[VPN] ciscovpn client for linux + wlan-cards
Eirik Schwenke
schwenke-vpn-list at orakel.ntnu.no
Thu Oct 10 15:27:54 EDT 2002
[This mail was delayed almost two weeks -- first rejected because i
mime-included the patch, and then i sent it to the wrong address :-P
I have not been able to test this with the new 3.6.2-client yet,
but I re-post this anyway, in case others have experienced similar
problems. ]
After a few hours of trying to install the cisco vpn
client (3.6.1) on a linux laptop system, and getting it to work over
ethernet, but not wireless lan -- We found that the cisco-client has
a check, refusing to use ipsec over any interface not named
ppp[anything] or eth[anything]
The offending code is in interceptor.c, in two places:
/* Don't handle non-eth non-ppp devices */
if(strncmp(dp->name,"eth",3) && strncmp(dp->name,"ppp",3)) {
and
/* Don't handle non-eth non-ppp packets */
if(strncmp("eth",dev->name,3) && strncmp("ppp",dev->name,3)) {
Since many wlan-cards register them selves as wlan0-9, this
does not work with some drivers. Expanding the check to include
wlan?-interfaces solved the problem.
As my company does not have a support-contract with cisco, I
post this to the list, rather than to the vendor -- hoping a
support-person at cisco will read it, and inform developers.
See attached patch against the 3.6.1-client (or just fix the
two lines manually).
I would like to thank the two users that helped me identify
the problem, and provide the fix. Saved me from reading up
on c strncmp-calls, as I am no c-programmer ;-)
To use the patch, fist extract the standard 3.6.1-klient,
apply patch and install/compile normally:
tar xzf vpnclient-linux-3.6.1.Rel-k9.tar.gz
cd vpnclient
cat ../vpnclient-linux-3.6.1.Rel-k9-wlan-patch.diff | patch -p1
./vpn_install
Please note: This particular patch has not been tested -- the
original quick-fix replaced the ppp-check. But at least it
compiles without errors (tested with build_driver.sh).
(My original posting was rejected, as I included the patch in
mime-format -- hopefully this will go through).
--The patch: cut, and save ---
diff -ruN vpnclient-linux-3.6.1.Rel-k9/interceptor.c
vpnclient-linux-3.6.1.Rel-k
9-wlan-patch/interceptor.c
--- vpnclient-linux-3.6.1.Rel-k9/interceptor.c Tue Sep 3 21:12:16 2002
+++ vpnclient-linux-3.6.1.Rel-k9-wlan-patch/interceptor.c Sun Sep
29 21:41
:00 2002
@@ -325,7 +325,7 @@
}
/* Don't handle non-eth non-ppp devices */
- if(strncmp(dp->name,"eth",3) && strncmp(dp->name,"ppp",3)) {
+ if(strncmp(dp->name,"eth",3) && strncmp(dp->name,"ppp",3) &&
strncmp(dp
->name, "wlan", 4)) {
continue;
}
if (num_target_devices >= MAX_DEVICES) {
@@ -458,7 +458,7 @@
}
/* Don't handle non-eth non-ppp packets */
- if(strncmp("eth",dev->name,3) && strncmp("ppp",dev->name,3)) {
+ if(strncmp("eth",dev->name,3) && strncmp("ppp",dev->name,3) &&
strncmp("wla
n",dev->name,4)) {
rc2 = original_ip_handler.orig_handler_func(skb, dev, type);
goto exit_gracefully;
}
--- cut ---
--
Eirik Schwenke
"Eat right, exercise regularly, die anyway."
More information about the VPN
mailing list