tech-pkg: Re: vpnc 0.3.3 [was: Re: vpnc updated]

Subject: Re: vpnc 0.3.3 [was: Re: vpnc updated]
To: Hubert Feyrer <hubert@feyrer.de>
From: George Michaelson <ggm@apnic.net>
List: tech-pkg
Date: 09/07/2005 08:56:02
On Tue, 6 Sep 2005 20:38:53 +0200 (CEST)
Hubert Feyrer <hubert@feyrer.de> wrote:

> 
> Hi George,
> 
> I hope you don't mind I spread this to tech-pkg - someone there may
> care.
> 
> On Tue, 6 Sep 2005, George Michaelson wrote:
> > there is a newer vpnc. 0.3.3
> >
> > the first patch in the 0.3.2 patches/patch-aa isn't needed. the
> > second one applied fine.
> 
> it is, look at what it does.

It looked to me like the first patch was already applied to the 0.3.3
sources but I'll check again properly! sorry about that.

> 
> 
> > they have made some minor changes. they include removing one script,
> > and I found the replacement assumed /bin/sh is bash.
> 
> Yuck.

I'll try and discuss this with them. Its not a good idea.

> 
> 
> > I tried the new one, but I haven't yet got it to work. It seems to
> > apply a route default to take over the entire routing which I don't
> > want, the 0.3.2 version doesn't do that for me.
> >
> > Have you had a chance to play with this?
> 
> No, and i can't seem to get it going out of the box, either.
> Open Issues:
>   * get the vpnc-script example file copied to /usr/pkg/etc
>     (I have no idea how the CONF_FILES framework works)
>   * running the thing with either an "empty" or the provided
>     vpnc-script runs, but my tun0 is not configured at all.

their syntax for the ifconfig tun<x> command is bust. I removed the
word "inet" and it worked for me. But I had an all-site default route
and no packetflows. I think their CISCO_SPLIT_ROUTES model is not quite
right.

> 
> Until someone fixes this, I'd very much like this to stay at 0.3.2.
> FWIW, I've placed my package here: www.feyrer.de/Misc/vpnc-0.3.3.tgz
> Updates/patches against pkgsrc welcome!

I agree with Hubert: this is not a viable upgrade for NetBSD yet, and
the package needs to stay on the previous version until these problems
are fixed. Working Cisco VPN is too useful to loose.

-George
> 
> 
>   - Hubert
> 


-- 
George Michaelson       |  APNIC                 
Email: ggm@apnic.net    |  PO Box 2131 Milton    
Phone: +61 7 3858 3150  |  QLD 4064 Australia    
  Fax: +61 7 3858 3199  |  http://www.apnic.net