Re: vpnc and determining correct routes

[Derek Atkins <warlord MIT EDU>]

Dan Williams <dcbw redhat com> writes:

> I've added a dict-based VPN config interface to 0.7/HEAD, which is what
> should be used here.  The vpnc plugin hasn't been converted over yet,
> but it will need to be for this to work.  We then simply add a new dict
> entry with a standard name, say "vpn_routes", which is a dbus array of
> ipv4 addresses formatted as dbus_uint32_t.

How is a dbus_uint32_t sufficient to encode a route?  You need at
least 40 bits to encode a route (32-bit IP/ 6-bit #bits).  Or if you
prefer a full IP + Mask then you need 64 bits.  It depends on whether
you want to encode it as A.B.C.D/N or A.B.C.D/E.F.G.H.  In either
case, a 32-bit number isn't sufficient.

>> details in vpnc's code and we already have an interface for those
>> variables, but I don't really want to add a dbus interface to vpnc which
>> has not seen a new update for more than  12 months.

Which is unfortunate -- I wish vpnc would export more of the VPN
configuration.  I couldn't even figure out how to get NM to call VPNC
in such a way to actually dump the full configuration debug info to
syslog!  Either that or the nm-vpnc-service is eating the vpnc debug
output..  :(

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord MIT EDU                        PGP key available