monoidk

Sidenote: For complex routing or those wishing a DIY routing setup on linux, implementing fwmark support #973 may be useful/cleaner, though probably overly complicated for just #145.

While I understand your plan of removing use of `pppd` and relying on internal encapsulation/decapsulation (seems required for DTLS), I would like to note for anyone interested, that the patch:...

I'm not really sure what you mean by `noauth`, but I'm using the code as specified in the merge request, with pppd running as root and openfortivpn as a separate...

Well.. it connects to a server over the internet, that it subsequently authenticates, so .. at least the TLS stack is exposed, not sure how much else runs before server...

Yes - it requires using `--pppd-call=` and configuring the connection under `/etc/ppp/peers/`, which in turn requires root, but only for configuration. I have not added it to the documentation, though...

Yes, noauth is specified in `/etc/ppp/peers/myconnection`, but not in the command line when using `--pppd-call`, and that is permitted by `pppd`, at least on my system.

I agree it requires better documentation :) I guess non-root is only useful for `--pppd-call`, so yes, the switch would be redundant, though then the you're-not-root error message should probably...