From owner-freebsd-net@FreeBSD.ORG Fri Oct 25 21:41:41 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B8F78B11; Fri, 25 Oct 2013 21:41:41 +0000 (UTC) (envelope-from sodynet1@gmail.com) Received: from mail-pb0-x22d.google.com (mail-pb0-x22d.google.com [IPv6:2607:f8b0:400e:c01::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8969E23DD; Fri, 25 Oct 2013 21:41:41 +0000 (UTC) Received: by mail-pb0-f45.google.com with SMTP id ma3so445958pbc.4 for ; Fri, 25 Oct 2013 14:41:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=s2+zLIGKxvauUY+i9CU6+bNcVXFpmaFeg8F7KhIanaY=; b=N9fhRmlifjbsIaEEPxoZk/1iStL29ueserKyJcuej/y1mjyWavNsJABHHrWsEA7q+e gHJNu6dz4UqSz+qHhRZt/abCpfPfrSvRe65P6/u1+QIJPTyMBA44ivwghnQ053eB0VUO tozPBrF5fa1SK7ZBxcs1CeHIMTEhJFH8B0PTAYANz0cZQzY/I0zG7LtQgISjVwJwoP5Z iM1Q85nasVOyN52o1oEob5WRe+0kElrgDliOVC4F41LQV4zwRrrXbTsRs4v9r1pS+8r/ dEPteZCL32IE3Cluj3FZcDttk/RKiqAIa0dOniwhm5LGsHPus6onA3yz+dzB5sVEucJM bxdQ== MIME-Version: 1.0 X-Received: by 10.68.180.34 with SMTP id dl2mr8900917pbc.6.1382737301236; Fri, 25 Oct 2013 14:41:41 -0700 (PDT) Received: by 10.70.30.98 with HTTP; Fri, 25 Oct 2013 14:41:41 -0700 (PDT) In-Reply-To: References: <63600.37.147.154.147.1382647335.squirrel@37.147.154.147> <526A18FC.6030402@rdtc.ru> <526A894E.1070305@simvol7.ru> <526AA2A7.4010904@freebsd.org> Date: Sat, 26 Oct 2013 00:41:41 +0300 Message-ID: Subject: Re: How delete the interface route in FreeBSD 9.2 (MPD5)? From: Sami Halabi To: Julian Elischer Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: "freebsd-net@freebsd.org" , MrStalker X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Oct 2013 21:41:41 -0000 Hi, here is what I did: 1. in the mpd.conf under l2tp_cliet section: set iface route default set iface up-script /usr/local/etc/mpd5/io-up set iface down-script /usr/local/etc/mpd5/io-down 2. io-up has the following: #!/bin/sh /usr/bin/netstat -nr >> /tmp/io-up-netstat LocalGW=3D`/usr/local/etc/mpd5/GW` echo $LocalGW > /tmp/.GW route delete $4 route add $4 $LocalGW route delete default route add default $4 echo $4 > /tmp/pptp_GW cp /etc/resolv.conf /etc/rsolv.conf-1 echo nameserver `echo $6|awk '{print $2;}'` > /etc/resolv.conf echo nameserver `echo $7|awk '{print $2;}'` >> /etc/resolv.conf echo $0 $1 $2 $3 $4 $5 $6 $7 $8 $9 $10 >> /tmp/io-up /usr/bin/netstat -nr >> /tmp/io-up-netstat 3. io-down has the following: #!/bin/sh /usr/bin/netstat -nr >> /tmp/io-down-netstat LocalGW=3D`cat /tmp/.GW` vpnGW=3D`cat /tmp/pptp_GW` route delete $vpnGW route delete default route add default $LocalGW cp /etc/resolv.conf-1 /etc/rsolv.conf echo $0 $1 $2 $3 $4 $5 $6 $7 $8 $9 $10 >> /tmp/io-down /usr/bin/netstat -nr >> /tmp/io-down-netstat 4. /usr/local/etc/mpd5/GW has the following: #!