When starting vpnc, you might see something like: --- $ sudo vpnc example Device "wlan0 wlan0" does not exist. SIOCSIFMTU: Invalid argument VPNC started in foreground --- A simple modification to the script will correct this (see attached patch). I have tested this update with vpnc-0.5.3_p449-r1 and also vpnc-0.5.3.
Created attachment 241655 [details, diff] Patch vpnc-script to fix iproute parsing
A simple modification? Looks like a whole new regexp to me. Will investigate on it, where do you have it from?
You mean an updated regex is not a simple modification? ;-) I built the regex. My reasoning was as follows: 1. The original regex might return multiple interfaces. 2. The next line in the script that calculates the MTU doesn't handle strings separated with a newline. 3. As I understand things, we want to use the device with the lowest metric as it is probably the correct one. 4. The regex grabs the device name and metric figures then pipes to a numerical sort on the metric. 5. Finally, the device name of interest is obtained and returned to DEV. I don't know why I didn't think of it earlier, but I decided to do a quick search for "vpnc mtu detection" and stumbled across this thread: http://www.gossamer-threads.com/lists/vpnc/devel/3201 It seems from this message that the vpnc-script is now maintained outside of vpnc. http://git.infradead.org/users/dwmw2/vpnc-scripts.git Instead of my fix, perhaps using the updated script may be an idea? I tested the vpnc-script from the master snapshot and it seems to work just fine (provided you're not using iproute2-2.6.35 as that is still buggy).
Yes, maybe this would be a good addition. As I package it anyway from SVN (no new revisions), I can replace the vpnc-script. Give me some time and report here if you find any flaws.
I saw some similar messages as well, although cannot connect at the very moment using vpnc at all.
(In reply to comment #3) > (provided you're not using iproute2-2.6.35 as that is still buggy). Would you please describe what is broken with iproute2-2.6.35, I have -r3 installed at the moment. Downgrade to 2.6.34 did not help to fix my problems (will not describe here to avoid hijacking of the thread). However, if iproute2 is still buggy please open a new bug at bugs.gentoo.org as well. Please post sample output from 'netstat -rn' before and after you patch (or with the updated script from the git repository). Thanks.
Finally my vpnc connection works for me (bug #336012#c4). I can at least report that this patch does not break anything for me although the unpatched version is fine for me as well. Probably because have no IPv6. ;) ON the other hand, I believe it is a good idea to stick to the more recent version. I have iproute-2.6.35-r3 on ~x86 at the moment. A note to those having problems with vpnc: maybe try openswan and strongswan, it seems they support Cisco UDP NAT-T as well.
This has been incorporated into the latest snapshot vpnc-0.5.3_p451. Thank you for your input and sorry for the delay, but I do not use vpnc anymore which lifts the pressure on me. If you are interested in helping maintaining this software, please contact me.