Skip to content

GP: Fix the issue of a 0.0.0.0/0 "split"-include route by swapping the "split" route with the default netmask.

Daniel Lenski requested to merge GP_demangle_default_route_as_split_route into master

GlobalProtect VPNs always or almost always send <netmask>255.255.255.255</netmask> (host route). If they wish to include a true IPv4 default route (0.0.0.0/0), they send it as a "split"-include route.

This interferes with NetworkManager users’ ability to use the "Use only for resources on this connection" feature of NM's VPN plugins. (Which basically tells NM to use only split routes from the connection, and ignore a default route.)

This patch detects the case of a 0.0.0.0/0 IPv4 "split"-include route, and swaps it to become the default default route.

See: https://gitlab.gnome.org/GNOME/NetworkManager-openconnect/-/merge_requests/12#note_818780

Signed-off-by: Daniel Lenski dlenski@gmail.com

Edited by Daniel Lenski

Merge request reports

Loading