Here's the code snippet from my vpnc-connect that handles the "Target networks" configuration option. unfortunately the vpnc application complains about the configuration option, but it works anyways with the warnings.
-derek networks="$(getvar "${config}" "Target networks")" if [ -z "$networks" ]; then ip route add $(ip route get $VPNGATEWAY | fix_ip_get_output) ip route | grep '^default' | fix_ip_get_output > "$defr" echo "$VPNGATEWAY" > "$gateway" networks=default fi for network in $networks; do ip route del $network 2>/dev/null ip route add $network dev $TUNDEV done networks="$(getvar "${config}" "Exclude networks")" for network in $networks; do ip route del $network 2>/dev/null ip route add to $network via $DEF_GATEWAY done Quoting Dan Williams <[EMAIL PROTECTED]>: > On Fri, 2005-04-15 at 12:45 -0400, Derek Atkins wrote: > > Cool! > > > > What's the plan w.r.t. custom configurations of the vpnc connection > manager? > > For exmaple, my vpnc-connect (and vpnc.conf) contain "Targeted Networks" > > configurtion so only partial routes will get forwarded across the VPN > instead > > of all traffic. Will your hooks still work with that change to the > > "vpnc-connect" script? > > If you could post some of the ifconfig or iproute commands in your vpnc- > connect file, that would be great. I simply don't have any examples of > that at this time, and having some would allow me to implement it. > > > I presume your changes also handle re-pointing of DNS servers? > > Yes. In the initial implementation, all DNS traffic runs over the VPN- > provided DNS servers, but quite soon I hope to be able to route just > traffic for the VPN-provided domain (ie CISCO_DEF_DOMAIN) and everything > else over the regular servers. NOTE: regular glibc/nscd _cannot_ do > that, so if you want this feature, you'll need to use the caching- > nameserver configuration. > > Dan > > -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH [EMAIL PROTECTED] PGP key available _______________________________________________ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list