vpn-slice icon indicating copy to clipboard operation
vpn-slice copied to clipboard
verified publisher icon dlenski

support for "other" vpn systems (enhancement request)

Open nicklan opened this issue 4 years ago • 4 comments

It would be really cool if this script could reconfigure routing after it's been set up by a different vpn solution. I imagine this would involve inspecting the current routing table, and then deleting/creating routes as needed.

I'd be interested in looking into how to do this, but don't currently have enough knowledge about how all the routing etc works to know what the right way to do it would be. If you have some pointers for where I could get up to speed with that, that would be great.

Thanks!

nicklan avatar Jan 05 '21 23:01 nicklan

It would be really cool if this script could reconfigure routing after it's been set up by a different vpn solution. I imagine this would involve inspecting the current routing table, and then deleting/creating routes as needed.

I've thought about this too but… which different VPN solutions?

Other open-source VPNs like OpenVPN should generally be amenable to routing customization. (I even hacked together a horrible kludged version of vpn-slice to work with screen-scraped output from sstp-client+pppd a few years back.)

Closed-source VPNs will generally make this difficult-or-impossible. Many of them try to monitor for changes to the routing table and interfere with them. “Securiteh.”

I'd be interested in looking into how to do this, but don't currently have enough knowledge about how all the routing etc works to know what the right way to do it would be. If you have some pointers for where I could get up to speed with that, that would be great.

Basically everything I know about routing comes from reading the stuff described in the inspiration and credits section, writing vpn-slice (originally motivated by a need at my previous job), and contributing to OpenConnect.

dlenski avatar Jan 05 '21 23:01 dlenski

Closed-source VPNs will generally make this difficult-or-impossible. Many of them try to monitor for changes to the routing table and interfere with them. “Securiteh.”

Yeah, that's the trickiest bit I guess. I suppose you could workaround most anything, but it would be very specific to each tool.

Anyway, thanks for the pointers, I'll go do some reading. Feel free to close this, or leave it open if you want a place to continue discussion around the topic.

nicklan avatar Jan 06 '21 00:01 nicklan

Personally I'd love to use vpn-slice with OpenVPN.

mschilli87 avatar Apr 10 '24 20:04 mschilli87

Personally I'd love to use vpn-slice with $X.

I've said it before and I'll say it again :smile:

"I don't use $X myself, but well-designed pull requests to support $X would be welcome, and I can certainly help review and clean them up."

dlenski avatar Apr 10 '24 21:04 dlenski