Last active
July 15, 2024 11:57
-
-
Save kaleksandrov/3cfee92845a403da995e7e44ba771183 to your computer and use it in GitHub Desktop.
Simple script that starts and stops GlobalProtect.app on Mac OSX.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
case $# in | |
0) | |
echo "Usage: $0 {start|stop}" | |
exit 1 | |
;; | |
1) | |
case $1 in | |
start) | |
echo "Starting GlobalProtect..." | |
launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist | |
launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist | |
echo "Done!" | |
;; | |
stop) | |
echo "Stopping GlobalProtect..." | |
launchctl remove com.paloaltonetworks.gp.pangps | |
launchctl remove com.paloaltonetworks.gp.pangpa | |
echo "Done!" | |
;; | |
*) | |
echo "'$1' is not a valid verb." | |
echo "Usage: $0 {start|stop}" | |
exit 2 | |
;; | |
esac | |
;; | |
*) | |
echo "Too many args provided ($#)." | |
echo "Usage: $0 {start|stop}" | |
exit 3 | |
;; | |
esac |
Just to share:
Here is my version of start / stop script
# echo "START"
# set -e
# set -x
PORTAL="vpn.nios.net"
MAX_ATTEMPTS=10
SLEEP_INTERVAL=5
WAIT_FOR_APP_TO_BE_READY=5
WAIT_FOR_CONNECTION=15
function check_setup() {
if [ ! -e "/Applications/GlobalProtect.app" ]; then
echo "GlobalProtect app is not installed."
exit 1
fi
if [ ! -e "/Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist" ] || [ ! -e "/Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist" ]; then
echo "GlobalProtect launch agents are not properly set up."
exit 1
fi
}
function ensure_app_running() {
for ((i=1; i<=$MAX_ATTEMPTS; i++)); do
if osascript -e 'tell application "System Events" to (name of processes) contains "GlobalProtect"' &>/dev/null; then
sleep $WAIT_FOR_APP_TO_BE_READY
return 0
fi
echo "Waiting for GlobalProtect app to start..."
sleep $SLEEP_INTERVAL
done
echo "Failed to start GlobalProtect app."
exit 1
}
function start_vpn() {
echo -e "\nStarting GlobalProtect...\n"
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist
ensure_app_running
connect_vpn
sleep $WAIT_FOR_CONNECTION
if check_vpn_status; then
echo -e "\nVPN is connected to $PORTAL\n"
return 0
fi
for ((i=1; i<=$MAX_ATTEMPTS; i++)); do
connect_vpn
sleep $SLEEP_INTERVAL
if check_vpn_status; then
echo -e "\nVPN is connected to $PORTAL\n"
return 0
fi
done
echo -e "\nFailed to connect to VPN after $MAX_ATTEMPTS attempts\n"
exit 1
}
function connect_vpn() {
osascript <<EOF &>/dev/null
tell application "System Events"
tell process "GlobalProtect"
if not (exists window 1) then
click menu bar item 1 of menu bar 2 -- Activates the GlobalProtect "window" in the menubar
delay 2 -- Wait for 2 seconds
end if
set frontmost to true -- keep window 1 active
tell window 1
if exists (first button whose title is "Connect") then
tell (first button whose title is "Connect") to if exists then click
end if
end tell
end tell
end tell
EOF
}
function check_vpn_status() {
VPN_STATUS=$(osascript <<EOF 2>/dev/null
tell application "System Events"
tell process "GlobalProtect"
set frontmost to true -- keep window 1 active
tell window 1
if exists (first button whose title is "Disconnect") then
return "Connected"
else
return "Not Connected"
end if
end tell
end tell
end tell
EOF
)
echo "VPN status: $VPN_STATUS"
if [ "$VPN_STATUS" == "Connected" ]; then
return 0
elif [ "$VPN_STATUS" == "Not Connected" ]; then
return 1
else
return 1
fi
}
function stop_vpn() {
echo -e "\nStopping GlobalProtect...\n"
if ! launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist 2>/dev/null || \
! launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist 2>/dev/null; then
echo "Failed to bootout as current user, trying with sudo..."
sudo launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist 2>/dev/null
sudo launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist 2>/dev/null
fi
PIDS=$(launchctl list | grep -E 'com\.paloaltonetworks\.gp\.pangpa|com\.paloaltonetworks\.gp\.pangps' | awk '{print $1}')
if [ ! -z "$PIDS" ]; then
echo "Killing GlobalProtect processes..."
for PID in $PIDS; do
if sudo kill -9 $PID; then
echo "Killed process $PID"
else
echo "Failed to kill process $PID"
fi
done
fi
echo -e "\nVPN stopped\n"
}
case $1 in
start)
check_setup
start_vpn
;;
stop)
stop_vpn
;;
*)
echo "'$1' is not a valid verb."
echo "Usage: $0 {start|stop}"
exit 1
;;
esac
I adapted the script to kill globalprotect icon in tray on stop and open globalprotect app when start :
@damosse31 THANK YOU! That's exactly what I was looking for and it works perfectly on macOS Sonoma and GlobalProtect 6.1.4 🫶
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I adapted the script to kill globalprotect icon in tray on stop and open globalprotect app when start :