[Openswan Users] uproute in _updown script
Tuomo Soini
tis at foobar.fi
Fri Feb 17 21:47:02 CET 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Paul Wouters wrote:
> On Fri, 17 Feb 2006, Marco Berizzi wrote:
>
>
>>I would like to know if there is a quick & dirty solution to
>>remove the static route placed by openswan for every tunnel.
>>They aren't needed anymore on linux 2.6 with netkey. I have
>>taken a look at /usr/local/lib/_updown:
>
>
> They should not be set when using NETKEY.......
Of course they will be set because _updown script doesn't know if netkey
or klips is used.
>
>
> There shouldn't be.
Yes, there will be problem that (left/right)sourceip stop working
immidiately when routing is disabled.
It is possible to change updown so that it will add those routes only
when sourceip is set but then this _updown won't work with klips any more.
- --
Tuomo Soini <tis at foobar.fi>
Linux and network services
+358 40 5240030
Foobar Oy <http://foobar.fi/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Foobar - http://enigmail.mozdev.org
iD8DBQFD9ig2TlrZKzwul1ERAu1zAJ9v1xht05dd8uMDGpuD7h5IkwPquACeM4SD
HHNtKFSfnMX7RzfBRFtiK9g=
=Y0b+
-----END PGP SIGNATURE-----
More information about the Users
mailing list