rob/cvpn
rob
/
cvpn
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add new 'vpndomains' column to config file

This commit is contained in:
Rob Pearce 2023-10-13 11:19:28 +11:00
parent 4694cca3ca
commit 839244cd61
1 changed files with 25 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
cvpn
View File

@ -53,7 +53,7 @@ function alias_to_cmd() {
} }
function load_config() { function load_config() {
local CONFLINES line thisprofile thisuser thispw thisgroup thisroutes thisservercert local CONFLINES line thisprofile thisuser thispw thisgroup thisroutes thisdomains thisservercert
DEFAULTPROFILE="" DEFAULTPROFILE=""
if [[ -e ${CONFFILE} ]]; then if [[ -e ${CONFFILE} ]]; then
DEFAULTPROFILE=$(grep '^#default:' "${CONFFILE}" | sed 's/^#default://') DEFAULTPROFILE=$(grep '^#default:' "${CONFFILE}" | sed 's/^#default://')
@ -68,7 +68,8 @@ function load_config() {
thisvpntype=$(cut -d, -f5 <<< "${line}") thisvpntype=$(cut -d, -f5 <<< "${line}")
thisserver=$(cut -d, -f6 <<< "${line}") thisserver=$(cut -d, -f6 <<< "${line}")
thisroutes=$(cut -d, -f7 <<< "${line}") thisroutes=$(cut -d, -f7 <<< "${line}")
thisservercert=$(cut -d, -f8 <<< "${line}") thisdomains=$(cut -d, -f8 <<< "${line}")
thisservercert=$(cut -d, -f9 <<< "${line}")
case $thisvpntype in case $thisvpntype in
"") thisvpntype="anyconnect";; "") thisvpntype="anyconnect";;
"cisco") thisvpntype="anyconnect";; "cisco") thisvpntype="anyconnect";;
@ -87,6 +88,7 @@ function load_config() {
vpntype[$nvpns]="${thisvpntype}" vpntype[$nvpns]="${thisvpntype}"
server[$nvpns]="${thisserver}" server[$nvpns]="${thisserver}"
routes[$nvpns]="${thisroutes}" routes[$nvpns]="${thisroutes}"
domains[$nvpns]="${thisdomains}"
servercert[$nvpns]="${thisservercert}" servercert[$nvpns]="${thisservercert}"
nvpns=$((nvpns + 1)) nvpns=$((nvpns + 1))
done <<< "${CONFLINES}" done <<< "${CONFLINES}"
@ -109,10 +111,10 @@ function usage() {
echo "Config file format:" echo "Config file format:"
echo " #Specify default profile like this:" echo " #Specify default profile like this:"
echo " #default:myvpn2" echo " #default:myvpn2"
echo " #Profile,Username,Password,VPNGroup,VPNType,ServerIP,VPNRoutes,ServerCert(script will obtain this and auto-update config file)" echo " #Profile,Username,Password,VPNGroup,VPNType,ServerIP,VPNRoutes,VPNDomains,ServerCert(script will obtain this and auto-update config file)"
echo " myvpn1,username_1,password_1,vpngroup_1,anyconnect,3.3.3.3,10.0.0.0/24 192.168.0.0/24," echo " myvpn1,username_1,password_1,vpngroup_1,anyconnect,3.3.3.3,10.0.0.0/24 192.168.0.0/24,example.com example.net,"
echo " myvpn2,username_2,password_2,vpngroup_2,anyconnect,1.1.1.1,172.16.0.0/12," echo " myvpn2,username_2,password_2,vpngroup_2,anyconnect,1.1.1.1,172.16.0.0/12,,"
echo " myvpn3,username_3,password_3,,f5,1.1.1.1,172.16.0.0/12," echo " myvpn3,username_3,password_3,,f5,1.1.1.1,172.16.0.0/12,example.net,"
echo echo
} }
@ -243,6 +245,16 @@ elif [[ $cmd == "on" ]]; then
curserver=${server[$id]} curserver=${server[$id]}
curservercert=${servercert[$id]} curservercert=${servercert[$id]}
curroutes=${routes[$id]} curroutes=${routes[$id]}
curdomains=${domains[$id]}
#echo "got curprofile=${profile[$id]}"
#echo "got curuser=${user[$id]}"
#echo "got curpw=${pw[$id]}"
#echo "got curgroup=${group[$id]}"
#echo "got curvpntype=${vpntype[$id]}"
#echo "got curserver=${server[$id]}"
#echo "got curservercert=${servercert[$id]}"
#echo "got curroutes=${routes[$id]}"
#echo "got curdomains=${domains[$id]}"
else else
error "Could not determine VPN ID for profile ^b${PROFILE}^p." error "Could not determine VPN ID for profile ^b${PROFILE}^p."
