python-eduvpn-client
python-eduvpn-client copied to clipboard
Eduvpn connection only used for specific CIDR range(s)
Currently it seems I can only use eduvpn to pass all traffic from my client to the entire internet via eduvpn, but I would like to be able to work on the local network directly, but via VPN to a specific ip range.
It would be nice if I could configure an option in the eduvpn client (cli/gui) to setup a route on my client for 123.123.0.0/16 via eduvpn and keep using the network default route and local network connections for other ip ranges.
This way, when I'm working from home, I can keep using my local printer, file shares and octopi without disconnecting from eduvpn.
A workaround script that seems to do the trick:
#!/bin/bash
# find tunnel device. probably tun0
TUNDEV=$(ip route |grep default |grep tun |awk '{print $5}')
if [[ "$TUNDEV" == "" ]]; then
echo 'geen tunnel, niks te doen dus'
exit 1
fi
# find gateway for tunnel device
TUNGW=$(ip route |grep default |grep $TUNDEV |awk '{print $3}')
# delete all routes that run via tunnel device
ip route |grep $TUNDEV |grep -v scope | ( while read line; do sudo ip route del $line;done )
# add route to network via tunnel device
sudo ip route add 123.123.0.0/16 via $TUNGW dev $TUNDEV
I'd prefer to have this as an option in eduvpn, it saves an extra step in setting up the vpn
Right, you can try to script something together with NetworkManager dispatcher scripts so that this is automatically done when the VPN connection gets added/connected by the client: https://networkmanager.dev/docs/api/latest/NetworkManager-dispatcher.html