When I connect to our Juniper SSL vpn, I can not do anything. Let me know if you need anymore information. e0b46d0ee9c240c7430a47e9b0365674d4a04522 is the first bad commit commit e0b46d0ee9c240c7430a47e9b0365674d4a04522 Author: Herbert Xu <herbert@gondor.apana.org.au> Date: Fri Nov 7 21:22:23 2014 +0800 tun: Use iovec iterators This patch removes the use of skb_copy_datagram_const_iovec in favour of the iovec iterator-based skb_copy_datagram_iter.
I tried at suggested changeset (8c847d254146d32c86574a1b16923ff91bb784dd) but I was still getting no traffic through vpn. http://marc.info/?l=linux-netdev&m=142075067324049&w=2
the following patch from net-next resolved the issue for me. From 957f094f221f81e457133b1f4c4d95ffa49ff731 Mon Sep 17 00:00:00 2001 From: Alex Gartrell <agartrell@fb.com> Date: Thu, 25 Dec 2014 23:22:49 -0800 Subject: tun: return proper error code from tun_do_read Instead of -1 with EAGAIN, read on a O_NONBLOCK tun fd will return 0. This fixes this by properly returning the error code from __skb_recv_datagram. Signed-off-by: Alex Gartrell <agartrell@fb.com> Signed-off-by: David S. Miller <davem@davemloft.net> diff --git a/drivers/net/tun.c b/drivers/net/tun.c index df5e948..c0df872 100644 --- a/drivers/net/tun.c +++ b/drivers/net/tun.c @@ -1380,7 +1380,7 @@ static ssize_t tun_do_read(struct tun_struct *tun, struct tun_file *tfile, skb = __skb_recv_datagram(tfile->socket.sk, noblock ? MSG_DONTWAIT : 0, &peeked, &off, &err); if (!skb) - return 0; + return err; ret = tun_put_user(tun, tfile, skb, to); if (unlikely(ret < 0)) --
I just wanted to note that I was having the same problem in Ubuntu 15.04. I upgraded to the (currently) proposed 3.19.0-17-generic kernel and the Juniper SSL client is now working as expected.