exit 1 exit 1
@ -264,7 +276,7 @@ elif [[ $cmd == "on" ]]; then
notify "Updating configuration file ^b$CONFFILE^p" notify "Updating configuration file ^b$CONFFILE^p"
bakfile="${CONFFILE}".backup bakfile="${CONFFILE}".backup
prevlines=$(cat "$CONFFILE" | awk NF | wc -l | bc) prevlines=$(cat "$CONFFILE" | awk NF | wc -l | bc)
newconfig=$(cat "${CONFFILE}" | awk -v p="$curprofile" -v c="$foundcert" -F, '{ OFS=","; if ($1 == p) { $8 = c; } print }') newconfig=$(cat "${CONFFILE}" | awk -v p="$curprofile" -v c="$foundcert" -F, '{ OFS=","; if ($1 == p) { $9 = c; } print }')
newlines=$(echo "$newconfig" | awk NF | wc -l | bc) newlines=$(echo "$newconfig" | awk NF | wc -l | bc)
err="" err=""
@ -303,8 +315,12 @@ elif [[ $cmd == "on" ]]; then
notify "${nstr}" notify "${nstr}"
rm -f "$VPNPIDFILE" rm -f "$VPNPIDFILE"
if [[ -n $curroutes ]]; then if [[ -n $curroutes && -n $curdomains]]; then
printf '%s' "$curpw" | sudo ${OPENCONNECT} --background --non-inter --protocol=$curvpntype -u "$curuser" --passwd-on-stdin $grouparg -s "$VPNSLICE $curroutes" --servercert "$curservercert" "$curserver" >"${LOGFILE}" 2>&1 printf '%s' "$curpw" | sudo ${OPENCONNECT} --background --non-inter --protocol=$curvpntype -u "$curuser" --passwd-on-stdin $grouparg -s "$VPNSLICE --domains-vpn-dns ${curdomains// /,} $curroutes" --servercert "$curservercert" "$curserver" >"${LOGFILE}" 2>&1
elif [[ -n $curroutes ]]; then
printf '%s' "$curpw" | sudo ${OPENCONNECT} --background --non-inter --protocol=$curvpntype -u "$curuser" --passwd-on-stdin $grouparg -s "$VPNSLICE $curroutes" --servercert "$curservercert" "$curserver" >"${LOGFILE}" 2>&1
elif [[ -n $curdomains ]]; then
printf '%s' "$curpw" | sudo ${OPENCONNECT} --background --non-inter --protocol=$curvpntype -u "$curuser" --passwd-on-stdin $grouparg -s "$VPNSLICE --domains-vpn-dns $curdomains" --servercert "$curservercert" "$curserver" >"${LOGFILE}" 2>&1
else else
printf '%s' "$curpw" | sudo ${OPENCONNECT} --background --non-inter --protocol=$curvpntype -u "$curuser" --passwd-on-stdin $grouparg --servercert "$curservercert" "$curserver" >"${LOGFILE}" 2>&1 printf '%s' "$curpw" | sudo ${OPENCONNECT} --background --non-inter --protocol=$curvpntype -u "$curuser" --passwd-on-stdin $grouparg --servercert "$curservercert" "$curserver" >"${LOGFILE}" 2>&1
fi fi