oss
/
openadk


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118
							#!/bin/sh
#* reason                       -- why this script was called, one of: pre-init connect disconnect
#* VPNGATEWAY                   -- vpn gateway address (always present)
#* TUNDEV                       -- tunnel device (always present)
#* INTERNAL_IP4_ADDRESS         -- address (always present)
#* INTERNAL_IP4_NETMASK         -- netmask (often unset)
#* INTERNAL_IP4_DNS             -- list of dns serverss
#* INTERNAL_IP4_NBNS            -- list of wins servers
#* CISCO_DEF_DOMAIN             -- default domain name
#* CISCO_BANNER                 -- banner from server
#* CISCO_SPLIT_INC              -- number of networks in split-network-list
#* CISCO_SPLIT_INC_%d_ADDR      -- network address
#* CISCO_SPLIT_INC_%d_MASK      -- subnet mask (for example: 255.255.255.0)
#* CISCO_SPLIT_INC_%d_MASKLEN   -- subnet masklen (for example: 24)
#* CISCO_SPLIT_INC_%d_PROTOCOL  -- protocol (often just 0)
#* CISCO_SPLIT_INC_%d_SPORT     -- source port (often just 0)
#* CISCO_SPLIT_INC_%d_DPORT     -- destination port (often just 0)

do_pre_init() {
	# bevore doing anything, make shure, the tun module is loaded and the
	# tun device nodes exist.
	if (exec 6<> /dev/net/tun) > /dev/null 2>&1 ; then
		:
	else # can't open /dev/net/tun
		test -e /proc/sys/kernel/modprobe && `cat /proc/sys/kernel/modprobe` tun 2>/dev/null
		# fix for broken devfs in kernel 2.6.x
		if [ "`readlink /dev/net/tun`" = misc/net/tun \
			-a ! -e /dev/net/misc/net/tun -a -e /dev/misc/net/tun ] ; then
			ln -sf /dev/misc/net/tun /dev/net/tun
		fi
		# make sure tun device exists
		if [ ! -e /dev/net/tun ]; then
			mkdir -p /dev/net
			mknod -m 0640 /dev/net/tun c 10 200
		fi
	fi
	echo "pre-init successful."
}

do_connect() {
	# after connection is established, we should update resolv.conf
	# and the kernel routing table

	# set up the interface
	ifconfig $TUNDEV $INTERNAL_IP4_ADDRESS pointopoint $INTERNAL_IP4_ADDRESS mtu 1412 up

	# set up the route to the remote side and remove any cached routes
	ip route add `ip route get "$VPNGATEWAY"`
	ip route flush cache

	# set up the default routes via vpnc-route
	echo "starting vpnc-route"
	/etc/vpnc/vpnc-route start

	if [ "x$INTERNAL_IP4_DNS" != "x" ]; then
		# set up the dns servers (add to resolv.conf)
		echo "setting up DNS server"
		# simply add the given servers to the resolv.conf file
		echo "" > /var/run/vpnc/resolv.conf
		for dns in $INTERNAL_IP4_DNS; do
			echo "nameserver $dns" >> /var/run/vpnc/resolv.conf
		done;
		cat /etc/resolv.conf >> /var/run/vpnc/resolv.conf
		mv /var/run/vpnc/resolv.conf /etc/resolv.conf
		# keep the DNS server IPs for shutdown
		echo "$INTERNAL_IP4_DNS" > /var/run/vpnc/dnsserver
	fi

}

do_disconnect() {
	# remove the nameserver from resolv.conf
	# and restore the old routing table

	# remove route to gateway
	ip route del $VPNGATEWAY

	# remove default routes
	/etc/vpnc/vpnc-route stop

	# remove the dns servers from resolv.conf
	if [ -f /var/run/vpnc/dnsserver ]; then
		re_dns="";
		for dns in `cat /var/run/vpnc/dnsserver`; do
			echo "removing DNS server $dns";
			if [ "x$re_dns" == "x" ]; then
				re_dns=\($dns\);
			else
				re_dns=$re_dns\|\($dns\);
			fi;
		done;
		echo "re_dns=$re_dns"
		cat /etc/resolv.conf | grep -v -E "($re_dns)|(^\ *$)" > /var/run/vpnc/resolv.conf
		mv /var/run/vpnc/resolv.conf /etc/resolv.conf
		rm /var/run/vpnc/dnsserver
	fi;
	
	# deconfigure network interface
	ifconfig $TUNDEV down
}

case "$reason" in
	pre-init)
		do_pre_init
		;;
	connect)
		do_connect
		;;
	disconnect)
		do_disconnect
		;;
	*)
		echo "unknown reason '$reason'. Maybe vpnc-script is out of date" 1>&2
		exit 1
		;;
esac

exit 0