dmytro/vpnc.sh

## vpnc.sh
#!/bin/bash
# D.Kovalov, 2008

# Non-debian patched vpns dos not support Target Nets config option.
# This script would emulate it: resets default routing after vpnc starts
# and sets DNS after startr/stop of VPNC

#
# User setting:
# What nets are routced through vpnc tun deviceand what's gateway for it
TARGET_NETS="10.12 172.18 192.168.2"
GW=10.12.34.56
# ------------------------------------------------------------------------
#
#
[ $(uname -s) == 'Darwin' ] || { echo 'This script is for MacOSX'; exit 1; }
[ $(id -u) == 0 ] || { echo Must be root; exit 2; }
# ------------------------------------------------------------------------

PRIMARY_IF=$(echo 'show State:/Network/Global/IPv4' | scutil | awk -F: '/PrimaryService/ {print $2}' | sed 's/ //g')
# ------------------------------------------------------------------------
restore_dns () {
	# try to stop vpnc and ignore error
	/opt/local/sbin/vpnc-disconnect 2> /dev/null 1> /dev/null
	( cat <<-EOF
		# ------------------------------------------------------------------------
		#  restore DNS setting
		d.init
		get State:/Network/Service/(saved)/DNS
		set State:/Network/Service/${PRIMARY_IF}/DNS
		remove State:/Network/Service/(saved)/DNS
	EOF
	) | scutil

}
function stop_me () {
	/opt/local/sbin/vpnc-disconnect || { echo "Can not stop VPNC session. exiting...."; exit 6; }
	restore_dns
}
# ------------------------------------------------------------------------
function start_me () {

	DEFROUTE=$(netstat -nr | awk '/^default/ {print $2}')

	/opt/local/sbin/vpnc || { echo "Can not start VPNC session. exiting...."; exit 3; }

	# ------------------------------------------------------------------------
	route delete default
	route add default ${DEFROUTE}
	for NET in ${TARGET_NETS};do
		route add -net ${NET} ${GW}
	done
	# ------------------------------------------------------------------------
	# let vpnc manage /etc/resolv.conf and get all info we need from it...
	#
	grep '@VPNC_GENERATED@' /etc/resolv.conf
	if [ $? != 0 ]; then
	  echo "/etc/resolv.conf is not @VPNC_GENERATED@"
	  exit 10
	fi
	# ------------------------------------------------------------------------
	DOMAIN=$(grep -v \\# /etc/resolv.conf | awk '/domain/ {print $2}')
	NS=$(echo $(grep -v \\# /etc/resolv.conf | awk '/nameserver/ {print $2}'))
	# ------------------------------------------------------------------------

	(cat <<-EOF
		# ------------------------------------------------------------------------
		# Save DNS state
		#
		d.init
		get State:/Network/Service/${PRIMARY_IF}/DNS
		set State:/Network/Service/(saved)/DNS
		d.init
		d.add ServerAddresses * ${NS}
		d.add DomainName ${DOMAIN}
		set State:/Network/Service/${PRIMARY_IF}/DNS
	EOF
	) | scutil

}
# ------------------------------------------------------------------------
case $1 in
	"start")
		start_me
	;;
	"stop")
		stop_me
	;;
	"restore")
		restore_dns
	;;
	*)
		echo "Usage $0 (start|stop|restore)"
		exit 5
	;;
esac
	#!/bin/bash
	# D.Kovalov, 2008

	# Non-debian patched vpns dos not support Target Nets config option.
	# This script would emulate it: resets default routing after vpnc starts
	# and sets DNS after startr/stop of VPNC

	#
	# User setting:
	# What nets are routced through vpnc tun deviceand what's gateway for it
	TARGET_NETS="10.12 172.18 192.168.2"
	GW=10.12.34.56
	# ------------------------------------------------------------------------
	#
	#
	[ $(uname -s) == 'Darwin' ] \|\| { echo 'This script is for MacOSX'; exit 1; }
	[ $(id -u) == 0 ] \|\| { echo Must be root; exit 2; }
	# ------------------------------------------------------------------------

	PRIMARY_IF=$(echo 'show State:/Network/Global/IPv4' \| scutil \| awk -F: '/PrimaryService/ {print $2}' \| sed 's/ //g')
	# ------------------------------------------------------------------------
	restore_dns () {
	# try to stop vpnc and ignore error
	/opt/local/sbin/vpnc-disconnect 2> /dev/null 1> /dev/null
	( cat <<-EOF
	# ------------------------------------------------------------------------
	# restore DNS setting
	d.init
	get State:/Network/Service/(saved)/DNS
	set State:/Network/Service/${PRIMARY_IF}/DNS
	remove State:/Network/Service/(saved)/DNS
	EOF
	) \| scutil

	}
	function stop_me () {
	/opt/local/sbin/vpnc-disconnect \|\| { echo "Can not stop VPNC session. exiting...."; exit 6; }
	restore_dns
	}
	# ------------------------------------------------------------------------
	function start_me () {

	DEFROUTE=$(netstat -nr \| awk '/^default/ {print $2}')

	/opt/local/sbin/vpnc \|\| { echo "Can not start VPNC session. exiting...."; exit 3; }

	# ------------------------------------------------------------------------
	route delete default
	route add default ${DEFROUTE}
	for NET in ${TARGET_NETS};do
	route add -net ${NET} ${GW}
	done
	# ------------------------------------------------------------------------
	# let vpnc manage /etc/resolv.conf and get all info we need from it...
	#
	grep '@VPNC_GENERATED@' /etc/resolv.conf
	if [ $? != 0 ]; then
	echo "/etc/resolv.conf is not @VPNC_GENERATED@"
	exit 10
	fi
	# ------------------------------------------------------------------------
	DOMAIN=$(grep -v \\# /etc/resolv.conf \| awk '/domain/ {print $2}')
	NS=$(echo $(grep -v \\# /etc/resolv.conf \| awk '/nameserver/ {print $2}'))
	# ------------------------------------------------------------------------

	(cat <<-EOF
	# ------------------------------------------------------------------------
	# Save DNS state
	#
	d.init
	get State:/Network/Service/${PRIMARY_IF}/DNS
	set State:/Network/Service/(saved)/DNS
	d.init
	d.add ServerAddresses * ${NS}
	d.add DomainName ${DOMAIN}
	set State:/Network/Service/${PRIMARY_IF}/DNS
	EOF
	) \| scutil

	}
	# ------------------------------------------------------------------------
	case $1 in
	"start")
	start_me
	;;
	"stop")
	stop_me
	;;
	"restore")
	restore_dns
	;;
	*)
	echo "Usage $0 (start\|stop\|restore)"
	exit 5
	;;
	esac