[PATCH v2 0/4] OpenVPN: handle additional routes

Daniel Wagner Mon, 13 Dec 2010 06:08:19 -0800

From: Daniel Wagner <[email protected]>

Hi,


In my office setup the the OpenVPN server wants to push a few routes
to my client. Currently the OepnVPN plugin ignores those routes. 

This patch series will handle those routes. Unfortunatly, I'm facing
a small problem with the default route:

connmand[10688]: vpn0 {create} index 15 type 65534 <NONE>
connmand[10688]: vpn0 {update} flags 4240 <DOWN>
connmand[10688]: vpn0 {newlink} index 15 operstate 2 <DOWN>
connmand[10688]: plugins/openvpn.c:ov_notify() script_type = up
connmand[10688]: plugins/openvpn.c:ov_notify() dev = vpn0
connmand[10688]: plugins/openvpn.c:ov_notify() link_mtu = 1554
connmand[10688]: plugins/openvpn.c:ov_notify() tun_mtu = 1500
connmand[10688]: plugins/openvpn.c:ov_notify() script_context = init
connmand[10688]: plugins/openvpn.c:ov_notify() route_gateway_6 = 10.242.2.5
connmand[10688]: plugins/openvpn.c:ov_notify() route_netmask_6 = 255.252.0.0
connmand[10688]: plugins/openvpn.c:ov_notify() route_network_6 = 160.48.0.0
connmand[10688]: plugins/openvpn.c:ov_notify() route_gateway_5 = 10.242.2.5
connmand[10688]: plugins/openvpn.c:ov_notify() route_netmask_5 = 255.255.255.255
connmand[10688]: plugins/openvpn.c:ov_notify() route_network_5 = 10.0.101.11
connmand[10688]: plugins/openvpn.c:ov_notify() route_gateway_4 = 10.242.2.5
connmand[10688]: plugins/openvpn.c:ov_notify() route_netmask_4 = 255.255.254.0
connmand[10688]: plugins/openvpn.c:ov_notify() route_network_4 = 10.0.100.0
connmand[10688]: plugins/openvpn.c:ov_notify() route_gateway_3 = 10.242.2.5
connmand[10688]: plugins/openvpn.c:ov_notify() route_netmask_3 = 255.255.255.0
connmand[10688]: plugins/openvpn.c:ov_notify() route_network_3 = 10.0.102.0
connmand[10688]: plugins/openvpn.c:ov_notify() route_gateway_2 = 10.242.2.5
connmand[10688]: plugins/openvpn.c:ov_notify() route_netmask_2 = 255.255.0.0
connmand[10688]: plugins/openvpn.c:ov_notify() route_network_2 = 192.168.0.0
connmand[10688]: plugins/openvpn.c:ov_notify() route_gateway_1 = 10.242.2.5
connmand[10688]: plugins/openvpn.c:ov_notify() route_netmask_1 = 255.255.255.255
connmand[10688]: plugins/openvpn.c:ov_notify() route_network_1 = 10.242.2.1
connmand[10688]: plugins/openvpn.c:ov_notify() route_vpn_gateway = 10.242.2.5
connmand[10688]: plugins/openvpn.c:ov_notify() route_net_gateway = 10.0.201.254
connmand[10688]: plugins/openvpn.c:ov_notify() ifconfig_remote = 10.242.2.5
connmand[10688]: plugins/openvpn.c:ov_notify() ifconfig_local = 10.242.2.6
connmand[10688]: plugins/openvpn.c:ov_notify() foreign_option_5 = dhcp-option 
DNS 192.168.100.4
connmand[10688]: plugins/openvpn.c:ov_notify() foreign_option_4 = dhcp-option 
DNS 192.168.3.6
connmand[10688]: plugins/openvpn.c:ov_notify() foreign_option_3 = dhcp-option 
WINS 192.168.100.4
connmand[10688]: plugins/openvpn.c:ov_notify() foreign_option_2 = dhcp-option 
WINS 192.168.100.1
connmand[10688]: plugins/openvpn.c:ov_notify() foreign_option_1 = dhcp-option 
DOMAIN bmw-carit.intra
connmand[10688]: plugins/openvpn.c:ov_notify() common_name = mail.bmw-carit.de
connmand[10688]: plugins/openvpn.c:ov_notify() trusted_port = 1194
connmand[10688]: plugins/openvpn.c:ov_notify() trusted_ip = 62.245.222.104
connmand[10688]: plugins/openvpn.c:ov_notify() untrusted_port = 1194
connmand[10688]: plugins/openvpn.c:ov_notify() untrusted_ip = 62.245.222.104
connmand[10688]: plugins/openvpn.c:ov_notify() tls_serial_0 = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() tls_id_0 = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() X509_0_emailAddress = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() X509_0_CN = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() X509_0_O = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() X509_0_L = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() X509_0_C = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() tls_serial_1 = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() tls_id_1 = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() X509_1_emailAddress = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() X509_1_CN = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() X509_1_O = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() X509_1_L = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() X509_1_C = XXX
connmand[10688]: plugins/openvpn.c:ov_notify() CONNMAN_BUSNAME = :1.118
connmand[10688]: plugins/openvpn.c:ov_notify() CONNMAN_INTERFACE = 
net.connman.Task
connmand[10688]: plugins/openvpn.c:ov_notify() CONNMAN_PATH = /task/0
connmand[10688]: plugins/openvpn.c:ov_notify() verb = 1
connmand[10688]: plugins/openvpn.c:ov_notify() daemon = 0
connmand[10688]: plugins/openvpn.c:ov_notify() daemon_log_redirect = 0
connmand[10688]: plugins/openvpn.c:ov_notify() daemon_start_time = 1292248151
connmand[10688]: plugins/openvpn.c:ov_notify() daemon_pid = 12267
connmand[10688]: plugins/openvpn.c:ov_notify() proto_1 = udp
connmand[10688]: plugins/openvpn.c:ov_notify() local_port_1 = 0
connmand[10688]: plugins/openvpn.c:ov_notify() remote_1 = vpn.bmw-carit.de
connmand[10688]: plugins/openvpn.c:ov_notify() remote_port_1 = 1194
connmand[10688]: vpn0 {update} flags 69841 <UP,RUNNING,LOWER_UP>
connmand[10688]: vpn0 {newlink} index 15 operstate 0 <UNKNOWN>
connmand[10688]: vpn0 up
connmand[10688]: vpn0 lower up
connmand[10688]: Deleting host route failed (No such process)
connmand[10688]: Removing default gateway route failed (No such process)
connmand[10688]: Enabling DNS server 10.0.201.254
connmand[10688]: Deleting host route failed (No such process)
connmand[10688]: Removing default gateway route failed (No such process)
connmand[10688]: Adding DNS server 192.168.100.4
connmand[10688]: Adding DNS server 192.168.3.6
connmand[10688]: vpn0 {add} address 10.242.2.6/32 label vpn0
connmand[10688]: vpn0 ip bound
connmand[10688]: vpn0 {add} route 10.242.2.5 gw 0.0.0.0 scope 253 <LINK>
connmand[10688]: vpn0 {add} route 62.245.222.104 gw 0.0.0.0 scope 253 <LINK>
connmand[10688]: wlan0 {add} route 62.245.222.104 gw 10.0.201.254 scope 0 
<UNIVERSE>
connmand[10688]: wlan0 {del} route 10.0.201.254 gw 0.0.0.0 scope 253 <LINK>
connmand[10688]: wlan0 ip release
connmand[10688]: wlan0 {del} route 0.0.0.0 gw 10.0.201.254 scope 0 <UNIVERSE>
connmand[10688]: Enabling DNS server 10.0.201.254
connmand[10688]: Disabling DNS server 192.168.100.4
connmand[10688]: Disabling DNS server 192.168.3.6
connmand[10688]: Disabling DNS server 10.0.201.254
connmand[10688]: Enabling DNS server 192.168.100.4
connmand[10688]: Enabling DNS server 192.168.3.6
connmand[10688]: vpn0 {add} route 10.242.2.1 gw 10.242.2.5 scope 0 <UNIVERSE>
connmand[10688]: vpn0 {add} route 192.168.0.0 gw 10.242.2.5 scope 0 <UNIVERSE>
connmand[10688]: vpn0 {add} route 10.0.102.0 gw 10.242.2.5 scope 0 <UNIVERSE>
connmand[10688]: vpn0 {add} route 10.0.100.0 gw 10.242.2.5 scope 0 <UNIVERSE>
connmand[10688]: vpn0 {add} route 10.0.101.11 gw 10.242.2.5 scope 0 <UNIVERSE>
connmand[10688]: vpn0 {add} route 160.48.0.0 gw 10.242.2.5 scope 0 <UNIVERSE>
connmand[10688]: vpn0 ip bound
connmand[10688]: vpn0 {add} route 0.0.0.0 gw 10.242.2.5 scope 0 <UNIVERSE>

