janhouse/always-on-openconnect-vpn
1
0
Fork 0
Code Issues Pull Requests Activity
always-on-openconnect-vpn/routing.sh

83 lines
2.0 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
ROUTE_FILE=routes.txt
DOMAIN_FILE=domains.txt
VPN_SLICE=vpn-slice
if ! command -v $VPN_SLICE &> /dev/null
then
echo "$VPN_SLICE is not in path"
if test -f "/usr/local/Cellar/vpn-slice/0.15/bin/vpn-slice"; then
echo "Found vpn-slice elsewhere"
VPN_SLICE="/usr/local/Cellar/vpn-slice/0.15/bin/vpn-slice"
else
echo "Please make sure vpn-slice is in path"
exit
fi
fi
if [ "$reason" != "connect" ]; then
$VPN_SLICE
exit
fi
echo "Setting up routing"
# Add subnet to list
add_subnet ()
{
IP=${1%/*}
S=${1#*/}
M=$(( 0xffffffff ^ ((1 << (32-S)) -1) ))
MASK="$(( (M>>24) & 0xff )).$(( (M>>16) & 0xff )).$(( (M>>8) & 0xff )).$(( M & 0xff ))"
export CISCO_SPLIT_INC_${CISCO_SPLIT_INC}_ADDR=$IP
export CISCO_SPLIT_INC_${CISCO_SPLIT_INC}_MASK=$MASK
export CISCO_SPLIT_INC_${CISCO_SPLIT_INC}_MASKLEN=$S
export CISCO_SPLIT_INC=$(($CISCO_SPLIT_INC + 1))
echo "Adding subnet $IP with mask $MASK to list"
}
# Initialize empty split tunnel list
export CISCO_SPLIT_INC=0
# Delete DNS info provided by VPN server to use internet DNS
# Comment following line to use DNS beyond VPN tunnel
unset INTERNAL_IP4_DNS
if test -f "$ROUTE_FILE"; then
echo "Loading subnets from $ROUTE_FILE"
while read p; do
case "$p" in \#*) continue ;; esac
if [ "$p" != "" ]; then
echo "Subnet: ${p}"
add_subnet $p
fi
done <$ROUTE_FILE
else
echo "$ROUTE_FILE does not exist. This should not happen."
fi
if test -f "$DOMAIN_FILE"; then
echo "Loading domains from $DOMAIN_FILE"
while read d; do
case "$d" in \#*) continue ;; esac
echo "Domain: ${d}"
if [ "$d" != "" ]; then
for p in `dig +short "$d" a | grep '^[.0-9]*$'`; do
echo "Resolved IP for domain ${d}: ${p}"
add_subnet $p/32
done
fi
done <$DOMAIN_FILE
else
echo "$DOMAIN_FILE does not exist. Ignoring."
fi
# Load default script
$VPN_SLICE -S
Reference in New Issue View Git Blame Copy Permalink