From 22ce829f7ccbfa48b0a4ba6a210ee5ff7a904e3a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=BDubom=C3=ADr=20Carik?= Date: Thu, 23 Feb 2017 23:25:05 +0100 Subject: [PATCH 01/13] Identify TUN interface via its index instead of localized device name MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Ľubomír Carik --- vpnc-script-win.js | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index a3a0974..709721b 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -67,36 +67,37 @@ case "connect": (address_array[3] & netmask_array[3]) + 1 ); var internal_gw = internal_gw_array.join("."); + var tundevid = env("TUNIDX") echo("VPN Gateway: " + env("VPNGATEWAY")); echo("Internal Address: " + env("INTERNAL_IP4_ADDRESS")); echo("Internal Netmask: " + env("INTERNAL_IP4_NETMASK")); echo("Internal Gateway: " + internal_gw); - echo("Interface: \"" + env("TUNDEV") + "\""); + echo("Interface idx: \"" + tundevid + "\" (\"" + env("TUNDEV") + "\")"); if (env("INTERNAL_IP4_MTU")) { echo("MTU: " + env("INTERNAL_IP4_MTU")); - run("netsh interface ipv4 set subinterface \"" + env("TUNDEV") + + run("netsh interface ipv4 set subinterface \"" + tundevid + "\" mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); if (env("INTERNAL_IP6_ADDRESS")) { - run("netsh interface ipv6 set subinterface \"" + env("TUNDEV") + + run("netsh interface ipv6 set subinterface \"" + tundevid + "\" mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); } } - echo("Configuring \"" + env("TUNDEV") + "\" interface for Legacy IP..."); + echo("Configuring \"" + tundevid + "\" interface for Legacy IP..."); if (!env("CISCO_SPLIT_INC") && REDIRECT_GATEWAY_METHOD != 2) { // Interface metric must be set to 1 in order to add a route with metric 1 since Windows Vista - run("netsh interface ip set interface \"" + env("TUNDEV") + "\" metric=1"); + run("netsh interface ip set interface \"" + tundevid + "\" metric=1"); } if (env("CISCO_SPLIT_INC") || REDIRECT_GATEWAY_METHOD > 0) { - run("netsh interface ip set address \"" + env("TUNDEV") + "\" static " + + run("netsh interface ip set address \"" + tundevid + "\" static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK")); } else { // The default route will be added automatically - run("netsh interface ip set address \"" + env("TUNDEV") + "\" static " + + run("netsh interface ip set address \"" + tundevid + "\" static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK") + " " + internal_gw + " 1"); } @@ -108,7 +109,7 @@ case "connect": var wins = env("INTERNAL_IP4_NBNS").split(/ /); for (var i = 0; i < wins.length; i++) { run("netsh interface ip add wins \"" + - env("TUNDEV") + "\" " + wins[i] + tundevid + "\" " + wins[i] + " index=" + (i+1)); } } @@ -117,7 +118,7 @@ case "connect": var dns = env("INTERNAL_IP4_DNS").split(/ /); for (var i = 0; i < dns.length; i++) { run("netsh interface ip add dns \"" + - env("TUNDEV") + "\" " + dns[i] + tundevid + "\" " + dns[i] + " index=" + (i+1)); } } @@ -155,9 +156,9 @@ case "connect": echo("Route configuration done."); if (env("INTERNAL_IP6_ADDRESS")) { - echo("Configuring \"" + env("TUNDEV") + "\" interface for IPv6..."); + echo("Configuring \"" + tundevid + "\" interface for IPv6..."); - run("netsh interface ipv6 set address \"" + env("TUNDEV") + "\" " + + run("netsh interface ipv6 set address \"" + tundevid + "\" " + env("INTERNAL_IP6_ADDRESS") + " store=active"); echo("done."); @@ -166,7 +167,7 @@ case "connect": echo("Configuring IPv6 networks:"); if (env("INTERNAL_IP6_NETMASK") && !env("INTERNAL_IP6_NETMASK").match("/128$")) { run("netsh interface ipv6 add route " + env("INTERNAL_IP6_NETMASK") + - " \"" + env("TUNDEV") + "\" fe80::8 store=active") + " \"" + tundevid + "\" fe80::8 store=active") } if (env("CISCO_IPV6_SPLIT_INC")) { @@ -175,11 +176,11 @@ case "connect": var netmasklen = env("CISCO_SPLIT_INC_" + i + "_MASKLEN"); run("netsh interface ipv6 add route " + network + "/" + - netmasklen + " \"" + env("TUNDEV") + "\" fe80::8 store=active") + netmasklen + " \"" + tundevid + "\" fe80::8 store=active") } } else { echo("Setting default IPv6 route through VPN."); - run("netsh interface ipv6 add route 2000::/3 \"" + env("TUNDEV") + + run("netsh interface ipv6 add route 2000::/3 \"" + tundevid + "\" fe80::8 store=active"); } echo("IPv6 route configuration done."); From f497860ae7a96810aa71321d180399cd04e2422d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=BDubom=C3=ADr=20Carik?= Date: Sun, 26 Feb 2017 00:55:55 +0100 Subject: [PATCH 02/13] Use header/footer for Cisco banner message MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This will help to identify the banner message in other tools. Signed-off-by: Ľubomír Carik --- vpnc-script-win.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index 709721b..8df9651 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -187,9 +187,9 @@ case "connect": } if (env("CISCO_BANNER")) { - echo("--------------------------------------------------"); + echo("--------------------- BANNER ---------------------"); echo(env("CISCO_BANNER")); - echo("--------------------------------------------------"); + echo("------------------- BANNER end -------------------"); } break; case "disconnect": From e67359be2c1f2e43b2adcbb9118e283314d0ed7b Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Wed, 10 Sep 2014 10:40:12 +0200 Subject: [PATCH 03/13] Establish the direct route to the gateway earlier. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit By establishing the route prior to interface configuration we avoid traffic loops. Report and fix by Niels Peen. Resolves #5 Signed-off-by: Ľubomír Carik --- vpnc-script-win.js | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index 8df9651..d2bf78a 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -75,6 +75,9 @@ case "connect": echo("Internal Gateway: " + internal_gw); echo("Interface idx: \"" + tundevid + "\" (\"" + env("TUNDEV") + "\")"); + // Add direct route for the VPN gateway to avoid routing loops + run("route add " + env("VPNGATEWAY") + " mask 255.255.255.255 " + gw); + if (env("INTERNAL_IP4_MTU")) { echo("MTU: " + env("INTERNAL_IP4_MTU")); run("netsh interface ipv4 set subinterface \"" + tundevid + @@ -101,10 +104,6 @@ case "connect": env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK") + " " + internal_gw + " 1"); } - // Add direct route for the VPN gateway to avoid routing loops - run("route add " + env("VPNGATEWAY") + - " mask 255.255.255.255 " + gw); - if (env("INTERNAL_IP4_NBNS")) { var wins = env("INTERNAL_IP4_NBNS").split(/ /); for (var i = 0; i < wins.length; i++) { From ab393b011e48a072765c06d916b4f2b8008b4f08 Mon Sep 17 00:00:00 2001 From: Zhenyu Wu Date: Sun, 29 May 2016 03:40:40 +0200 Subject: [PATCH 04/13] Improved vpnc-script.js MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 2. Added REDIRECT_GATEWAY_METHOD = -1 mode, which leaves default route intact, but do all other necessary route setup. This mode can be used by advanced users who already have the persistent route set up. For example, only certain IP/subnet will to through VPN, while all other traffic still go through native interface (improves latency for, i.e. Google search) Signed-off-by: Ľubomír Carik --- vpnc-script-win.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index d2bf78a..64a40db 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -37,6 +37,7 @@ function waitForInterface() { return false; } + // -------------------------------------------------------------- // Script starts here // -------------------------------------------------------------- @@ -47,6 +48,7 @@ var ws = WScript.CreateObject("WScript.Shell"); var env = ws.Environment("Process"); // How to add the default internal route +// -1 - Do not touch default route (but do other necessary route setups) // 0 - As interface gateway when setting properties // 1 - As a 0.0.0.0/0 route with a lower metric than the default route // 2 - As 0.0.0.0/1 + 128.0.0.0/1 routes (override the default route cleanly) @@ -95,7 +97,7 @@ case "connect": run("netsh interface ip set interface \"" + tundevid + "\" metric=1"); } - if (env("CISCO_SPLIT_INC") || REDIRECT_GATEWAY_METHOD > 0) { + if (env("CISCO_SPLIT_INC") || REDIRECT_GATEWAY_METHOD != 0) { run("netsh interface ip set address \"" + tundevid + "\" static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK")); } else { From 9504fc3fb07d8baeadf28d0ecb6a2a70d2a14c7f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=BDubom=C3=ADr=20Carik?= Date: Fri, 3 Mar 2017 22:50:55 +0100 Subject: [PATCH 05/13] Write output to log file (enabled via 'LOG2FILE' env. variable); exec error codes fixed. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Small re-indentation and re-wrap as well. Based on many commits from openconnect-gui project. Thanks. Signed-off-by: Ľubomír Carik --- vpnc-script-win.js | 157 ++++++++++++++++++++++++++------------------- 1 file changed, 90 insertions(+), 67 deletions(-) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index 64a40db..e409542 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -1,25 +1,73 @@ +// // vpnc-script-win.js // // Sets up the Network interface and the routes // needed by vpnc. +// + +var internal_ip4_netmask = "255.255.255.0"; + +// How to add the default internal route +// -1 - Do not touch default route (but do other necessary route setups) +// 0 - As interface gateway when setting properties +// 1 - As a 0.0.0.0/0 route with a lower metric than the default route +// 2 - As 0.0.0.0/1 + 128.0.0.0/1 routes (override the default route cleanly) +var REDIRECT_GATEWAY_METHOD = 0; // -------------------------------------------------------------- // Utilities // -------------------------------------------------------------- +var accumulatedExitCode = 0; + +var ws = WScript.CreateObject("WScript.Shell"); +var env = ws.Environment("Process"); +var comspec = ws.ExpandEnvironmentStrings("%comspec%"); + +if (env("LOG2FILE")) { + var fs = WScript.CreateObject("Scripting.FileSystemObject"); + var tmpdir = fs.GetSpecialFolder(2)+"\\"; + var log = fs.OpenTextFile(tmpdir + "vpnc.log", 8, true); +} function echo(msg) { - WScript.echo(msg); + // TODO: prepend UTC? timestamp to every message + if (env("LOG2FILE")) { + log.WriteLine(msg); + } else { + WScript.echo(msg); + } } -function run(cmd) +function echoMultiLine(msg) { - return (ws.Exec(cmd).StdOut.ReadAll()); + if (env("LOG2FILE")) { + log.Write(msg); + } else { + WScript.echo(msg); + } +} + +function exec(cmd) +{ + echo("<<-- [EXEC] " + cmd); + var oExec = ws.Exec(comspec + " /C \"" + cmd + "\" 2>&1"); + oExec.StdIn.Close(); + + var s = oExec.StdOut.ReadAll(); + echoMultiLine(s); + + var status = oExec.Status; + var exitCode = oExec.ExitCode; + echo("-->> (exitCode: " + exitCode + ")"); + accumulatedExitCode += exitCode; + + return s; } function getDefaultGateway() { - if (run("route print").match(/0\.0\.0\.0 *(0|128)\.0\.0\.0 *([0-9\.]*)/)) { + if (exec("route print").match(/0\.0\.0\.0 *(0|128)\.0\.0\.0 *([0-9\.]*)/)) { return (RegExp.