-
-
Save grahamc/fc17c9fb25a68795fb8c097bff8c9677 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env nix-shell | |
| #!nix-shell -i bash -p openconnect_openssl ocproxy freerdp utillinux | |
| # Note: this uses *bash* specifically because of $BASHPID: | |
| # we need to get the pid of the subshell. That is the only | |
| # reason. If there is a posix way to do that, let's do that :). | |
| set -eux | |
| scratch=$(mktemp -d -t tmp.XXXXXXXXXX) | |
| function finish { | |
| rm -rf "$scratch" | |
| } | |
| trap finish EXIT | |
| ( | |
| # Stop ourselves and wait to be continued by openconnect | |
| kill -stop $BASHPID | |
| sleep 1 | |
| # mount overtop of nscd's socket so DNS is forced to go through | |
| # their network | |
| mkdir $scratch/nscd | |
| vpnns -- bash -c " | |
| mount --bind '$scratch/nscd' /var/run/nscd | |
| xfreerdp /kbd-lang:0x00010409 \ | |
| /dynamic-resolution \ | |
| /d:xxx \ | |
| /u:xxxx \ | |
| /v:xxx | |
| " | |
| )& | |
| xfreepid=$! | |
| openconnect \ | |
| --script "kill -cont $xfreepid; vpnns --attach" \ | |
| --script-tun \ | |
| --cafile /rpool/persist/per-client/xxx/vpn-cert.pem \ | |
| --protocol=anyconnect \ | |
| --user=xxx \ | |
| --form-entry=main:group_list=Phone_Only \ | |
| --verbose \ | |
| --timestamp \ | |
| --interface tun0 \ | |
| xxx | |
| wait $xfreepid |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment