Update to 20210401. From the changelog:
- fix IPv6 split masklen
- vpnc-script-win: tidy up, more logging
- vpnc-script-win: make VPN addresses/gateways "non-persistent", and
delete them on disconnect
- vpnc-script-win: delete DNS and WINS servers before adding them
- vpnc-script-win: dump stdout and stderr when a command fails
- vpnc-script-win: use TUNIDX in all netsh commands, remove
waitForInterface()
- vpnc-script-win: add FIXMEs regard IPv6 split-excludes and gateways
- vpnc-script-win: add legacy IP split-exclude handling
- vpnc-script-win: cleanup spacing, clarify comments
- vpnc-script-win: simplify 'internal gateway' calculation
- GNU awk regex fix
- move destroy_tun_device into do_disconnect (called only here)
- remove bits for ancient Linux 2.6.x kernels
- mention IDLE_TIMEOUT
- cleanup whitespace and clarify comments
- tweak warning message about un-routable exclude routes
- Ignore unreachable exclude routes
- Document split tunnel EXC variables
- ignore bogus non-forwardable exclude routes on disconnect too
- *BSDs: get_default_gw needs to EXCLUDE routes through tunnel for
attempt-reconnect, but should NOT exclude them otherwise
- mark tunnel device 'down' before destroying
- Add DragonFly BSD support and improve FreeBSD support
- Use '[[:space:]]' instead of '\s' to support POSIX awk
- *BSDs: don't inadvertently pick up a bogus 0.0.0.0/32 route as a
default route
- Fix basename invocation on *BSD shells
- fix another ifconfig syntax difference between Linux and *BSDs
- use `ip netns` instead of ocserv `listen-netns` config option for
test configs
- match preexisting code style
- Use systemd-resolve to check if resolved is running
- FIXME add mock IPv6 configuration to get CI to work
- add a bit more logging to test scripts
- split iproute2 and *BSD-ish into separate CI runs
- CI: don't need to install ocserv and which
- numerous fixes for Linux IPv6 configuration using
ifconfig/route/netstat
- try running tests with *BSD-ish tools (ifconfig/route/netstat) for
additional coverage
- match code style
- Don't use /sbin/resolvconf if it just points to resolvectl.
- include calling process ID in DEFAULT_ROUTE_FILE{,_IPV6}
- with BSD 'route', save-and-restore IPv6 default routes
- simplify cases and add ifconfig_syntax_del variable
- Patch: make ipv6 in ipv4 and ipv6 in ipv6 tunnels work on (Net)BSD
- vpnc-scripts: added a sanity check of routes and resolv.conf
generation
- preserve metric in fix_ip_get_output
- with iproute2, sort the routes to the VPN gateway by metric before
trying to create an explicit route to the gateway via each of them
- make do_attempt_reconnect work with route/ifconfig
- add working do_attempt_reconnect
- don't try to set an explicit route to VPN gateway if localhost, and
ignore bogus non-forwardable exclude routes
- Ignore link-local routes in set_default_route
- leave support for older systemd-resolved (v229-v238) in place
- Windows IPv6: remove hard-coded next-hop of fe80::8
- Add split DNS support for systemd-resolved
- Use resolvectl for systemd-resolved
- fix tabs/spaces in POSIX vpnc-script as well
- cleanup whitespace in vpnc-script-win.js
- specify interface when adding routes
- fix Slackware issue (netconfig is an unrelated tool, not relevant for
resolv.conf handling)
- No need to add a separate sed invocation for `$NETMASKLEN` fixing
- iproute2 5.1+ doesn't allow prefixlen!=32 in get
2021-05-22 11:12:05 +02:00
|
|
|
# $NetBSD: Makefile,v 1.8 2021/05/22 09:12:05 schmonz Exp $
|
2015-03-02 16:24:12 +01:00
|
|
|
|
Update to 20210401. From the changelog:
- fix IPv6 split masklen
- vpnc-script-win: tidy up, more logging
- vpnc-script-win: make VPN addresses/gateways "non-persistent", and
delete them on disconnect
- vpnc-script-win: delete DNS and WINS servers before adding them
- vpnc-script-win: dump stdout and stderr when a command fails
- vpnc-script-win: use TUNIDX in all netsh commands, remove
waitForInterface()
- vpnc-script-win: add FIXMEs regard IPv6 split-excludes and gateways
- vpnc-script-win: add legacy IP split-exclude handling
- vpnc-script-win: cleanup spacing, clarify comments
- vpnc-script-win: simplify 'internal gateway' calculation
- GNU awk regex fix
- move destroy_tun_device into do_disconnect (called only here)
- remove bits for ancient Linux 2.6.x kernels
- mention IDLE_TIMEOUT
- cleanup whitespace and clarify comments
- tweak warning message about un-routable exclude routes
- Ignore unreachable exclude routes
- Document split tunnel EXC variables
- ignore bogus non-forwardable exclude routes on disconnect too
- *BSDs: get_default_gw needs to EXCLUDE routes through tunnel for
attempt-reconnect, but should NOT exclude them otherwise
- mark tunnel device 'down' before destroying
- Add DragonFly BSD support and improve FreeBSD support
- Use '[[:space:]]' instead of '\s' to support POSIX awk
- *BSDs: don't inadvertently pick up a bogus 0.0.0.0/32 route as a
default route
- Fix basename invocation on *BSD shells
- fix another ifconfig syntax difference between Linux and *BSDs
- use `ip netns` instead of ocserv `listen-netns` config option for
test configs
- match preexisting code style
- Use systemd-resolve to check if resolved is running
- FIXME add mock IPv6 configuration to get CI to work
- add a bit more logging to test scripts
- split iproute2 and *BSD-ish into separate CI runs
- CI: don't need to install ocserv and which
- numerous fixes for Linux IPv6 configuration using
ifconfig/route/netstat
- try running tests with *BSD-ish tools (ifconfig/route/netstat) for
additional coverage
- match code style
- Don't use /sbin/resolvconf if it just points to resolvectl.
- include calling process ID in DEFAULT_ROUTE_FILE{,_IPV6}
- with BSD 'route', save-and-restore IPv6 default routes
- simplify cases and add ifconfig_syntax_del variable
- Patch: make ipv6 in ipv4 and ipv6 in ipv6 tunnels work on (Net)BSD
- vpnc-scripts: added a sanity check of routes and resolv.conf
generation
- preserve metric in fix_ip_get_output
- with iproute2, sort the routes to the VPN gateway by metric before
trying to create an explicit route to the gateway via each of them
- make do_attempt_reconnect work with route/ifconfig
- add working do_attempt_reconnect
- don't try to set an explicit route to VPN gateway if localhost, and
ignore bogus non-forwardable exclude routes
- Ignore link-local routes in set_default_route
- leave support for older systemd-resolved (v229-v238) in place
- Windows IPv6: remove hard-coded next-hop of fe80::8
- Add split DNS support for systemd-resolved
- Use resolvectl for systemd-resolved
- fix tabs/spaces in POSIX vpnc-script as well
- cleanup whitespace in vpnc-script-win.js
- specify interface when adding routes
- fix Slackware issue (netconfig is an unrelated tool, not relevant for
resolv.conf handling)
- No need to add a separate sed invocation for `$NETMASKLEN` fixing
- iproute2 5.1+ doesn't allow prefixlen!=32 in get
2021-05-22 11:12:05 +02:00
|
|
|
DISTNAME= vpnc-script-20210401
|
2015-03-02 16:24:12 +01:00
|
|
|
CATEGORIES= net security
|
Update to 20210401. From the changelog:
- fix IPv6 split masklen
- vpnc-script-win: tidy up, more logging
- vpnc-script-win: make VPN addresses/gateways "non-persistent", and
delete them on disconnect
- vpnc-script-win: delete DNS and WINS servers before adding them
- vpnc-script-win: dump stdout and stderr when a command fails
- vpnc-script-win: use TUNIDX in all netsh commands, remove
waitForInterface()
- vpnc-script-win: add FIXMEs regard IPv6 split-excludes and gateways
- vpnc-script-win: add legacy IP split-exclude handling
- vpnc-script-win: cleanup spacing, clarify comments
- vpnc-script-win: simplify 'internal gateway' calculation
- GNU awk regex fix
- move destroy_tun_device into do_disconnect (called only here)
- remove bits for ancient Linux 2.6.x kernels
- mention IDLE_TIMEOUT
- cleanup whitespace and clarify comments
- tweak warning message about un-routable exclude routes
- Ignore unreachable exclude routes
- Document split tunnel EXC variables
- ignore bogus non-forwardable exclude routes on disconnect too
- *BSDs: get_default_gw needs to EXCLUDE routes through tunnel for
attempt-reconnect, but should NOT exclude them otherwise
- mark tunnel device 'down' before destroying
- Add DragonFly BSD support and improve FreeBSD support
- Use '[[:space:]]' instead of '\s' to support POSIX awk
- *BSDs: don't inadvertently pick up a bogus 0.0.0.0/32 route as a
default route
- Fix basename invocation on *BSD shells
- fix another ifconfig syntax difference between Linux and *BSDs
- use `ip netns` instead of ocserv `listen-netns` config option for
test configs
- match preexisting code style
- Use systemd-resolve to check if resolved is running
- FIXME add mock IPv6 configuration to get CI to work
- add a bit more logging to test scripts
- split iproute2 and *BSD-ish into separate CI runs
- CI: don't need to install ocserv and which
- numerous fixes for Linux IPv6 configuration using
ifconfig/route/netstat
- try running tests with *BSD-ish tools (ifconfig/route/netstat) for
additional coverage
- match code style
- Don't use /sbin/resolvconf if it just points to resolvectl.
