cisco-vpn: Remove all VM references, use container IP

- Removed get_vm_bridge_ip() and get_container_gateway() - Added get_container_ip() for eth0 (172.31.0.x network) - Updated setup_forwarding() and show_network_status() - No more ens3/VM references
2026-01-17 03:03:53 +00:00
parent 89e8f5cffc
commit 657081678f
1 changed files with 13 additions and 25 deletions
--- a/apps/rego-tunnel/shared/cisco-vpn
+++ b/apps/rego-tunnel/shared/cisco-vpn
@@ -196,16 +196,10 @@ get_vpn_interface() {
    echo "$iface"
 }

-# Function to get VM's IP on the bridge network (for container routing)
-get_vm_bridge_ip() {
-    # Get IP from container network (172.31.0.x)
-    ip addr show ens3 2>/dev/null | grep -oP 'inet \K[\d.]+' | head -1
-}
-
-# Function to get container gateway IP
-get_container_gateway() {
-    # The container bridge gateway
-    echo "172.31.0.1"
+# Function to get container's IP on the rego-tunnel network
+get_container_ip() {
+    # eth0 is the rego-tunnel network (172.31.0.x)
+    ip addr show eth0 2>/dev/null | grep -oP 'inet \K[\d.]+' | head -1
 }

 # Function to get VPN tunnel IP
@@ -330,13 +324,11 @@ setup_forwarding() {
    fi

    local vpn_ip=$(get_vpn_ip)
-    local vm_bridge_ip=$(get_vm_bridge_ip)
-    local container_gw=$(get_container_gateway)
+    local container_ip=$(get_container_ip)

    log DEBUG "VPN interface: $vpn_iface"
    log DEBUG "VPN IP: $vpn_ip"
-    log DEBUG "VM bridge IP: $vm_bridge_ip"
-    log DEBUG "Container gateway: $container_gw"
+    log DEBUG "Container IP: $container_ip"

    # Enable IP forwarding
    run_cmd "Enabling IP forwarding" sysctl -w net.ipv4.ip_forward=1
@@ -410,7 +402,7 @@ setup_forwarding() {
        log WARN "Host watcher may not be running (trigger file still exists)"
    fi

-    log INFO "Container should now be able to reach $TARGET_IP through this VM"
+    log INFO "Routing configured for $TARGET_IP through VPN tunnel"
    echo ""
 }

@@ -454,9 +446,9 @@ show_totp() {
 show_network_status() {
    log INFO "Current network status:"

-    # VM IPs
+    # Container IPs
    echo ""
-    log DEBUG "VM Network Interfaces:"
+    log DEBUG "Container Network Interfaces:"
    ip -4 addr show | grep -E "inet |^[0-9]+:" | while IFS= read -r line; do
        echo -e "           ${GRAY}│${NC} $line"
    done
@@ -473,16 +465,12 @@ show_network_status() {
        log WARN "VPN Status: ${RED}NOT CONNECTED${NC}"
    fi

-    # Bridge IP (for container routing)
-    local vm_bridge_ip=$(get_vm_bridge_ip)
-    if [ -n "$vm_bridge_ip" ]; then
-        log DEBUG "VM IP on bridge: $vm_bridge_ip"
+    # Container IP on rego-tunnel network
+    local container_ip=$(get_container_ip)
+    if [ -n "$container_ip" ]; then
+        log DEBUG "Container IP: $container_ip"
    fi

-    # Container gateway
-    local container_gw=$(get_container_gateway)
-    log DEBUG "Container gateway: $container_gw"
-
    # Default gateway
    echo ""
    log DEBUG "Default gateway:"