#!/bin/bash
# 2011/04/22 sorin@XXXXXXXX.com
# A script to start the Sonicwall netExtender and create the necessary routes
# Sonicwall's netExtender binary is available from the VirtualOffice web interface.
#
# Define variables. In the config file the data format is TAB separated as follow:
# username password domainname ExternalIP port
#testusr tespassword LocalDomain 123.45.67.89 443
#
# Alternatively, you can define $user $pass $dom $ip $port here
prog="/usr/sbin/netExtender"
conf="/etc/sysconfig/gvpn.conf"
log="/dev/null"
if [ ! -f $prog ]; then
echo "No binary - fatal!"
exit 2
fi
if [ ! -f $conf ]; then
echo "No config, trying to set some defaults"
user=testusr
pass=testpassword
dom=LocalDomain
ip=123.45.67.89
port=443
fi
# Let's see how this script has been called
case "$1" in
start)
# if we have a conf file read the data from there
if [ -f $conf ]; then val=`sed '/^ *#/d;s/#.*//' $conf`; read user pass dom ip port < <( echo $val ); fi
echo -e "Starting $prog..."
$prog -u $user -p $pass -d $dom $ip:$port & >$log 2>&1
sleep 3
# after a few seconds we can try to add the route, but first \
# if we're in the same IP range, die gracefully, otherwise add the route
routenet=`sudo ifconfig | grep P-t-P | cut -d: -f2 | cut -d. -f1-3` >$log 2>&1
grp=`sudo ifconfig | grep -v P-t-P | grep '$routenet.255'` >$log 2>&1
if [ -z "$grp" ]; then
# mac users does not have "dev" in route's options, so let's add the route via a gateway
# routedev=`sudo ifconfig | grep ppp | cut -dL -f1` >$log 2>&1
# sudo route add -net $routenet netmask 255.255.255.0 dev $routedev >$log 2>&1
newip=`sudo ifconfig | grep P-t-P | cut -d: -f2 | cut -d" " -f1` >$log 2>&1
sudo route add -net $routenet.0 netmask 255.255.255.0 gw $newip >$log 2>&1
else
echo "We are in the same IP range, can't assign a route to the remote network!"
$0 stop
exit 1
fi
;;
stop)
echo -e "Stopping $prog..."
# first let's bring down the ppp interface
routedev=`sudo ifconfig | grep ppp | cut -dL -f1` >$log 2>&1
sudo ifconfig $routedev down >$log 2>&1
# then ask the pogram to terminate
sudo killall $prog >$log 2>&1
sleep 5
# if netExtender is still alive after 5 sec, force kill
if [ `ps xau | grep -v grep | grep $prog | awk '{print $2}' | wc -l` -ne "0" ]; then
sudo killall -9 $prog >$log 2>&1
fi
;;
status)
if [ `ps xau | grep -v grep | grep $prog | awk '{print $2}' | wc -l` -ne "0" ]; then
echo "$prog running with pid(s) `ps xau | grep -v grep | grep $prog | awk '{print $2}' | tr '
' ', '`"
echo "Showing route via ppp devices..." ; sudo route | grep ppp | grep -v 255.255.255.255
else
echo "$prog NOT running"
fi
;;
restart)
$0 stop
sleep 3
$0 start
;;
*)
printf "Usage: %s\n" "$(basename $0) {start|stop|status|restart}"
exit 1
esac
exit 0
No comments:
Post a Comment