Created
April 18, 2018 03:29
-
-
Save HunterDG/c48a8b208f17ecceab4918bf07abd2df to your computer and use it in GitHub Desktop.
Mac Cisco VPN Split Tunnel AppleScript
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global done | |
| set done to 0 | |
| on idle | |
| set status to do shell script "scutil --nc status "VPN (Cisco IPSec)" | sed -n 1p" | |
| # do shell script "scutil --nc start "VPN (Cisco IPSec)" | |
| if status is "Connected" then | |
| if done is not 1 then | |
| display notification "VPN Connected, splitting tunnel" | |
| set gateway to do shell script "( netstat -rn | awk '/default/ {if ( index($6, \"en\") > 0 ){print $2} }' ) # gets non-VPN default gateway" | |
| do shell script "sudo route delete default" # deletes VPN-assigned global (UCS) default gateway | |
| do shell script "sudo route delete default -ifscope en0" # deletes en0 interface-specific (UGScI) LOCAL non-vpn gateway that prevents it being re-added as global default gateway | |
| do shell script "sudo route add default " & gateway # re-adds LOCAL non-vpn gateway (from get command above) as global default gateway | |
| do shell script "sudo route add 10.10.10.1/22 10.10.20.10" # adds VPN route | |
| display notification "VPN tunnel has been split" | |
| set done to 1 | |
| end if | |
| else | |
| if done is not 2 then | |
| display notification "VPN Disconnected" | |
| set done to 2 | |
| end if | |
| end if | |
| return 5 | |
| end idle |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment