dev/null; then > ifconfig_syntax_inet="" >else > ifconfig_syntax_inet="inet" >fi > >if [ "$OS" = "Linux" ]; then > ifconfig_syntax_ptp="pointopoint" > route_syntax_gw="gw" > route_syntax_del="del" > route_syntax_netmask="netmask" >else > ifconfig_syntax_ptp="" > route_syntax_gw="" > route_syntax_del="delete" > route_syntax_netmask="-netmask" >fi >if [ "$OS" = "SunOS" ]; then > route_syntax_interface="-interface" > ifconfig_syntax_ptpv6="$INTERNAL_IP6_ADDRESS" >else > route_syntax_interface="" > ifconfig_syntax_ptpv6="" >fi > >if [ -r /etc/openwrt_release ] && [ -n "$OPENWRT_INTERFACE" ]; then > . /etc/functions.sh > include /lib/network > MODIFYRESOLVCONF=modify_resolvconf_openwrt > RESTORERESOLVCONF=restore_resolvconf_openwrt >elif [ -x /sbin/resolvconf ]; then # Optional tool on Debian, Ubuntu, Gentoo > MODIFYRESOLVCONF=modify_resolvconf_manager > RESTORERESOLVCONF=restore_resolvconf_manager >elif [ -x /sbin/netconfig ]; then # tool on Suse after 11.1 > MODIFYRESOLVCONF=modify_resolvconf_suse_netconfig > RESTORERESOLVCONF=restore_resolvconf_suse_netconfig >elif [ -x /sbin/modify_resolvconf ]; then # Mandatory tool on Suse earlier than 11.1 > MODIFYRESOLVCONF=modify_resolvconf_suse > RESTORERESOLVCONF=restore_resolvconf_suse >else # Generic for any OS > MODIFYRESOLVCONF=modify_resolvconf_generic > RESTORERESOLVCONF=restore_resolvconf_generic >fi > > ># =========== script hooks ================================================= > >run_hooks() { > HOOK="$1" > > if [ -d ${HOOKS_DIR}/${HOOK}.d ]; then > for script in ${HOOKS_DIR}/${HOOK}.d/* ; do > [ -f $script ] && . $script > done > fi >} > ># =========== tunnel interface handling ==================================== > >do_ifconfig() { > if [ -n "$INTERNAL_IP4_MTU" ]; then > MTU=$INTERNAL_IP4_MTU > elif [ -n "$IPROUTE" ]; then > MTUDEV=`$IPROUTE route get "$VPNGATEWAY" | sed -ne 's/^.*dev \([a-z0-9]*\).*$/\1/p'` > MTU=`$IPROUTE link show "$MTUDEV" | sed -ne 's/^.*mtu \([[:digit:]]\+\).*$/\1/p'` > if [ -n "$MTU" ]; then > MTU=`expr $MTU - 88` > fi > fi > > if [ -z "$MTU" ]; then > MTU=1412 > fi > > # Point to point interface require a netmask of 255.255.255.255 on some systems > if [ -n "$IPROUTE" ]; then > $IPROUTE link set dev "$TUNDEV" up mtu "$MTU" > $IPROUTE addr add "$INTERNAL_IP4_ADDRESS/32" peer "$INTERNAL_IP4_ADDRESS" dev "$TUNDEV" > else > ifconfig "$TUNDEV" ${ifconfig_syntax_inet} "$INTERNAL_IP4_ADDRESS" $ifconfig_syntax_ptp "$INTERNAL_IP4_ADDRESS" netmask 255.255.255.255 mtu ${MTU} up > fi > > if [ -n "$INTERNAL_IP4_NETMASK" ]; then > set_network_route $INTERNAL_IP4_NETADDR $INTERNAL_IP4_NETMASK $INTERNAL_IP4_NETMASKLEN > fi > > # If the netmask is provided, it contains the address _and_ netmask > if [ -n "$INTERNAL_IP6_ADDRESS" ] && [ -z "$INTERNAL_IP6_NETMASK" ]; then > INTERNAL_IP6_NETMASK="$INTERNAL_IP6_ADDRESS/128" > fi > if [ -n "$INTERNAL_IP6_NETMASK" ]; then > if [ -n "$IPROUTE" ]; then > $IPROUTE -6 addr add $INTERNAL_IP6_NETMASK dev $TUNDEV > else > # Unlike for Legacy IP, we don't specify the dest_address > # here on *BSD. OpenBSD for one will refuse to accept > # incoming packets to that address if we do. > # OpenVPN does the same (gives dest_address for Legacy IP > # but not for IPv6). > # Only Solaris needs it; hence $ifconfig_syntax_ptpv6 > ifconfig "$TUNDEV" inet6 $INTERNAL_IP6_NETMASK $ifconfig_syntax_ptpv6 mtu $MTU up > fi > fi >} > >destroy_tun_device() { > case "$OS" in > NetBSD|FreeBSD) # and probably others... > ifconfig "$TUNDEV" destroy > ;; > esac >} > ># =========== route handling ==================================== > >if [ -n "$IPROUTE" ]; then > fix_ip_get_output () { > sed -e 's/ /\n/g' | \ > sed -ne '1p;/via/{N;p};/dev/{N;p};/src/{N;p};/mtu/{N;p}' > } > > set_vpngateway_route() { > $IPROUTE route add `$IPROUTE route get "$VPNGATEWAY" | fix_ip_get_output` > $IPROUTE route flush cache > } > > del_vpngateway_route() { > $IPROUTE route $route_syntax_del "$VPNGATEWAY" > $IPROUTE route flush cache > } > > set_default_route() { > $IPROUTE route | grep '^default' | fix_ip_get_output > "$DEFAULT_ROUTE_FILE" > $IPROUTE route replace default dev "$TUNDEV" > $IPROUTE route flush cache > } > > set_network_route() { > NETWORK="$1" > NETMASK="$2" > NETMASKLEN="$3" > $IPROUTE route replace "$NETWORK/$NETMASKLEN" dev "$TUNDEV" > $IPROUTE route flush cache > } > > reset_default_route() { > if [ -s "$DEFAULT_ROUTE_FILE" ]; then > $IPROUTE route replace `cat "$DEFAULT_ROUTE_FILE"` > $IPROUTE route flush cache > rm -f -- "$DEFAULT_ROUTE_FILE" > fi > } > > del_network_route() { > NETWORK="$1" > NETMASK="$2" > NETMASKLEN="$3" > $IPROUTE route $route_syntax_del "$NETWORK/$NETMASKLEN" dev "$TUNDEV" > $IPROUTE route flush cache > } > > set_ipv6_default_route() { > # We don't save/restore IPv6 default route; just add a higher-priority one. > $IPROUTE -6 route add default dev "$TUNDEV" metric 1 > $IPROUTE -6 route flush cache > } > > set_ipv6_network_route() { > NETWORK="$1" > NETMASKLEN="$2" > $IPROUTE -6 route replace "$NETWORK/$NETMASKLEN" dev "$TUNDEV" > $IPROUTE route flush cache > } > > reset_ipv6_default_route() { > $IPROUTE -6 route del default dev "$TUNDEV" > $IPROUTE route flush cache > } > > del_ipv6_network_route() { > NETWORK="$1" > NETMASKLEN="$2" > $IPROUTE -6 route del "$NETWORK/$NETMASKLEN" dev "$TUNDEV" > $IPROUTE -6 route flush cache > } >else # use route command > get_default_gw() { > # isn't -n supposed to give --numeric output? > # apperently not... > # Get rid of lines containing IPv6 addresses (':') > netstat -r -n | awk '/:/ { next; } /^(default|0\.0\.0\.0)/ { print $2; }' > } > > set_vpngateway_route() { > route add -host "$VPNGATEWAY" $route_syntax_gw "`get_default_gw`" > } > > del_vpngateway_route() { > route $route_syntax_del -host "$VPNGATEWAY" $route_syntax_gw "`get_default_gw`" > } > > set_default_route() { > DEFAULTGW="`get_default_gw`" > echo "$DEFAULTGW" > "$DEFAULT_ROUTE_FILE" > route $route_syntax_del default $route_syntax_gw "$DEFAULTGW" > route add default $route_syntax_gw "$INTERNAL_IP4_ADDRESS" $route_syntax_interface > } > > set_network_route() { > NETWORK="$1" > NETMASK="$2" > NETMASKLEN="$3" > del_network_route "$NETWORK" "$NETMASK" "$NETMASKLEN" > route add -net "$NETWORK" $route_syntax_netmask "$NETMASK" $route_syntax_gw "$INTERNAL_IP4_ADDRESS" $route_syntax_interface > } > > reset_default_route() { > if [ -s "$DEFAULT_ROUTE_FILE" ]; then > route $route_syntax_del default $route_syntax_gw "`get_default_gw`" $route_syntax_interface > route add default $route_syntax_gw `cat "$DEFAULT_ROUTE_FILE"` > rm -f -- "$DEFAULT_ROUTE_FILE" > fi > } > > del_network_route() { > case "$OS" in > Linux|NetBSD|Darwin|SunOS) # and probably others... > # routes are deleted automatically on device shutdown > return > ;; > esac > NETWORK="$1" > NETMASK="$2" > NETMASKLEN="$3" > route $route_syntax_del -net "$NETWORK" $route_syntax_netmask "$NETMASK" $route_syntax_gw "$INTERNAL_IP4_ADDRESS" > } > > set_ipv6_default_route() { > route add -inet6 default "$INTERNAL_IP6_ADDRESS" $route_syntax_interface > } > > set_ipv6_network_route() { > NETWORK="$1" > NETMASK="$2" > route add -inet6 -net "$NETWORK/$NETMASK" "$INTERNAL_IP6_ADDRESS" $route_syntax_interface > : > } > > reset_ipv6_default_route() { > route $route_syntax_del -inet6 default "$INTERNAL_IP6_ADDRESS" > : > } > > del_ipv6_network_route() { > NETWORK="$1" > NETMASK="$2" > route $route_syntax_del -inet6 "$NETWORK/$NETMASK" "$INTERNAL_IP6_ADDRESS" > : > } > >fi > ># =========== resolv.conf handling ==================================== > ># =========== resolv.conf handling for any OS ========================= > >modify_resolvconf_generic() { > grep '^#@VPNC_GENERATED@' /etc/resolv.conf > /dev/null 2>&1 || cp -- /etc/resolv.conf "$RESOLV_CONF_BACKUP" > NEW_RESOLVCONF="#@VPNC_GENERATED@ -- this file is generated by vpnc ># and will be overwritten by vpnc ># as long as the above mark is intact" > > # Remember the original value of CISCO_DEF_DOMAIN we need it later > CISCO_DEF_DOMAIN_ORIG="$CISCO_DEF_DOMAIN" > # Don't step on INTERNAL_IP4_DNS value, use a temporary variable > INTERNAL_IP4_DNS_TEMP="$INTERNAL_IP4_DNS" > exec 6< "$RESOLV_CONF_BACKUP" > while read LINE <&6 ; do > case "$LINE" in > nameserver*) > if [ -n "$INTERNAL_IP4_DNS_TEMP" ]; then > read ONE_NAMESERVER INTERNAL_IP4_DNS_TEMP <<-EOF > $INTERNAL_IP4_DNS_TEMP >EOF > LINE="nameserver $ONE_NAMESERVER" > else > LINE="" > fi > ;; > search*) > if [ -n "$CISCO_DEF_DOMAIN" ]; then > LINE="$LINE $CISCO_DEF_DOMAIN" > CISCO_DEF_DOMAIN="" > fi > ;; > domain*) > if [ -n "$CISCO_DEF_DOMAIN" ]; then > LINE="domain $CISCO_DEF_DOMAIN" > CISCO_DEF_DOMAIN="" > fi > ;; > esac > NEW_RESOLVCONF="$NEW_RESOLVCONF >$LINE" > done > exec 6<&- > > for i in $INTERNAL_IP4_DNS_TEMP ; do > NEW_RESOLVCONF="$NEW_RESOLVCONF >nameserver $i" > done > if [ -n "$CISCO_DEF_DOMAIN" ]; then > NEW_RESOLVCONF="$NEW_RESOLVCONF >search $CISCO_DEF_DOMAIN" > fi > echo "$NEW_RESOLVCONF" > /etc/resolv.conf > > if [ "$OS" = "Darwin" ]; then > case "`uname -r`" in > # Skip for pre-10.4 systems > 4.*|5.*|6.*|7.*) > ;; > # 10.4 and later require use of scutil for DNS to work properly > *) > OVERRIDE_PRIMARY="" > if [ -n "$CISCO_SPLIT_INC" ]; then > if [ $CISCO_SPLIT_INC -lt 1 ]; then > # Must override for correct default route > # Cannot use multiple DNS matching in this case > OVERRIDE_PRIMARY='d.add OverridePrimary # 1' > fi > fi > # Uncomment the following if/fi pair to use multiple > # DNS matching when available. When multiple DNS matching > # is present, anything reading the /etc/resolv.conf file > # directly will probably not work as intended. > #if [ -z "$CISCO_DEF_DOMAIN_ORIG" ]; then > # Cannot use multiple DNS matching without a domain > OVERRIDE_PRIMARY='d.add OverridePrimary # 1' > #fi > scutil >/dev/null 2>&1 <<-EOF > open > d.init > d.add ServerAddresses * $INTERNAL_IP4_DNS > set State:/Network/Service/$TUNDEV/DNS > d.init > # next line overrides the default gateway and breaks split routing > # d.add Router $INTERNAL_IP4_ADDRESS > d.add Addresses * $INTERNAL_IP4_ADDRESS > d.add SubnetMasks * 255.255.255.255 > d.add InterfaceName $TUNDEV > $OVERRIDE_PRIMARY > set State:/Network/Service/$TUNDEV/IPv4 > close > EOF > if [ -n "$CISCO_DEF_DOMAIN_ORIG" ]; then > scutil >/dev/null 2>&1 <<-EOF > open > get State:/Network/Service/$TUNDEV/DNS > d.add DomainName $CISCO_DEF_DOMAIN_ORIG > d.add SearchDomains * $CISCO_DEF_DOMAIN_ORIG > d.add SupplementalMatchDomains * $CISCO_DEF_DOMAIN_ORIG > set State:/Network/Service/$TUNDEV/DNS > close > EOF > fi > ;; > esac > fi >} > >restore_resolvconf_generic() { > if [ ! -f "$RESOLV_CONF_BACKUP" ]; then > return > fi > grep '^#@VPNC_GENERATED@' /etc/resolv.conf > /dev/null 2>&1 && cat "$RESOLV_CONF_BACKUP" > /etc/resolv.conf > rm -f -- "$RESOLV_CONF_BACKUP" > > if [ "$OS" = "Darwin" ]; then > case "`uname -r`" in > # Skip for pre-10.4 systems > 4.*|5.*|6.*|7.*) > ;; > # 10.4 and later require use of scutil for DNS to work properly > *) > scutil >/dev/null 2>&1 <<-EOF > open > remove State:/Network/Service/$TUNDEV/IPv4 > remove State:/Network/Service/$TUNDEV/DNS > close > EOF > ;; > esac > fi >} ># === resolv.conf handling via /sbin/netconfig (Suse 11.1) ===================== > ># Suse provides a script that modifies resolv.conf. Use it because it will ># restart/reload all other services that care about it (e.g. lwresd). [unclear if this is still true, but probably --mlk] > >modify_resolvconf_suse_netconfig() >{ > /sbin/netconfig modify -s vpnc -i "$TUNDEV" <<-EOF > INTERFACE='$TUNDEV' > DNSSERVERS='$INTERNAL_IP4_DNS' > DNSDOMAIN='$CISCO_DEF_DOMAIN' > EOF >} ># Restore resolv.conf to old contents on Suse >restore_resolvconf_suse_netconfig() >{ > /sbin/netconfig remove -s vpnc -i "$TUNDEV" >} > ># === resolv.conf handling via /sbin/modify_resolvconf (Suse) ===================== > ># Suse provides a script that modifies resolv.conf. Use it because it will ># restart/reload all other services that care about it (e.g. lwresd). > >modify_resolvconf_suse() >{ > FULL_SCRIPTNAME=`readlink -f $0` > RESOLV_OPTS='' > test -n "$INTERNAL_IP4_DNS" && RESOLV_OPTS="-n \"$INTERNAL_IP4_DNS\"" > test -n "$CISCO_DEF_DOMAIN" && RESOLV_OPTS="$RESOLV_OPTS -d $CISCO_DEF_DOMAIN" > test -n "$RESOLV_OPTS" && eval /sbin/modify_resolvconf modify -s vpnc -p $SCRIPTNAME -f $FULL_SCRIPTNAME -e $TUNDEV $RESOLV_OPTS -t \"This file was created by $SCRIPTNAME\" >} > ># Restore resolv.conf to old contents on Suse >restore_resolvconf_suse() >{ > FULL_SCRIPTNAME=`readlink -f $0` > /sbin/modify_resolvconf restore -s vpnc -p $SCRIPTNAME -f $FULL_SCRIPTNAME -e $TUNDEV >} > ># === resolv.conf handling via UCI (OpenWRT) ========= > >modify_resolvconf_openwrt() { > add_dns $OPENWRT_INTERFACE $INTERNAL_IP4_DNS >} > >restore_resolvconf_openwrt() { > remove_dns $OPENWRT_INTERFACE >} ># === resolv.conf handling via /sbin/resolvconf (Debian, Ubuntu, Gentoo)) ========= > >modify_resolvconf_manager() { > NEW_RESOLVCONF="" > for i in $INTERNAL_IP4_DNS; do > NEW_RESOLVCONF="$NEW_RESOLVCONF >nameserver $i" > done > if [ -n "$CISCO_DEF_DOMAIN" ]; then > NEW_RESOLVCONF="$NEW_RESOLVCONF >domain $CISCO_DEF_DOMAIN" > fi > echo "$NEW_RESOLVCONF" | /sbin/resolvconf -a $TUNDEV >} > >restore_resolvconf_manager() { > /sbin/resolvconf -d $TUNDEV >} > ># ========= Toplevel state handling ======================================= > >kernel_is_2_6_or_above() { > case `uname -r` in > 1.*|2.[012345]*) > return 1 > ;; > *) > return 0 > ;; > esac >} > >do_pre_init() { > if [ "$OS" = "Linux" ]; then > if (exec 6<> /dev/net/tun) > /dev/null 2>&1 ; then > : > else # can't open /dev/net/tun > test -e /proc/sys/kernel/modprobe && `cat /proc/sys/kernel/modprobe` tun 2>/dev/null > # fix for broken devfs in kernel 2.6.x > if [ "`readlink /dev/net/tun`" = misc/net/tun \ > -a ! -e /dev/net/misc/net/tun -a -e /dev/misc/net/tun ] ; then > ln -sf /dev/misc/net/tun /dev/net/tun > fi > # make sure tun device exists > if [ ! -e /dev/net/tun ]; then > mkdir -p /dev/net > mknod -m 0640 /dev/net/tun c 10 200 > [ -x /sbin/restorecon ] && /sbin/restorecon /dev/net/tun > fi > # workaround for a possible latency caused by udev, sleep max. 10s > if kernel_is_2_6_or_above ; then > for x in `seq 100` ; do > (exec 6<> /dev/net/tun) > /dev/null 2>&1 && break; > sleep 0.1 > done > fi > fi > elif [ "$OS" = "FreeBSD" ]; then > if [ ! -e /dev/tun ]; then > kldload if_tun > fi > elif [ "$OS" = "GNU/kFreeBSD" ]; then > if [ ! -e /dev/tun ]; then > kldload if_tun > fi > elif [ "$OS" = "NetBSD" ]; then > : > elif [ "$OS" = "OpenBSD" ]; then > : > elif [ "$OS" = "SunOS" ]; then > : > elif [ "$OS" = "Darwin" ]; then > : > fi >} > >do_connect() { > if [ -n "$CISCO_BANNER" ]; then > echo "Connect Banner:" > echo "$CISCO_BANNER" | while read LINE ; do echo "|" "$LINE" ; done > echo > fi > > set_vpngateway_route > do_ifconfig > if [ -n "$CISCO_SPLIT_INC" ]; then > i=0 > while [ $i -lt $CISCO_SPLIT_INC ] ; do > eval NETWORK="\${CISCO_SPLIT_INC_${i}_ADDR}" > eval NETMASK="\${CISCO_SPLIT_INC_${i}_MASK}" > eval NETMASKLEN="\${CISCO_SPLIT_INC_${i}_MASKLEN}" > if [ $NETWORK != "0.0.0.0" ]; then > set_network_route "$NETWORK" "$NETMASK" "$NETMASKLEN" > else > set_default_route > fi > i=`expr $i + 1` > done > for i in $INTERNAL_IP4_DNS ; do > echo "$i" | grep : >/dev/null || \ > set_network_route "$i" "255.255.255.255" "32" > done > elif [ -n "$INTERNAL_IP4_ADDRESS" ]; then > set_default_route > fi > if [ -n "$CISCO_IPV6_SPLIT_INC" ]; then > i=0 > while [ $i -lt $CISCO_IPV6_SPLIT_INC ] ; do > eval NETWORK="\${CISCO_IPV6_SPLIT_INC_${i}_ADDR}" > eval NETMASKLEN="\${CISCO_IPV6_SPLIT_INC_${i}_MASKLEN}" > if [ $NETMASKLEN -lt 128 ]; then > set_ipv6_network_route "$NETWORK" "$NETMASKLEN" > else > set_ipv6_default_route > fi > i=`expr $i + 1` > done > for i in $INTERNAL_IP4_DNS ; do > if echo "$i" | grep : >/dev/null; then > set_ipv6_network_route "$i" "128" > fi > done > elif [ -n "$INTERNAL_IP6_NETMASK" -o -n "$INTERNAL_IP6_ADDRESS" ]; then > set_ipv6_default_route > fi > > if [ -n "$INTERNAL_IP4_DNS" ]; then > $MODIFYRESOLVCONF > fi >} > >do_disconnect() { > if [ -n "$CISCO_SPLIT_INC" ]; then > i=0 > while [ $i -lt $CISCO_SPLIT_INC ] ; do > eval NETWORK="\${CISCO_SPLIT_INC_${i}_ADDR}" > eval NETMASK="\${CISCO_SPLIT_INC_${i}_MASK}" > eval NETMASKLEN="\${CISCO_SPLIT_INC_${i}_MASKLEN}" > if [ $NETWORK != "0.0.0.0" ]; then > # FIXME: This doesn't restore previously overwritten > # routes. > del_network_route "$NETWORK" "$NETMASK" "$NETMASKLEN" > else > reset_default_route > fi > i=`expr $i + 1` > done > for i in $INTERNAL_IP4_DNS ; do > del_network_route "$i" "255.255.255.255" "32" > done > else > reset_default_route > fi > if [ -n "$CISCO_IPV6_SPLIT_INC" ]; then > i=0 > while [ $i -lt $CISCO_IPV6_SPLIT_INC ] ; do > eval NETWORK="\${CISCO_IPV6_SPLIT_INC_${i}_ADDR}" > eval NETMASKLEN="\${CISCO_IPV6_SPLIT_INC_${i}_MASKLEN}" > if [ $NETMASKLEN -eq 0 ]; then > reset_ipv6_default_route > else > del_ipv6_network_route "$NETWORK" "$NETMASKLEN" > fi > i=`expr $i + 1` > done > for i in $INTERNAL_IP6_DNS ; do > del_ipv6_network_route "$i" "128" > done > elif [ -n "$INTERNAL_IP6_NETMASK" -o -n "$INTERNAL_IP6_ADDRESS" ]; then > reset_ipv6_default_route > fi > > del_vpngateway_route > > if [ -n "$INTERNAL_IP4_DNS" ]; then > $RESTORERESOLVCONF > fi > destroy_tun_device >} > >#### Main > >if [ -z "$reason" ]; then > echo "this script must be called from vpnc" 1>&2 > exit 1 >fi > >case "$reason" in > pre-init) > run_hooks pre-init > do_pre_init > ;; > connect) > run_hooks connect > do_connect > run_hooks post-connect > ;; > disconnect) > run_hooks disconnect > do_disconnect > run_hooks post-disconnect > ;; > reconnect) > run_hooks reconnect > ;; > *) > echo "unknown reason '$reason'. Maybe vpnc-script is out of date" 1>&2 > exit 1 > ;; >esac > >exit 0
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 384099
:
287423
|
327326
|
327328
|
327414
|
327416
|
331056
|
331058
|
331062
|
331064
|
331066
|
331068
|
331366
|
331370
|
331372
|
331402
|
331486
|
331488
|
331490
|
331496
|
331498
|
331500
|
331502