$2); } return (""); @@ -30,7 +78,7 @@ function waitForInterface() { for (var i = 0; i < 5; i++) { echo("Waiting for interface to come up..."); WScript.Sleep(2000); - if (run("route print").match(if_route)) { + if (exec("route print").match(if_route)) { return true; } } @@ -41,19 +89,6 @@ function waitForInterface() { // -------------------------------------------------------------- // Script starts here // -------------------------------------------------------------- - -var internal_ip4_netmask = "255.255.255.0" - -var ws = WScript.CreateObject("WScript.Shell"); -var env = ws.Environment("Process"); - -// How to add the default internal route -// -1 - Do not touch default route (but do other necessary route setups) -// 0 - As interface gateway when setting properties -// 1 - As a 0.0.0.0/0 route with a lower metric than the default route -// 2 - As 0.0.0.0/1 + 128.0.0.0/1 routes (override the default route cleanly) -var REDIRECT_GATEWAY_METHOD = 0; - switch (env("reason")) { case "pre-init": break; @@ -69,7 +104,7 @@ case "connect": (address_array[3] & netmask_array[3]) + 1 ); var internal_gw = internal_gw_array.join("."); - var tundevid = env("TUNIDX") + var tundevid = env("TUNIDX"); echo("VPN Gateway: " + env("VPNGATEWAY")); echo("Internal Address: " + env("INTERNAL_IP4_ADDRESS")); @@ -78,56 +113,48 @@ case "connect": echo("Interface idx: \"" + tundevid + "\" (\"" + env("TUNDEV") + "\")"); // Add direct route for the VPN gateway to avoid routing loops - run("route add " + env("VPNGATEWAY") + " mask 255.255.255.255 " + gw); + exec("route add " + env("VPNGATEWAY") + " mask 255.255.255.255 " + gw); if (env("INTERNAL_IP4_MTU")) { - echo("MTU: " + env("INTERNAL_IP4_MTU")); - run("netsh interface ipv4 set subinterface \"" + tundevid + - "\" mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); - if (env("INTERNAL_IP6_ADDRESS")) { - run("netsh interface ipv6 set subinterface \"" + tundevid + - "\" mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); - } + echo("MTU: " + env("INTERNAL_IP4_MTU")); + exec("netsh interface ipv4 set subinterface \"" + tundevid + "\" mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); + if (env("INTERNAL_IP6_ADDRESS")) { + exec("netsh interface ipv6 set subinterface \"" + tundevid + "\" mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); + } } echo("Configuring \"" + tundevid + "\" interface for Legacy IP..."); if (!env("CISCO_SPLIT_INC") && REDIRECT_GATEWAY_METHOD != 2) { // Interface metric must be set to 1 in order to add a route with metric 1 since Windows Vista - run("netsh interface ip set interface \"" + tundevid + "\" metric=1"); + exec("netsh interface ip set interface \"" + tundevid + "\" metric=1"); } if (env("CISCO_SPLIT_INC") || REDIRECT_GATEWAY_METHOD != 0) { - run("netsh interface ip set address \"" + tundevid + "\" static " + - env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK")); + exec("netsh interface ip set address \"" + tundevid + "\" static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK")); } else { // The default route will be added automatically - run("netsh interface ip set address \"" + tundevid + "\" static " + - env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK") + " " + internal_gw + " 1"); + exec("netsh interface ip set address \"" + tundevid + "\" static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK") + " " + internal_gw + " 1"); } - if (env("INTERNAL_IP4_NBNS")) { + if (env("INTERNAL_IP4_NBNS")) { var wins = env("INTERNAL_IP4_NBNS").split(/ /); for (var i = 0; i < wins.length; i++) { - run("netsh interface ip add wins \"" + - tundevid + "\" " + wins[i] - + " index=" + (i+1)); + exec("netsh interface ip add wins \"" + tundevid + "\" " + wins[i] + " index=" + (i+1)); } } - if (env("INTERNAL_IP4_DNS")) { + if (env("INTERNAL_IP4_DNS")) { var dns = env("INTERNAL_IP4_DNS").split(/ /); for (var i = 0; i < dns.length; i++) { - run("netsh interface ip add dns \"" + - tundevid + "\" " + dns[i] - + " index=" + (i+1)); + exec("netsh interface ip add dns \"" + tundevid + "\" " + dns[i] + " index=" + (i+1)); } } echo("done."); // Add internal network routes - echo("Configuring Legacy IP networks:"); - if (env("CISCO_SPLIT_INC")) { + echo("Configuring Legacy IP networks:"); + if (env("CISCO_SPLIT_INC")) { // Waiting for the interface to be configured before to add routes if (!waitForInterface()) { echo("Interface does not seem to be up."); @@ -136,10 +163,8 @@ case "connect": for (var i = 0 ; i < parseInt(env("CISCO_SPLIT_INC")); i++) { var network = env("CISCO_SPLIT_INC_" + i + "_ADDR"); var netmask = env("CISCO_SPLIT_INC_" + i + "_MASK"); - var netmasklen = env("CISCO_SPLIT_INC_" + i + - "_MASKLEN"); - run("route add " + network + " mask " + netmask + - " " + internal_gw); + var netmasklen = env("CISCO_SPLIT_INC_" + i + "_MASKLEN"); + exec("route add " + network + " mask " + netmask + " " + internal_gw); } } else if (REDIRECT_GATEWAY_METHOD > 0) { // Waiting for the interface to be configured before to add routes @@ -148,41 +173,35 @@ case "connect": } if (REDIRECT_GATEWAY_METHOD == 1) { - run("route add 0.0.0.0 mask 0.0.0.0 " + internal_gw + " metric 1"); + exec("route add 0.0.0.0 mask 0.0.0.0 " + internal_gw + " metric 1"); } else { - run("route add 0.0.0.0 mask 128.0.0.0 " + internal_gw); - run("route add 128.0.0.0 mask 128.0.0.0 " + internal_gw); + exec("route add 0.0.0.0 mask 128.0.0.0 " + internal_gw); + exec("route add 128.0.0.0 mask 128.0.0.0 " + internal_gw); } } echo("Route configuration done."); - if (env("INTERNAL_IP6_ADDRESS")) { + if (env("INTERNAL_IP6_ADDRESS")) { echo("Configuring \"" + tundevid + "\" interface for IPv6..."); - - run("netsh interface ipv6 set address \"" + tundevid + "\" " + - env("INTERNAL_IP6_ADDRESS") + " store=active"); - + exec("netsh interface ipv6 set address \"" + tundevid + "\" " + env("INTERNAL_IP6_ADDRESS") + " store=active"); echo("done."); // Add internal network routes - echo("Configuring IPv6 networks:"); - if (env("INTERNAL_IP6_NETMASK") && !env("INTERNAL_IP6_NETMASK").match("/128$")) { - run("netsh interface ipv6 add route " + env("INTERNAL_IP6_NETMASK") + - " \"" + tundevid + "\" fe80::8 store=active") + echo("Configuring IPv6 networks:"); + if (env("INTERNAL_IP6_NETMASK") && !env("INTERNAL_IP6_NETMASK").match("/128$")) { + exec("netsh interface ipv6 add route " + env("INTERNAL_IP6_NETMASK") + " \"" + tundevid + "\" fe80::8 store=active"); } - if (env("CISCO_IPV6_SPLIT_INC")) { + if (env("CISCO_IPV6_SPLIT_INC")) { for (var i = 0 ; i < parseInt(env("CISCO_IPV6_SPLIT_INC")); i++) { var network = env("CISCO_IPV6_SPLIT_INC_" + i + "_ADDR"); - var netmasklen = env("CISCO_SPLIT_INC_" + i + - "_MASKLEN"); - run("netsh interface ipv6 add route " + network + "/" + - netmasklen + " \"" + tundevid + "\" fe80::8 store=active") + var netmasklen = env("CISCO_SPLIT_INC_" + i + "_MASKLEN"); + exec("netsh interface ipv6 add route " + network + "/" + netmasklen + " \"" + tundevid + "\" fe80::8 store=active"); } } else { echo("Setting default IPv6 route through VPN."); - run("netsh interface ipv6 add route 2000::/3 \"" + tundevid + - "\" fe80::8 store=active"); + exec("netsh interface ipv6 add route 2000::/3 \"" + tundevid + + "\" fe80::8 store=active"); } echo("IPv6 route configuration done."); } @@ -194,7 +213,11 @@ case "connect": } break; case "disconnect": - // Delete direct route for the VPN gateway to avoid - run("route delete " + env("VPNGATEWAY") + " mask 255.255.255.255"); + // Delete direct route for the VPN gateway + exec("route delete " + env("VPNGATEWAY") + " mask 255.255.255.255"); } +if (env("LOG2FILE")) { + log.Close(); +} +WScript.Quit(accumulatedExitCode); From 28dedcaa1a7e6abb085f733c9a0e539f15191494 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=BDubom=C3=ADr=20Carik?= Date: Fri, 3 Mar 2017 23:30:54 +0100 Subject: [PATCH 06/13] Allow control of REDIRECT_GATEWAY_METHOD variable via env. variable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Ľubomír Carik --- vpnc-script-win.js | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index e409542..ba61401 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -5,18 +5,11 @@ // needed by vpnc. // -var internal_ip4_netmask = "255.255.255.0"; - -// How to add the default internal route -// -1 - Do not touch default route (but do other necessary route setups) -// 0 - As interface gateway when setting properties -// 1 - As a 0.0.0.0/0 route with a lower metric than the default route -// 2 - As 0.0.0.0/1 + 128.0.0.0/1 routes (override the default route cleanly) -var REDIRECT_GATEWAY_METHOD = 0; - // -------------------------------------------------------------- -// Utilities +// Initial setup // -------------------------------------------------------------- +var internal_ip4_netmask = "255.255.255.0"; + var accumulatedExitCode = 0; var ws = WScript.CreateObject("WScript.Shell"); @@ -29,6 +22,21 @@ if (env("LOG2FILE")) { var log = fs.OpenTextFile(tmpdir + "vpnc.log", 8, true); } +// How to add the default internal route +// -1 - Do not touch default route (but do other necessary route setups) +// 0 - As interface gateway when setting properties +// 1 - As a 0.0.0.0/0 route with a lower metric than the default route +// 2 - As 0.0.0.0/1 + 128.0.0.0/1 routes (override the default route cleanly) +if (env("REDIRECT_GATEWAY_METHOD")) { + var REDIRECT_GATEWAY_METHOD = env("REDIRECT_GATEWAY_METHOD"); +} else { + var REDIRECT_GATEWAY_METHOD = -1; +} + + +// -------------------------------------------------------------- +// Utilities +// -------------------------------------------------------------- function echo(msg) { // TODO: prepend UTC? timestamp to every message From 54a061149de9d9e7f8b93330fd110b2f748a8a00 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=CC=8Cubomi=CC=81r=20Carik?= Date: Mon, 7 Aug 2017 00:02:03 +0200 Subject: [PATCH 07/13] Undo custom routes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Based on suggestion in github/openconnect/openconnect-gui#125 Signed-off-by: Ľubomír Carik --- vpnc-script-win.js | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index ba61401..f0399ee 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -221,8 +221,42 @@ case "connect": } break; case "disconnect": + var gw = getDefaultGateway(); + echo("Default Gateway:" + gw) + // Delete direct route for the VPN gateway + echo(">Deleting Direct Route for VPN Gateway"); exec("route delete " + env("VPNGATEWAY") + " mask 255.255.255.255"); + + // Restore direct route + echo(">Restoring Direct Route"); + exec("route delete 0.0.0.0 mask 0.0.0.0 "); + exec("route add 0.0.0.0 mask 0.0.0.0 " + gw); + + // ReSet Tunnel Adapter IP = nothing + echo(">Resetting Tunnel Adapter IP"); + exec("netsh interface ip set address name=\"" + env("TUNDEV") + "\" source=static 1.0.0.0 255.255.255.255"); + exec("netsh interface ip delete address \"" + env("TUNDEV") + "\" 1.0.0.0"); + + // Take Down IPv4 Split Tunnel Server-side Network Routes + if (env("CISCO_SPLIT_INC")) { + echo(">Removing IPv4 Split Tunnel INC Server-side Network Routes:"); + for (var i = 0 ; i < parseInt(env("CISCO_SPLIT_INC")); i++) { + var network = env("CISCO_SPLIT_INC_" + i + "_ADDR"); + var netmask = env("CISCO_SPLIT_INC_" + i + "_MASK"); + exec("route delete " + network); + } + } + + // Take Down IPv4 Split Tunnel Client-side Network Routes + if (env("CISCO_SPLIT_LCL")) { + echo("Removing IPv4 Split Tunnel Local Client-side Network Routes:"); + for (var i = 0 ; i < parseInt(env("CISCO_SPLIT_LCL")); i++) { + var network = env("CISCO_SPLIT_LCL_" + i + "_ADDR"); + var netmask = env("CISCO_SPLIT_LCL_" + i + "_MASK"); + exec("route delete " + network); + } + } } if (env("LOG2FILE")) { From caec49d27c2626c26402389f915cca0d605e43c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=CC=8Cubomi=CC=81r=20Carik?