Hi, On Sat, 14 Sep 2019 23:00:42 +0300 Dmitry Semyonov <linu...@gmail.com> wrote: > Package: vpnc-scripts > Version: 0.1~git20190117-1 > Severity: normal > > Dear Maintainer, > > When VPN server (Cisco in my case) provides a list of sub-nets that should not > be routed through VPN, the script creates a bunch of corresponding routes but > omits the provided netmasks, thus effectively ignoring the feature. Moreover, > on termination of VPN connection the script is not able to properly remove > created routes because they use invalid netmask (/32 by default). > > I traced the problem down to the 'route add' command executed inside > set_exclude_route(). The following hack fixes the issue for me: > > cmd="$IPROUTE route add `$IPROUTE route get "$NETWORK/$NETMASKLEN" > | fix_ip_get_output`" > cmd=`echo $cmd | sed -e 's@ via @'"/$NETMASKLEN via @"` # add proper > netmask > $cmd > > (A similar change is needed for set_ipv6_exclude_route() if you use IPv6.)
This has been fixed upstream: - http://git.infradead.org/users/dwmw2/vpnc-scripts.git/commitdiff/fe5cb8a6d9791aa5217db31825b66eb185066a8d - cleanup: http://git.infradead.org/users/dwmw2/vpnc-scripts.git/commitdiff/0851a20770d875d5b6cb76ec49b3137f56410f9a Any chance this could end up in a stable update? cheers, Stefan