- include calling process ID in DEFAULT_ROUTE_FILE{,_IPV6}
- with BSD 'route', save-and-restore IPv6 default routes
- simplify cases and add ifconfig_syntax_del variable
- Patch: make ipv6 in ipv4 and ipv6 in ipv6 tunnels work on (Net)BSD
- vpnc-scripts: added a sanity check of routes and resolv.conf
generation
- preserve metric in fix_ip_get_output
- with iproute2, sort the routes to the VPN gateway by metric before
trying to create an explicit route to the gateway via each of them
- make do_attempt_reconnect work with route/ifconfig
- add working do_attempt_reconnect
- don't try to set an explicit route to VPN gateway if localhost, and
ignore bogus non-forwardable exclude routes
- Ignore link-local routes in set_default_route
- leave support for older systemd-resolved (v229-v238) in place
- Windows IPv6: remove hard-coded next-hop of fe80::8
- Add split DNS support for systemd-resolved
- Use resolvectl for systemd-resolved
- fix tabs/spaces in POSIX vpnc-script as well
- cleanup whitespace in vpnc-script-win.js
- specify interface when adding routes
- fix Slackware issue (netconfig is an unrelated tool, not relevant for
resolv.conf handling)
- No need to add a separate sed invocation for `$NETMASKLEN` fixing
- iproute2 5.1+ doesn't allow prefixlen!=32 in get
2021-05-22 11:12:05 +02:00
|
|
|
MASTER_SITES= http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/8fff06090ed193c4a7285e9a10b42e6679e8ecf3:/
|
2015-03-02 16:24:12 +01:00
|
|
|
DIST_SUBDIR= ${PKGNAME_NOREV}
|
|
|
|
|
DISTFILES= vpnc-script
|
|
|
|
|
|
|
|
|
|
MAINTAINER= pkgsrc-users@NetBSD.org
|
|
|
|
|
HOMEPAGE= http://www.infradead.org/openconnect/vpnc-script.html
|
|
|
|
|
# see also http://git.infradead.org/users/dwmw2/vpnc-scripts.git
|
|
|
|
|
COMMENT= Improved config script for OpenConnect and vpnc
|
|
|
|
|
LICENSE= gnu-gpl-v2
|
|
|
|
|
|
|
|
|
|
NO_BUILD= YES
|
|
|
|
|
WRKSRC= ${WRKDIR}
|
|
|
|
|
|
|
|
|
|
EGDIR= ${PREFIX}/share/examples/vpnc-script
|
|
|
|
|
INSTALLATION_DIRS= ${EGDIR}
|
|
|
|
|
CONF_FILES_PERMS= ${EGDIR}/vpnc-script \
|
|
|
|
|
${PKG_SYSCONFDIR}/vpnc-script \
|
2016-05-17 12:32:06 +02:00
|
|
|
${REAL_ROOT_USER} ${REAL_ROOT_GROUP} 555
|
2015-03-02 16:24:12 +01:00
|
|
|
|
|
|
|
|
do-install:
|
|
|
|
|
${INSTALL_SCRIPT} ${WRKSRC}/vpnc-script ${DESTDIR}${EGDIR}
|
|
|
|
|
|
|
|
|
|
.include "../../mk/bsd.pkg.mk"
|
