Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env bash
- # Fix network routing issues caused by Cisco AnyConnect VPN when using
- # VirtualBox and boot2docker on Mac OS X.
- #
- # Environment:
- # Mac OS X 10.9.5
- # VirtualBox 4.3.20
- # Cisco AnyConnect 3.1.04074
- # boot2docker v1.4.1 (Git commit: 43241cb)
- [ $(id -u) = 0 ] || { echo "You must be root (or use 'sudo')" ; exit 1; }
- : ${VPN_HOST:?"Need to set VPN_HOST"}
- : ${VPN_USER:?"Need to set VPN_USER"}
- CISCO_PATH=$(dirname $(find /opt/cisco -depth -name vpnagentd))
- : ${CISCO_PATH:?"Can't find Cisco path"}
- VPN="$CISCO_PATH/vpn"
- fwrule=`ipfw -a list | grep "deny ip from any to any"`
- fwrule_id=`echo $fwrule | awk '{ print $1 }'`
- if [ "$fwrule" != "" ]; then
- echo "Found blocking firewall rule: $(tput setaf 1)${fwrule}$(tput sgr0)"
- printf "Deleting rule ${fwrule_id} ... "
- ipfw delete ${fwrule_id}
- if [ $? == 0 ]; then
- echo "$(tput setaf 2)[OK]$(tput sgr0)"
- else
- echo "$(tput setaf 1)[FAIL]$(tput sgr0)"
- exit 1
- fi
- else
- echo "No blocking firewall rules found."
- fi
- # Add route to be able to connect to boot2docker VM
- docker_interface=$(sudo -u $(logname) VBoxManage showvminfo boot2docker-vm | grep -o -E 'vboxnet\d\d?')
- if [ -z "${docker_interface}" ]; then
- echo "No docker VM found"
- exit 1
- else
- echo "Found docker interface at $(tput setaf 1)${docker_interface}$(tput sgr0). Updating routes ..."
- # Disconnect Cisco VPN because it does not allow changes to route table
- echo "Disconnecting VPN ..."
- "$VPN" disconnect > /dev/null
- current_route=$(netstat -rn | grep 192.168.59)
- if [ -z "${current_route}" ]; then
- # no route, let's add it!
- route -nv add -net 192.168.59 -interface ${docker_interface} > /dev/null
- else
- route -nv change -net 192.168.59 -interface ${docker_interface} > /dev/null
- fi
- if [ $? == 0 ]; then
- echo "$(tput setaf 2)[OK]$(tput sgr0)"
- else
- echo "$(tput setaf 1)[FAIL]$(tput sgr0)"
- exit 1
- fi
- netstat -rn | grep 192.168.59
- # Reconnect VPN, get password from keychain
- echo "Reconnecting VPN ..."
- echo -e "$VPN_USER\n$(security find-generic-password -s AnyConnect -w)" | "$VPN" -s connect $VPN_HOST >/dev/null
- fi
- "$VPN" state
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement