forked from jibla/ubuntu-openconnect-command
-
Notifications
You must be signed in to change notification settings - Fork 0
/
vpn.sh
122 lines (92 loc) · 2.37 KB
/
vpn.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
#!/bin/bash
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
PID_FILE_PATH='/var/run/vpn.pid'
LOG_PATH='/tmp/vpn_status.txt'
# format: 'host username password cert'. cert (certificate) is not mandatory
CREDENTIALS=(
'host1 username1 password1 cert1'
'host2 username2 password2'
'host3 username3 password3 cert3'
)
function start() {
if ! is_network_available
then
printf "Network is not available. Check your internet connection \n"
exit 1
fi
if is_vpn_running
then
printf "VPN is already running\n"
exit 1
fi
for item in "${CREDENTIALS[@]}"; do
local credentials=($item)
local host=${credentials[0]}
local username=${credentials[1]}
local password=${credentials[2]}
local cert=${credentials[3]}
connect $host $username $password $cert
if is_vpn_running
then
printf "VPN is connected \n"
print_current_ip_address
break
else
printf "VPN failed to connect! \n"
fi
done
}
function connect() {
echo "Connecting to $host"
cert=$(get_cert_if_provided $4)
echo $3 | openconnect $1 --user=$2 ${cert} -b --no-dtls --passwd-on-stdin --pid-file $PID_FILE_PATH > $LOG_PATH 2>&1
}
function status() {
is_vpn_running && printf "VPN is running \n" || printf "VPN is stopped \n"
}
function stop() {
if is_vpn_running
then
rm -f $PID_FILE_PATH > /dev/null 2>&1
kill -9 $(pgrep openconnect) > /dev/null 2>&1
fi
printf "VPN is disconnected \n"
print_current_ip_address
}
function print_info() {
echo "Usage: $(basename "$0") (start|stop|status|restart)"
}
function is_network_available() {
ping -q -c 1 -W 1 8.8.8.8 > /dev/null 2>&1;
}
function is_vpn_running() {
test ! -f $PID_FILE_PATH && return 1
local pid=$(cat $PID_FILE_PATH)
kill -0 $pid > /dev/null 2>&1
}
function print_current_ip_address() {
local ip=$(dig +short myip.opendns.com @resolver1.opendns.com)
printf "Your IP address is $ip \n"
}
function get_cert_if_provided() {
test -z $1 && echo '' || echo "--servercert $1"
}
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status
;;
restart)
$0 stop
$0 start
;;
*)
print_info
exit 0
;;
esac