Untitled

#! /usr/local/bin/bash

#
# Script for logging into the VPN without having to use the UI client and go through
# the repetition of entering in host, username, and password.
#
# Requires:
#  Bash 4.x
#
# Author: Matt Skinner
#         Isaac M
#
# Note: rename to vpn or some other name to make it easier to run on a regular
# basis.

declare -A config
# default values to use if environment variables are not defined.

#config["user_name"]=""
#config["password"]=""
#config["host"]=""

#Path to the VPN commandline interface
vpn_cmd="/opt/cisco/anyconnect/bin/vpn -s"

#compute defaults
if [ -z "$VPN_USER_NAME" ]
then
  user_name=${config["user_name"]}
else
  user_name=$VPN_USER_NAME
fi

if [ -z "$VPN_PASSWORD" ]
then
  password=${config["password"]}
else
  password=$VPN_PASSWORD
fi

if [ -z "$VPN_HOST" ]
then
  host=${config["host"]}
else
  host=$VPN_HOST
fi

function print_user_config_error {
  echo "Unable to continue because username and/or password is not configured properly. Either define an environment variable (VPN_USER_NAME, VPN_PASSWORD) or modify this script located at $0."
  exit 1
}

function print_host_config_error {
  echo "Unable to continue because the VPN host is not configured properly. Either define an environment variable (VPN_HOST) or modify this script located at $0."
  exit 1
}

if [[ -z "$user_name" || -z "$password" ]]
then
  print_user_config_error
fi

if [ -z "$host" ]
then
  print_host_config_error
fi

function determine_connection_status() {

  disconnected=$(/usr/bin/expect<<EOF
log_user 0

# uncomment the line below to show debug info for expect command
# exp_internal 1
spawn /opt/cisco/anyconnect/bin/vpn

expect -re "VPN> $"
send "state\r\n"

expect {
   -re "Disconnected\r\n\rVPN> $" {
       send_user "\r \033\[31mNot connected to VPN.\033\[0m\n";
       exit 1
   }
   -re "Connected\r\n\rVPN> $" {
       send_user "\r \033\[32mConnected to VPN.\033\[0m\n";
       exit 0
   }
   default {
       send_user "\r******* Get anyconnect status failed. Quitting ...\n";
       exit
   }
}
EOF
)

  ret_code="$?"
  # echo "exit status = $ret_code"
  echo "$disconnected"

  if [ "$ret_code" -gt 0 ]
  then
    disconnected=true
  else
    disconnected=false
  fi
}

function connect() {
  export host
  export user_name
  export password

  /usr/bin/expect<<EOF
log_user 0
spawn /opt/cisco/anyconnect/bin/vpn

expect -re "VPN> $"
send "connect $::env(host)\n"

expect {
  -re "Username:" { send "$::env(user_name)\n" }
  -re "Another AnyConnect application is running" { send_user "\r \033\[31mAnother AnyConnect is running. Quitting...\033\[0m\n";exit 1 }
}

expect -re "Password:"
send "$::env(password)\ry"

expect {
   -re "state: Disconnected"    { send_user "\r \033\[31mFailed connecting to $::env(host).\033\[0m\n";exit 1 }
   -re "state: Connected"       { send_user "\r \033\[32mConnected to $::env(host).\033\[0m\n";exit 0 }
   default                      { send_user "\r ******* Quitting ...\n";exit }
}
EOF
}

function disconnect() {
  echo -e "disconnect" | $vpn_cmd
}

function start() {
  if [ $disconnected = true ]
  then
    connect
  else
    echo "Cannot connect. Already connected."
  fi
}

function stop() {
  if [ $disconnected = true ]
  then
    echo "Already disconnected."
  else
    disconnect
 fi
}

function print_usage() {
  local me
  me=$(basename "$0")
  echo "USAGE: $me start | stop"
  exit 1
}

determine_connection_status

if [ "$1" ==  "start" ]
then
  start
  exit 0
elif [ "$1" == "stop" ]
then
  stop
  exit 0
else
  print_usage
fi