Comments (11)
the @gmacon PR works just fine for latest mac :) would be nice to have it merged, thanks for great work to both of you
from vpn-slice.
I'm not crazy about all the formatting changes ...
I'll fix that. (The answer to "Why?" is "Because I have my editor configure to do that automatically.")
What's preventing you from being able to test it?
Nothing. I just haven't done it yet.
from vpn-slice.
This would be great.
https://github.com/brona/iproute2mac appears to provide a similar interface to iproutes
but major changes would need to happen to replace iptables
role properly.
from vpn-slice.
I took a look at this, and I think the first step here is to change the level of the abstraction used by the os-specific layer. That is, I think there should be functions like add_route
, remove_route
, and so on and let the underlying command line tools be an implementation detail.
from vpn-slice.
I've now got a branch where I factored out the Linux version. I think I got a little carried away... In any case, if there are comments on the design, I'd like to hear them sooner rather than later. Note that I haven't run this code yet, so no guarantees that it works.
from vpn-slice.
@dlenski you can close this one now
from vpn-slice.
If you want to add MacOS support and submit a pull request, I'd be happy to review that. But it's not something I will work on.
I don't use MacOS or want to use MacOS. The MacOS kernel is not nearly as versatile as Linux in terms of networking capabilities, and MacOS is especially deficient in its command line routing utilities compared to Linux, in part because Apple refuses to include GPLv3 software in MacOS.
from vpn-slice.
@pmgmendes, do you want to take a crack at it?
vpn-slice uses iptables only for one very minor thing (blocking incoming traffic). Everything else is iproute2
. It could be rewritten for BSD-style route
, or using that iproute2
wrapper for MacOS.
I could provide advice on anything not directly related to MacOS that you might get stuck on.
from vpn-slice.
@gmacon, I agree.
Have a mock/test harness to verify and modify the routing would probably make it much easier to move to such an abstraction layer, and isolate the OS-specific parts.
from vpn-slice.
I think I got a little carried away... In any case, if there are comments on the design, I'd like to hear them sooner rather than later.
It seems pretty reasonable to me.
I'm not crazy about all the formatting changes where you replace '
with "
(why? what does this do other than clutter the diffs?) and where you takeβ¦
function_calls("like", "this", with_lots_of_arguments=True, that_probably_are_longer_than_they_should_be=True)
β¦ and change it to:
function_calls(
"like",
"this",
with_lots_of_arguments=True,
that_probably_are_longer_than_they_should_be=True
)
β¦ since I tend to find higher code density more readable in most of these cases. But other than that it looks good.
Note that I haven't run this code yet, so no guarantees that it works.
I gave it a shot with a couple different VPNs, and it seems to work as expected. What's preventing you from being able to test it?
from vpn-slice.
π»
from vpn-slice.
Related Issues (20)
- Eliminate deprecated route cache flushing
- Connect WSL2 with openconnect and vpn-slice, to use windows apps like a pro HOT 1
- Use syscall instead of subprocess HOT 2
- Connect to IP on non http/s ports HOT 3
- current `vpn-slice` fails with `(22, 'Invalid argument')` HOT 6
- vpn-slice fails to install on Fedora 37 HOT 2
- Cannot read/write /etc/hosts with no-ns-hosts option HOT 2
- Please release a new version of the master branch HOT 5
- Split DNS check incorrectly uses ResolveConfSplitDNSProvider on Fedora 37 HOT 7
- vpn-slice==0.16.1 raise PackageNotFoundError(name) HOT 4
- Question (not bug): Kerberos SSO over VPN-Slice HOT 2
- Specifying a route with a non-default port HOT 2
- loading stuck HOT 1
- WARNING: no split dns provider available; can't split dns HOT 1
- Exclude hosts by name HOT 1
- Routes cleanup on disconnect HOT 2
- --dump option causes crash when using one or more host-to-ip aliases
- Split DNS not working when using `--background` flag HOT 6
- hostname args ineffective in background mode on openconnect HOT 12
- New issue with openconnect/vpn-slice due to env change? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from vpn-slice.