|
|
|
@ -46,8 +46,7 @@ HOOKS_DIR=/etc/openconnect |
|
|
|
|
|
|
|
# Section B: Split DNS handling |
|
|
|
|
|
|
|
# 1) Maybe dnsmasq can do something like that |
|
|
|
# 2) Parse dns packets going out via tunnel and redirect them to original dns-server |
|
|
|
# 1) We parse CISCO_SPLIT_DNS and use dnsmasq to set it |
|
|
|
|
|
|
|
do_connect() { |
|
|
|
if [ -n "$CISCO_BANNER" ]; then |
|
|
|
@ -82,8 +81,23 @@ do_connect() { |
|
|
|
[[ "$addr" != "$mask" ]] && proto_add_ipv6_address "$addr" "$mask" |
|
|
|
fi |
|
|
|
|
|
|
|
[ -n "$INTERNAL_IP4_DNS" ] && proto_add_dns_server "$INTERNAL_IP4_DNS" |
|
|
|
[ -n "$CISCO_DEF_DOMAIN" ] && proto_add_dns_search "$CISCO_DEF_DOMAIN" |
|
|
|
if [ -n "$CISCO_SPLIT_DNS" ] && [ -d "/tmp/dnsmasq.d/" ];then |
|
|
|
SDNS=`echo $CISCO_SPLIT_DNS|sed 's/,/\n/g'` |
|
|
|
DNSMASQ_FILE="/tmp/dnsmasq.d/openconnect.$TUNDEV" |
|
|
|
rm -f $DNSMASQ_FILE |
|
|
|
echo "$SDNS" | while read i; do |
|
|
|
if [ -n "$INTERNAL_IP4_DNS" ];then |
|
|
|
echo "server=/$i/$INTERNAL_IP4_DNS" >> $DNSMASQ_FILE |
|
|
|
fi |
|
|
|
if [ -n "$INTERNAL_IP6_DNS" ];then |
|
|
|
echo "server=/$i/$INTERNAL_IP6_DNS" >> $DNSMASQ_FILE |
|
|
|
fi |
|
|
|
done |
|
|
|
/etc/init.d/dnsmasq restart |
|
|
|
else |
|
|
|
[ -n "$INTERNAL_IP4_DNS" ] && proto_add_dns_server "$INTERNAL_IP4_DNS" |
|
|
|
[ -n "$CISCO_DEF_DOMAIN" ] && proto_add_dns_search "$CISCO_DEF_DOMAIN" |
|
|
|
fi |
|
|
|
|
|
|
|
if [ -n "$CISCO_SPLIT_INC" ]; then |
|
|
|
i=0 |
|
|
|
@ -120,6 +134,7 @@ do_connect() { |
|
|
|
} |
|
|
|
|
|
|
|
do_disconnect() { |
|
|
|
rm -f "/tmp/dnsmasq.d/openconnect.$TUNDEV" |
|
|
|
proto_init_update "$TUNDEV" 0 |
|
|
|
proto_send_update "$INTERFACE" |
|
|
|
} |
|
|
|
|
Nikos Mavrogiannopoulos
10 years ago