Platform-dependent code needs organization

[crasm]

• [ ] Identify which code is portable and which code is platform-dependent.
• [ ] Document which platforms (distros) work. VM-based test suite?
• [ ] Set up dynamic platform-specific tweaks during initialization. (A hook system.)

[anticomputer]

FYI I've integrated vpnshift-like logic into my emacs/elisp based openvpn manager, I already did concurrent/multiple namespace support and platform-dependency logic (to some extent) in there, may be useful to grab some of the logic (or not) for your planned rewrite: https://github.com/collarchoke/ovpn-mode

[crasm]

I'm actually keeping vpnshift a shell script because all it needs to do is tie together openvpn, ip, and sudo.

Currently, the bulk of vpnshift is wrangling network namespaces. If there were a general tool for connecting arbitrary network namespaces with veth interfaces, vpnshift would be trivial. The block of commands for namespace setup could be a single command in both vpnshift and your ovpn-mode.

(It would also open the door for easy setup of chained VPNs without virtualization, although this has dubious value for privacy.)

I tried to do this within an earlier implementation of vpnshift, but it became too complicated for shell scripting. I gave up and just hard-coded the namespace and IP addresses so I could use it day-to-day.

[anticomputer]

Fair enough, I think you could add concurrent namespace support to vpnshift as a shellscript fairly rapidly by just creating namespaces based on timestamps, the only part that would need some thought is managing the network pool, but some basic cidr allocation logic on existing interfaces should be able to resolve that, if I have some time next week I'll throw something together for a POC.