OpenVPN + ConnMan

$ ip r
62.245.222.104 via 10.0.201.254 dev wlan0 
62.245.222.104 dev vpn0  scope link 
10.242.2.5 dev vpn0  proto kernel  scope link  src 10.242.2.6 
10.0.101.11 via 10.242.2.5 dev vpn0 
10.242.2.1 via 10.242.2.5 dev vpn0 
10.0.102.0/24 via 10.242.2.5 dev vpn0 
10.0.201.0/24 dev wlan0  proto kernel  scope link  src 10.0.201.116 
10.0.100.0/23 via 10.242.2.5 dev vpn0 
192.168.0.0/16 via 10.242.2.5 dev vpn0 
160.48.0.0/14 via 10.242.2.5 dev vpn0 
default via 10.242.2.5 dev vpn0


OpenVPN only:

$ ip r
10.242.2.13 dev tun0  proto kernel  scope link  src 10.242.2.14 
10.0.201.254 dev wlan0  scope link 
10.0.101.11 via 10.242.2.13 dev tun0 
10.242.2.1 via 10.242.2.13 dev tun0 
10.0.102.0/24 via 10.242.2.13 dev tun0 
10.0.201.0/24 dev wlan0  proto kernel  scope link  src 10.0.201.116 
10.0.100.0/23 via 10.242.2.13 dev tun0 
192.168.0.0/16 via 10.242.2.13 dev tun0 
160.48.0.0/14 via 10.242.2.13 dev tun0 
default via 10.0.201.254 dev wlan0 

The default route differs in those two setups. Haven't figured out
where to fix this yet. 

BTW, this series doesn't break my other test setup. 

Daniel Wagner (4):
  OpenVPN: pass in additional arguments
  OpenVPN: add pushed routes
  OpenVPN append routes
  OpenVPN: Use ifconfig_remote as peer address

 include/inet.h     |    3 +-
 include/provider.h |    4 ++
 plugins/openvpn.c  |  123 ++++++++++++++++++++++++++++++++++++++++++++++++++-
 src/connection.c   |    5 +-
 src/inet.c         |   13 ++++-
 src/provider.c     |   47 ++++++++++++++++++++
 src/service.c      |    6 ++-
 7 files changed, 190 insertions(+), 11 deletions(-)

-- 
1.7.3.2

_______________________________________________
connman mailing list
[email protected]
http://lists.connman.net/listinfo/connman

[PATCH v2 0/4] OpenVPN: handle additional routes

Reply via email to