VPN cannot honour 'split excludes'
My employer's VPN configuration now uses a 'split exclude', identifying a range of IP addresses which are not to be routed to the VPN although the VPN does get the default route.
I went to fix this in NetworkManager-openconnect... but I don't think NetworkManager itself supports this.
I could probably come up with some nasty hack where instead of excluding e.g. 220.127.116.11/16 I instead construct the equivalent full set of include routes:
- (NOT 18.104.22.168/16)
Please don't make me do that; I doubt it would end well. And it's bad enough for Legacy IP; I don't even want to have to contemplate it for IPv6.