- Add disown after vpnui & to suppress "killed" messages
- Ignore empty/whitespace input in menu loop
- Remove "Invalid choice" error (just ignore silently)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
After VPN reconnects, Cisco agent creates its chains asynchronously,
pushing our ACCEPT rules down where they're ineffective. Fix:
1. Wait up to 30s for ciscovpn chain to exist
2. Delete any existing rules (they may be in wrong position)
3. Insert fresh rules at position 1
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- host-routing.sh: Use nft instead of iptables for NAT masquerade
(iptables-nft backend doesn't support iptables -t nat commands)
- cisco-vpn: Use -I FORWARD 1 instead of -A FORWARD to insert rules
BEFORE Cisco VPN chains (which have catch-all DROP rules)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Added start_watchdog() function that:
- Checks VPN every 60 seconds
- Sends keepalive ping every 5 minutes to prevent idle timeout
- Auto-reconnects up to 3 times if VPN drops
- Disabled screen blanking in xstartup and after VPN connects
- Removed useless monitor loop that only logged
- Removed get_vm_bridge_ip() and get_container_gateway()
- Added get_container_ip() for eth0 (172.31.0.x network)
- Updated setup_forwarding() and show_network_status()
- No more ens3/VM references
- Removed all sudo commands since container runs as root
- Added LOG_FILE at /var/log/cisco-vpn.log
- Modified log() to write to both console and file
- Added startup logging with env var status
- Delete init-vpn.sh, vpn-connect.sh, xstartup from build/scripts
- Change cisco-vpn monitor to background process so menu shows after connect
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
SSH to host and restart rego-routing.service after VPN connection
is established in the VM.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