/bin/csh -f /usr/bin/netstat -nr | /usr/bin/grep default | /usr/bin/awk '{print $2;}' Hope this helps. Sami On Fri, Oct 25, 2013 at 8:04 PM, Sami Halabi wrote: > You need to setup the up.sh script to modify the default route to go > through the old default route... I have set this up at home... I'll post > you the script when i'll be home. > > Sami > =D7=91=D7=AA=D7=90=D7=A8=D7=99=D7=9A 25 =D7=91=D7=90=D7=95=D7=A7 2013 19:= 56, "Julian Elischer" =D7=9B=D7=AA=D7=91: > > On 10/25/13 11:07 PM, MrStalker wrote: >> >>> >>> 25.10.2013 11:08, Eugene Grosbein =D0=BF=D0=B8=D1=88=D0=B5=D1=82: >>> >>>> On 25.10.2013 03:42, MrStalker wrote: >>>> >>>>> Hello! >>>>> For my internet provider (L2TP VPN connection) is required a route to >>>>> the VPN server via local gate. >>>>> I'm using MPD5. >>>>> But, MPD5 creates route to the VPN server via its same interface... >>>>> >>>>> root@Eviko:/home/mrstalker # netstat -nrf inet >>>>> Routing tables >>>>> >>>>> Internet: >>>>> Destination Gateway Flags Refs Use Netif >>>>> Expire >>>>> default 85.21.230.206 UGS 0 8 ng0 >>>>> 85.21.230.206 link#7 UH 0 8 ng0 >>>>> >>>>> What will not work... >>>>> >>>>> However earlier, it was possible delete this route and then create >>>>> right route. >>>>> root@Test2:/home/mrstalker # route delete 85.21.230.206 >>>>> delete host 85.21.230.206 >>>>> root@Test2:/home/mrstalker # route add 85.21.230.206 10.165.32.1 >>>>> add host 85.21.230.206: gateway 10.165.32.1 >>>>> >>>>> When i trying FreeBSD 9.2, this is no longer working... >>>>> Thread about it at the forumhttp://forums.freebsd.** >>>>> org/showthread.php?t=3D42547 >>>>> Later I found source of problem: >>>>> http://svnweb.freebsd.org/**base?view=3Drevision&revision=3D**248895<= http://svnweb.freebsd.org/base?view=3Drevision&revision=3D248895> >>>>> >>>>> Now I can't delete the interface route (ng0). What does impossible >>>>> work with the internet provider. >>>>> >>>>> How? How now resolve this problem? >>>>> I need to add route to the vpn server via local gate... >>>>> >>>>> Please help me resolve this trouble. Since the release of FreeBSD 9.2 >>>>> I trying to find a solution. >>>>> >>>> You have to create your static route to vpn server before mpd5 starts. >>>> Use /etc/rc.conf: >>>> >>>> static_routes=3D"vpn" >>>> route_vpn=3D"85.21.230.206 10.165.32.1" >>>> >>>> Eugene Grosbein >>>> >>> Unfortunately failed... >>> >>> root@Eviko:/home/mrstalker # netstat -nrf inet|grep 85.21.230.206 >>> 85.21.230.206 10.165.32.1 UGHS 0 0 re0 >>> root@Eviko:/home/mrstalker # service mpd5 start >>> Starting mpd5. >>> root@Eviko:/home/mrstalker # netstat -nrf inet|grep 85.21.230.206 >>> 85.21.230.206 link#7 UH 0 4 ng0 >>> >>> Route via ng0 overwrites the static route. >>> >> then you have set it up wrong. >> you need a specific static route to the far end that does not go through >> tunnel. >> >> the only other possibilty is to have mpd use a separate fib.. >> e.g. >> >> setfib 3 route add (destination route) >> setfib 3 mpd (args) >> then you can allow the default route etc to go through the tunnel >> as the tunnel iteself will use a different routing table. >> >> >> ______________________________**_________________ >>> freebsd-net@freebsd.org mailing list >>> http://lists.freebsd.org/**mailman/listinfo/freebsd-net >>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@**freebsd.org= >>> " >>> >>> >>> >> ______________________________**_________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/**mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@**freebsd.org<= freebsd-net-unsubscribe@freebsd.org> >> " > > --=20 Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert