c3af198d87
- hipreport: updated the client version to match new globalconnect code - hipreport: update linux kernel version to something more modern - disable ESP and IPv6 which seem to be working poorly - change code in ssh wrapper for no ESP
31 lines
903 B
Bash
Executable File
31 lines
903 B
Bash
Executable File
#!/bin/bash
|
|
|
|
export OPENSSL_CONF="${HOME}/bin/nu-vpn-proxy/openssl.conf"
|
|
# this allows for legacy renegotation which seems to be required now
|
|
# SEARCH_PATTERN="ESP tunnel connected; exiting HTTPS mainloop."
|
|
SEARCH_PATTERN="Continuing in background; pid"
|
|
|
|
# connects to SSH through openconnect and VPN
|
|
# for use with ProxyCommand in SSH
|
|
|
|
# first run openconnect
|
|
/sbin/start-stop-daemon --pidfile /tmp/nu-vpn-openconnect.pid -S --startas "${HOME}/bin/nu-vpn-proxy/openconnect_command-ssh.sh"
|
|
sleep 2
|
|
|
|
# kill connection on exit
|
|
function cleanup {
|
|
/sbin/start-stop-daemon --stop --pidfile /tmp/nu-vpn-openconnect.pid
|
|
}
|
|
trap cleanup EXIT
|
|
|
|
tail -f /tmp/nu-globalprotect-saml.log | grep -qe "${SEARCH_PATTERN}"
|
|
|
|
if [ $? == 1 ]; then
|
|
echo "Search terminated without finding the pattern"
|
|
exit
|
|
fi
|
|
|
|
# redirect traffic (standard input and output) through VPN
|
|
/bin/nc.openbsd -X 5 -x 127.0.0.1:9052 $1 $2
|
|
|