From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-doc-cvs+bounces-2950-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1JETFi-0003Zh-QI
	for garchives@archives.gentoo.org; Mon, 14 Jan 2008 17:37:39 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 76E0EE0A68;
	Mon, 14 Jan 2008 17:37:37 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	by pigeon.gentoo.org (Postfix) with ESMTP id 25B8EE0A68
	for <gentoo-doc-cvs@lists.gentoo.org>; Mon, 14 Jan 2008 17:37:37 +0000 (UTC)
Received: from stork.gentoo.org (stork.gentoo.org [64.127.104.133])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTP id A71EF65B7C
	for <gentoo-doc-cvs@lists.gentoo.org>; Mon, 14 Jan 2008 17:37:36 +0000 (UTC)
Received: from neysx by stork.gentoo.org with local (Exim 4.68)
	(envelope-from <neysx@stork.gentoo.org>)
	id 1JETFf-0007cY-Kj
	for gentoo-doc-cvs@lists.gentoo.org; Mon, 14 Jan 2008 17:37:35 +0000
To: gentoo-doc-cvs@lists.gentoo.org
Subject: [gentoo-doc-cvs] cvs commit: vpnc-howto.xml
Message-Id: <E1JETFf-0007cY-Kj@stork.gentoo.org>
From: Xavier Neys <neysx@stork.gentoo.org>
Date: Mon, 14 Jan 2008 17:37:35 +0000
Precedence: bulk
List-Post: <mailto:gentoo-doc-cvs@lists.gentoo.org>
List-Help: <mailto:gentoo-doc-cvs+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-doc-cvs+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-doc-cvs+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-doc-cvs.gentoo.org>
X-BeenThere: gentoo-doc-cvs@lists.gentoo.org
Reply-to: docs-team@lists.gentoo.org
X-Archives-Salt: e3fd51d9-cf06-451b-8bbb-b973671f7f6d
X-Archives-Hash: 58af32daccf4114e885c8e34bf848c17

neysx       08/01/14 17:37:35

  Modified:             vpnc-howto.xml
  Log:
  #205738 Enhanced Tips and Tricks

Revision  Changes    Path
1.6                  xml/htdocs/doc/en/vpnc-howto.xml

file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/vpnc-howto.xml?rev=1.6&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/vpnc-howto.xml?rev=1.6&content-type=text/plain
diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/vpnc-howto.xml?r1=1.5&r2=1.6

Index: vpnc-howto.xml
===================================================================
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/vpnc-howto.xml,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- vpnc-howto.xml	10 Jan 2008 06:15:12 -0000	1.5
+++ vpnc-howto.xml	14 Jan 2008 17:37:35 -0000	1.6
@@ -1,5 +1,5 @@
 <?xml version='1.0' encoding='UTF-8'?>
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/vpnc-howto.xml,v 1.5 2008/01/10 06:15:12 nightmorph Exp $ -->
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/vpnc-howto.xml,v 1.6 2008/01/14 17:37:35 neysx Exp $ -->
 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
 
 <guide link="/doc/en/vpnc-howto.xml">
@@ -15,6 +15,9 @@
 <author title="Contributor">
   <mail link="opfer@gentoo.org">Christian Faulhammer</mail>
 </author>
+<author title="Contributor">
+  <mail link="fischer@unix-ag.uni-kl.de">Thomas Fischer</mail>
+</author>
 
 <abstract>
 This document details how to connect your workstation to a Cisco VPN
@@ -25,8 +28,8 @@
 <!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
 <license/>
 
-<version>1.3</version>
-<date>2008-01-09</date>
+<version>1.4</version>
+<date>2008-01-14</date>
 
 <chapter>
 <title>Introduction</title>
@@ -755,7 +758,8 @@
 </p>
 
 <note>
-The init scripts don't handle DNS separation.
+The init scripts don't handle DNS separation, but you can use the custom
+scripts to achieve that. See <uri link="#tipsscript">Tips and Tricks</uri>.
 </note>
 
 </body>
@@ -765,12 +769,13 @@
 <chapter>
 <title>Tips and Tricks</title>
 <section>
+<title>Graphical remote access</title>
 <body>
 
 <p>
-If you are looking for a linux application that supports RDP (Remote Desktop
-Protocol) then give <c>grdesktop</c> a try. It's a GUI app written in Gtk that
-fits in well with a gnome desktop, but doesn't require it. If you don't want
+If you are looking for a Linux application that supports RDP (Remote Desktop
+Protocol) then give <c>grdesktop</c> a try. It's a GUI app written in GTK+ that
+fits in well with a Gnome desktop, but doesn't require it. If you don't want
 the GUI configuration dialogs that grdesktop provides, then just install
 <c>rdesktop</c>. Ultimately, grdesktop is just a frontend for rdesktop.
 </p>
@@ -806,6 +811,47 @@
 
 </body>
 </section>
+<section id="tipsscript">
+<title>Custom scripts on boot</title>
+<body>
+
+<p>
+The custom-made scripts for the init.d file can be used to setup a user-defined
+routing for the vpnc connection. The examples below show how to setup the
+routing table so that only connections to 123.234.x.x are routed over the VPN
+and all other connections use the default gateway. The example uses
+work-preup.sh to save the current default gateway before starting vpnc (which
+resets the default gateway using the VPN connection). Once vpnc has been
+started, work-postup.sh deletes this new default gateway, restores the old
+default gateway and sets the route for all connections to 123.234.x.x to use
+the vpnc connection.
+</p>
+
+<pre caption="/etc/vpnc/scripts.d/work-preup.sh">
+#!/bin/sh
+route -n | grep -E '^0.0.0.0 ' | cut -c 17-32 >/var/tmp/defaultgw
+</pre>
+
+<pre caption="/etc/vpnc/scripts.d/work-postup.sh">
+#!/bin/sh
+route del -net 0.0.0.0 netmask 0.0.0.0 dev tun1
+route add default gw $(cat /var/tmp/defaultgw)
+route add -net 123.234.0.0 netmask 255.255.0.0 dev tun1
+</pre>
+
+<p>
+The example scripts assume that the vpnc connection uses tun1 as tun device.
+You can set the device name in the connection's configuration file.
+</p>
+
+<pre caption="/etc/vpnc/work.conf">
+Interface name tun1
+IPSec gateway vpn.mywork.com
+Pidfile /var/run/vpnc.work.pid
+</pre>
+
+</body>
+</section>
 </chapter>
 
 <chapter>



-- 
gentoo-doc-cvs@lists.gentoo.org mailing list