diff --git a/apps/rego-tunnel/shared/cisco-vpn b/apps/rego-tunnel/shared/cisco-vpn index b693a9e..e8fd388 100755 --- a/apps/rego-tunnel/shared/cisco-vpn +++ b/apps/rego-tunnel/shared/cisco-vpn @@ -196,16 +196,10 @@ get_vpn_interface() { echo "$iface" } -# Function to get VM's IP on the bridge network (for container routing) -get_vm_bridge_ip() { - # Get IP from container network (172.31.0.x) - ip addr show ens3 2>/dev/null | grep -oP 'inet \K[\d.]+' | head -1 -} - -# Function to get container gateway IP -get_container_gateway() { - # The container bridge gateway - echo "172.31.0.1" +# Function to get container's IP on the rego-tunnel network +get_container_ip() { + # eth0 is the rego-tunnel network (172.31.0.x) + ip addr show eth0 2>/dev/null | grep -oP 'inet \K[\d.]+' | head -1 } # Function to get VPN tunnel IP @@ -330,13 +324,11 @@ setup_forwarding() { fi local vpn_ip=$(get_vpn_ip) - local vm_bridge_ip=$(get_vm_bridge_ip) - local container_gw=$(get_container_gateway) + local container_ip=$(get_container_ip) log DEBUG "VPN interface: $vpn_iface" log DEBUG "VPN IP: $vpn_ip" - log DEBUG "VM bridge IP: $vm_bridge_ip" - log DEBUG "Container gateway: $container_gw" + log DEBUG "Container IP: $container_ip" # Enable IP forwarding run_cmd "Enabling IP forwarding" sysctl -w net.ipv4.ip_forward=1 @@ -410,7 +402,7 @@ setup_forwarding() { log WARN "Host watcher may not be running (trigger file still exists)" fi - log INFO "Container should now be able to reach $TARGET_IP through this VM" + log INFO "Routing configured for $TARGET_IP through VPN tunnel" echo "" } @@ -454,9 +446,9 @@ show_totp() { show_network_status() { log INFO "Current network status:" - # VM IPs + # Container IPs echo "" - log DEBUG "VM Network Interfaces:" + log DEBUG "Container Network Interfaces:" ip -4 addr show | grep -E "inet |^[0-9]+:" | while IFS= read -r line; do echo -e " ${GRAY}│${NC} $line" done @@ -473,16 +465,12 @@ show_network_status() { log WARN "VPN Status: ${RED}NOT CONNECTED${NC}" fi - # Bridge IP (for container routing) - local vm_bridge_ip=$(get_vm_bridge_ip) - if [ -n "$vm_bridge_ip" ]; then - log DEBUG "VM IP on bridge: $vm_bridge_ip" + # Container IP on rego-tunnel network + local container_ip=$(get_container_ip) + if [ -n "$container_ip" ]; then + log DEBUG "Container IP: $container_ip" fi - # Container gateway - local container_gw=$(get_container_gateway) - log DEBUG "Container gateway: $container_gw" - # Default gateway echo "" log DEBUG "Default gateway:"