[Openswan dev] Re: Openswan 2.4.0dr9 multiple defaultroute patch

Sun Aug 14 00:49:20 CEST 2005

Hi,

some months ago, I proposed a patch to fix the problem that Openswan
under native 2.6 IPSec doesn't scope with multiple
defaultroute. Unfortunately, it jumps into a subroutine from _startklips
to compute the default route. Is this necessary under Linux 2.6? Perhaps
this issue should be fixed be 2.4.0 is released.

Dirk

On Tue, Feb 01, 2005 at 11:03:47PM +0100, Dirk Nehring wrote:
> Hi Openswan developer,
>
> unfortunately, Openswan does not support multiple defaultroutes. Since
> 2.6 it is not a principle problem to route ESP packets via more than one
> defaultroute. Here is my first patch for inclusion, if you like it,
> please apply.
>
> --------------------------------------------------
> diff -ur openswan-2.2.0.orig/programs/_startklips/_startklips.in openswan-2.2.0/programs/_startklips/_startklips.in
> --- openswan-2.2.0.orig/programs/_startklips/_startklips.in     2004-07-15 04:34:42.000000000 +0200
> +++ openswan-2.2.0/programs/_startklips/_startklips.in  2004-11-26 13:21:37.142594304 +0100
> @@ -192,7 +192,7 @@
>  # interfaces=%defaultroute:  put ipsec0 on top of default route's interface
>  defaultinterface() {
>         phys=`netstat -nr |
> -               awk '$1 == "0.0.0.0" && $3 == "0.0.0.0" { print $NF }'`
> +               awk '$1 == "0.0.0.0" && $3 == "0.0.0.0" { print $NF }' | head -1`
>         if test " $phys" = " "
>         then
>                 echo "no default route, %defaultroute cannot cope!!!"
> --------------------------------------------------
>
> Regards,
>
> Dirk Nehring