alexz/runtipi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix Cisco libs, IPC socket, vpn-sso password and menu options
Some checks failed
Test / test (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Alex Zaw
2025-12-25 00:06:44 +00:00
parent d4acbfa5fc
commit ce2a91e7e3
3 changed files with 99 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apps/rego-tunnel-linux/source/Dockerfile
View File

@@ -40,7 +40,9 @@ RUN mkdir -p /usr/share/desktop-directories
COPY cisco-secure-client-linux64-5.1.14.145-core-vpn-webdeploy-k9.sh /tmp/cisco-install.sh COPY cisco-secure-client-linux64-5.1.14.145-core-vpn-webdeploy-k9.sh /tmp/cisco-install.sh
RUN chmod +x /tmp/cisco-install.sh && \ RUN chmod +x /tmp/cisco-install.sh && \
/tmp/cisco-install.sh && \ /tmp/cisco-install.sh && \
rm /tmp/cisco-install.sh rm /tmp/cisco-install.sh && \
echo "/opt/cisco/secureclient/lib" > /etc/ld.so.conf.d/cisco.conf && \
ldconfig
# Copy user data (hostscan, etc) # Copy user data (hostscan, etc)
COPY cisco-userdata.tar.gz /tmp/ COPY cisco-userdata.tar.gz /tmp/

2
apps/rego-tunnel-linux/source/entrypoint.sh
View File

@@ -39,6 +39,8 @@ start_gui() {
start_vpnagent() { start_vpnagent() {
# Load TUN module if needed # Load TUN module if needed
/opt/cisco/secureclient/bin/load_tun.sh 2>/dev/null || true /opt/cisco/secureclient/bin/load_tun.sh 2>/dev/null || true
# Clean up stale IPC socket
rm -f /root/.cisco/hostscan/.libcsd.ipc 2>/dev/null || true
# Start Cisco VPN agent daemon # Start Cisco VPN agent daemon
/opt/cisco/secureclient/bin/vpnagentd & /opt/cisco/secureclient/bin/vpnagentd &
pids+=($!) pids+=($!)

97
apps/rego-tunnel-linux/source/vpn-sso.sh
View File

@@ -9,11 +9,35 @@
# Ctrl+5 - Full sequence: email + Tab + password + Tab + TOTP + Enter # Ctrl+5 - Full sequence: email + Tab + password + Tab + TOTP + Enter
EMAIL="c-azaw@regoproducts.com" EMAIL="c-azaw@regoproducts.com"
PASSWORD='Ji@83278327$$@@' PASSWORD='Cj@83278327$$@@'
TOTP_SECRET="rzqtqskdwkhz6zyr" TOTP_SECRET="rzqtqskdwkhz6zyr"
VPN_HOST="vpn-ord1.dovercorp.com" VPN_HOST="vpn-ord1.dovercorp.com"
TARGET_IP="10.35.33.230" TARGET_IP="10.35.33.230"
# Parse command line arguments
SKIP_AUTO_LOGIN=false
while [[ $# -gt 0 ]]; do
case $1 in
-m|--menu)
SKIP_AUTO_LOGIN=true
shift
;;
*)
shift
;;
esac
done
# Default /etc/hosts content
DEFAULT_HOSTS='127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
162.209.24.100 vpn-ord1.dovercorp.com
13.67.192.27 vpn.dovercorp.com'
# Colors # Colors
RED='\033[0;31m' RED='\033[0;31m'
GREEN='\033[0;32m' GREEN='\033[0;32m'
@@ -297,10 +321,57 @@ main_menu() {
echo -e " ${CYAN}5${NC} - Test connection to $TARGET_IP" echo -e " ${CYAN}5${NC} - Test connection to $TARGET_IP"
echo -e " ${CYAN}6${NC} - Show network status" echo -e " ${CYAN}6${NC} - Show network status"
echo -e " ${CYAN}7${NC} - Kill all Cisco processes" echo -e " ${CYAN}7${NC} - Kill all Cisco processes"
echo -e " ${CYAN}8${NC} - Restart vpnagentd + test load_tun.sh"
echo -e " ${CYAN}9${NC} - Edit /etc/hosts"
echo -e " ${CYAN}0${NC} - Reset /etc/hosts to default"
echo -e " ${CYAN}q${NC} - Quit" echo -e " ${CYAN}q${NC} - Quit"
echo "" echo ""
} }
# Restart vpnagentd and test load_tun
restart_vpnagentd() {
log INFO "Testing load_tun.sh..."
/opt/cisco/secureclient/bin/load_tun.sh
if [ $? -eq 0 ]; then
log INFO "load_tun.sh: ${GREEN}OK${NC}"
else
log WARN "load_tun.sh: ${YELLOW}WARNING${NC}"
fi
log INFO "Restarting vpnagentd..."
sudo pkill -9 vpnagentd 2>/dev/null
sleep 1
# Clean up stale IPC socket
rm -f /root/.cisco/hostscan/.libcsd.ipc 2>/dev/null
sudo /opt/cisco/secureclient/bin/vpnagentd &
sleep 2
if pgrep -x vpnagentd >/dev/null; then
log INFO "vpnagentd: ${GREEN}RUNNING${NC}"
else
log ERROR "vpnagentd: ${RED}FAILED TO START${NC}"
fi
}
# Edit /etc/hosts
edit_hosts() {
log INFO "Opening /etc/hosts in nano..."
sudo nano /etc/hosts
}
# Reset /etc/hosts to default
reset_hosts() {
log INFO "Resetting /etc/hosts to default..."
echo "$DEFAULT_HOSTS" | sudo tee /etc/hosts > /dev/null
log INFO "/etc/hosts reset complete"
log DEBUG "Current contents:"
cat /etc/hosts | while IFS= read -r line; do
echo -e " ${GRAY}${NC} $line"
done
}
# Check if VPN is already connected # Check if VPN is already connected
check_vpn_status() { check_vpn_status() {
local vpn_iface=$(get_vpn_interface) local vpn_iface=$(get_vpn_interface)
@@ -459,8 +530,10 @@ start_anyconnect() {
log INFO "Script started" log INFO "Script started"
echo "" echo ""
# Check current status # Check current status and auto-start unless --menu flag
if check_vpn_status; then if [ "$SKIP_AUTO_LOGIN" = true ]; then
log INFO "Menu mode - skipping auto-login"
elif check_vpn_status; then
echo "" echo ""
log INFO "VPN already connected. Setting up forwarding..." log INFO "VPN already connected. Setting up forwarding..."
setup_forwarding setup_forwarding
@@ -525,6 +598,24 @@ while true; do
echo "" echo ""
main_menu main_menu
;; ;;
8)
echo ""
restart_vpnagentd
echo ""
main_menu
;;
9)
echo ""
edit_hosts
echo ""
main_menu
;;
0)
echo ""
reset_hosts
echo ""
main_menu
;;
q|Q) q|Q)
log INFO "Goodbye!" log INFO "Goodbye!"
exit 0 exit 0