[OpenWrt-Devel] openconnect does not remove default routes [was: Some OpenConnect observations]

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun Jan 4 05:44:37 EST 2015


On Sun, 2015-01-04 at 09:18 +0100, Gottfried Haider wrote:
> Hello Nikos,
> 
> >> * Bringing the VPN interface down again doesn't restore regular
> >> internet access. It seems the routes (and DNS?) that came with the VPN
> >> stay also after running ifdown.
> > I don't seem to have this issue, please provide more information if it
> > persists with the latest packages.
> 
> Those are the routes on a pretty recent OpenWrt snapshot (w/
> openconnect 7.00-4). Please let me now if I can help with anything
> else, or update to an even more recent system.
> 
> Before connecting to the VPN, during, and after (the VPN IP remains as
> destination):
[...]

It seems that you use openconnect to set a default route, and that's why
I couldn't reproduce it. I don't think that openconnect handles default
routes differently, so it could be an issue in netifd. As I see default
routes are registered using proto_add_ipv4_route, and should have been
automatically removed when proto_kill_command is called in
openconnect.sh.

Most probably you'll have to check the log (readlog), and possibly add
some additional logging in:
/lib/netifd/netifd-proto.sh
/lib/netifd/proto/openconnect.sh

Sorry for not being able to help more. Maybe someone in the
openwrt-devel list will be able to help with that.

regards,
Nios
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list