refactor(cistech-tunnel): add IBMI_HOST and test_connection function

- Add hardcoded IBMI_HOST=10.3.1.201 for testing - Create test_connection() function for reuse - Use IBMI_HOST for connection tests and keepalive pings - TARGET_IP still used for routing rules
2026-01-17 16:53:40 +00:00
parent 4c7ff9d6a0
commit c6749fe856
1 changed files with 27 additions and 19 deletions
--- a/apps/cistech-tunnel/shared/openconnect-vpn
+++ b/apps/cistech-tunnel/shared/openconnect-vpn
@@ -20,6 +20,9 @@ TARGET_IP="${TARGET_IP:-10.3.1.0}"
 VPN_INTERFACE="${VPN_INTERFACE:-tun0}"
 CONTAINER_NETWORK="172.30.0.0/24"

+# Hardcoded test host (IBM i server)
+IBMI_HOST="10.3.1.201"
+
 # Log directory
 LOG_DIR="/var/log/openconnect-vpn"
 LOG_RETENTION_DAYS=7
@@ -177,6 +180,23 @@ get_totp() {
    oathtool --totp -b "$VPN_TOTP_SECRET"
 }

+# Test connection to IBMI_HOST
+test_connection() {
+    if [[ -z "$IBMI_HOST" ]]; then
+        log WARN "IBMI_HOST not set"
+        return 1
+    fi
+
+    log INFO "Testing connection to $IBMI_HOST..."
+    if ping -c 3 -W 3 "$IBMI_HOST" &>/dev/null; then
+        log INFO "Connection test: ${GREEN}SUCCESS${NC}"
+        return 0
+    else
+        log WARN "Connection test: ${RED}FAILED${NC} (may need manual route on host)"
+        return 1
+    fi
+}
+
 show_totp() {
    log INFO "Starting live TOTP display (Ctrl+C to stop)"
    echo ""
@@ -459,15 +479,8 @@ connect_vpn() {
    # Setup forwarding
    setup_forwarding

-    # Test connection
-    if [[ -n "$TARGET_IP" ]]; then
-        log INFO "Testing connection to $TARGET_IP..."
-        if ping -c 2 -W 3 "$TARGET_IP" &>/dev/null; then
-            log INFO "Connection test: ${GREEN}SUCCESS${NC}"
-        else
-            log WARN "Connection test: ${RED}FAILED${NC} (may need manual route on host)"
-        fi
-    fi
+    # Test connection to IBMI host
+    test_connection

    # Disable screen blanking
    xset s off 2>/dev/null || true
@@ -507,10 +520,10 @@ start_watchdog() {

            # Keepalive ping every 5 minutes
            if [ $((now - last_keepalive)) -ge $keepalive_interval ]; then
-                if [[ -n "$TARGET_IP" ]] && ping -c 1 -W 5 "$TARGET_IP" &>/dev/null; then
-                    log DEBUG "Keepalive ping to $TARGET_IP successful"
+                if [[ -n "$IBMI_HOST" ]] && ping -c 1 -W 5 "$IBMI_HOST" &>/dev/null; then
+                    log DEBUG "Keepalive ping to $IBMI_HOST successful"
                else
-                    log WARN "Keepalive ping to $TARGET_IP failed (VPN may be degraded)"
+                    log WARN "Keepalive ping to $IBMI_HOST failed (VPN may be degraded)"
                fi
                last_keepalive=$now
            fi
@@ -537,7 +550,7 @@ main_menu() {
    echo -e "  ${CYAN}2${NC} - Disconnect VPN"
    echo -e "  ${CYAN}3${NC} - Show VPN status"
    echo -e "  ${CYAN}4${NC} - Setup IP forwarding only"
-    echo -e "  ${CYAN}5${NC} - Test connection to $TARGET_IP"
+    echo -e "  ${CYAN}5${NC} - Test connection to $IBMI_HOST"
    echo -e "  ${CYAN}6${NC} - Show network status"
    echo -e "  ${CYAN}7${NC} - Show routing table"
    echo -e "  ${CYAN}8${NC} - Show live TOTP"
@@ -643,12 +656,7 @@ while true; do
        2) disconnect_vpn ;;
        3) check_vpn_status ;;
        4) setup_forwarding ;;
-        5) if [[ -n "$TARGET_IP" ]]; then
-               log INFO "Testing connection to $TARGET_IP..."
-               ping -c 3 "$TARGET_IP" && log INFO "Connection test: ${GREEN}SUCCESS${NC}" || log ERROR "Connection test: ${RED}FAILED${NC}"
-           else
-               log WARN "TARGET_IP not set"
-           fi ;;
+        5) test_connection ;;
        6) show_network_status ;;
        7) show_routes ;;
        8) show_totp ;;