From 575dc5e17681890b6e7879e8fb330f5fa1b996c7 Mon Sep 17 00:00:00 2001 From: aaronshaw Date: Tue, 9 Jun 2020 21:08:03 -0500 Subject: [PATCH 1/4] noting version requirement for openconnect --- README-CDSC | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README-CDSC b/README-CDSC index 1398ee4..7c68aa0 100644 --- a/README-CDSC +++ b/README-CDSC @@ -6,7 +6,11 @@ Install prerequisites. This will include: -sudo apt install python3-gi gir1.2-gtk-3.0 gir1.2-webkit2-4.0 openconnect ocproxy + sudo apt install python3-gi gir1.2-gtk-3.0 gir1.2-webkit2-4.0 openconnect ocproxy + +Also, note that you'll need at least version 8 of openconnect. If you're not sure what you've got, run: + + openconnect --version 2. From b61f124435c3f5332344d15fdbdab96d495778a7 Mon Sep 17 00:00:00 2001 From: Nathan TeBlunthuis Date: Fri, 20 Nov 2020 08:53:38 -0800 Subject: [PATCH 2/4] nate's settings --- hipreport-modified.sh | 2 +- openconnect_command-ssh.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/hipreport-modified.sh b/hipreport-modified.sh index 5f280de..9ee4099 100755 --- a/hipreport-modified.sh +++ b/hipreport-modified.sh @@ -53,7 +53,7 @@ MONTH=$(date +'%m') YEAR=$(date +'%Y') # This value may need to be extracted from the official HIP report, if a made-up value is not accepted. -HOSTID="deadbeef-dead-beef-dead-beefdeadbeef" +HOSTID="5cc0b7cc-2b61-11b2-a85c-d8fd39283322" cat < Date: Fri, 20 Nov 2020 11:47:06 -0600 Subject: [PATCH 3/4] include an IPV6 address --- hipreport-modified.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hipreport-modified.sh b/hipreport-modified.sh index 5f280de..2253596 100755 --- a/hipreport-modified.sh +++ b/hipreport-modified.sh @@ -53,7 +53,7 @@ MONTH=$(date +'%m') YEAR=$(date +'%Y') # This value may need to be extracted from the official HIP report, if a made-up value is not accepted. -HOSTID="deadbeef-dead-beef-dead-beefdeadbeef" +HOSTID="D52047CC-33AF-11B2-A85C-89044BD0C4D8" cat < Date: Wed, 11 May 2022 20:03:51 -0700 Subject: [PATCH 4/4] Commands to connect / disconnect from NU vpn. --- openconnect_command-http.sh | 17 +++++++++++++++++ start-http-vpn-proxy | 5 +++++ stop-http-vpn-proxy | 3 +++ 3 files changed, 25 insertions(+) create mode 100755 openconnect_command-http.sh create mode 100755 start-http-vpn-proxy create mode 100755 stop-http-vpn-proxy diff --git a/openconnect_command-http.sh b/openconnect_command-http.sh new file mode 100755 index 0000000..0c519c6 --- /dev/null +++ b/openconnect_command-http.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +LOG_FILE=/tmp/nu-globalprotect-saml.log +PID_FILE=/tmp/nu-vpn-openconnect_http.pid + +exec > $LOG_FILE + +# change to the vpn file directory +cd ~/bin/nu-vpn-proxy + +## do the authentication +eval $( ./gp-saml-gui.py -v --clientos=Linux vpn-connect2.northwestern.edu ) + + +echo "$COOKIE" | /usr/sbin/openconnect --verbose --useragent="PAN GlobalConnect" --version-string='5.1.0-101' --protocol=gp -u "$USER" --os="$OS" --passwd-on-stdin "$HOST" --csd-wrapper="hipreport-modified.sh" --reconnect-timeout 60 --script-tun --script "ocproxy -D 8181 --keepalive 5 --verbose" -b --pid-file "${PID_FILE}" + + diff --git a/start-http-vpn-proxy b/start-http-vpn-proxy new file mode 100755 index 0000000..f947b8e --- /dev/null +++ b/start-http-vpn-proxy @@ -0,0 +1,5 @@ +#!/bin/bash + +/sbin/start-stop-daemon --pidfile /tmp/nu-vpn-openconnect_http.pid -S --startas "$HOME/bin/nu-vpn-proxy/openconnect_command-http.sh" + + diff --git a/stop-http-vpn-proxy b/stop-http-vpn-proxy new file mode 100755 index 0000000..ede7b25 --- /dev/null +++ b/stop-http-vpn-proxy @@ -0,0 +1,3 @@ +#!/bin/bash + +/sbin/start-stop-daemon --stop --pidfile /tmp/nu-vpn-openconnect_http.pid