= Date: Mon, 7 Aug 2017 00:29:26 +0200 Subject: [PATCH 08/13] Use interface index instead of interface name & logging MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Ľubomír Carik --- vpnc-script-win.js | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index f0399ee..feca65e 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -114,6 +114,7 @@ case "connect": var internal_gw = internal_gw_array.join("."); var tundevid = env("TUNIDX"); + echo("Default Gateway:" + gw) echo("VPN Gateway: " + env("VPNGATEWAY")); echo("Internal Address: " + env("INTERNAL_IP4_ADDRESS")); echo("Internal Netmask: " + env("INTERNAL_IP4_NETMASK")); @@ -222,21 +223,24 @@ case "connect": break; case "disconnect": var gw = getDefaultGateway(); - echo("Default Gateway:" + gw) + var tundevid = env("TUNIDX"); + + echo("Default Gateway: " + gw) + echo("Interface idx: \"" + tundevid + "\" (\"" + env("TUNDEV") + "\")"); // Delete direct route for the VPN gateway - echo(">Deleting Direct Route for VPN Gateway"); + echo("Deleting Direct Route for VPN Gateway"); exec("route delete " + env("VPNGATEWAY") + " mask 255.255.255.255"); // Restore direct route - echo(">Restoring Direct Route"); + echo("Restoring Direct Route"); exec("route delete 0.0.0.0 mask 0.0.0.0 "); exec("route add 0.0.0.0 mask 0.0.0.0 " + gw); // ReSet Tunnel Adapter IP = nothing - echo(">Resetting Tunnel Adapter IP"); - exec("netsh interface ip set address name=\"" + env("TUNDEV") + "\" source=static 1.0.0.0 255.255.255.255"); - exec("netsh interface ip delete address \"" + env("TUNDEV") + "\" 1.0.0.0"); + echo("Resetting Tunnel Adapter IP"); + exec("netsh interface ip set address \"" + tundevid + "\" source=static 1.0.0.0 255.255.255.255"); + exec("netsh interface ip delete address \"" + tundevid + "\" 1.0.0.0"); // Take Down IPv4 Split Tunnel Server-side Network Routes if (env("CISCO_SPLIT_INC")) { From 6d56a2603bc86bcc13e824333d0b10b7775848d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=CC=8Cubomi=CC=81r=20Carik?= Date: Sat, 30 Sep 2017 03:03:43 +0200 Subject: [PATCH 09/13] Don't wrap the command line string MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Ľubomír Carik --- vpnc-script-win.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index feca65e..bcba9a0 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -209,8 +209,7 @@ case "connect": } } else { echo("Setting default IPv6 route through VPN."); - exec("netsh interface ipv6 add route 2000::/3 \"" + tundevid + - "\" fe80::8 store=active"); + exec("netsh interface ipv6 add route 2000::/3 \"" + tundevid + "\" fe80::8 store=active"); } echo("IPv6 route configuration done."); } From 2e5747b2ec808d7f3d2a4d71b8d121fff81c249b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=CC=8Cubomi=CC=81r=20Carik?= Date: Sat, 30 Sep 2017 03:22:37 +0200 Subject: [PATCH 10/13] Keep more consistent for TUNIDX variable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Don't preset variable. Just expand on right place as other ones. Signed-off-by: Ľubomír Carik --- vpnc-script-win.js | 36 +++++++++++++++++------------------- 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index bcba9a0..cb4f6b2 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -112,51 +112,50 @@ case "connect": (address_array[3] & netmask_array[3]) + 1 ); var internal_gw = internal_gw_array.join("."); - var tundevid = env("TUNIDX"); echo("Default Gateway:" + gw) echo("VPN Gateway: " + env("VPNGATEWAY")); echo("Internal Address: " + env("INTERNAL_IP4_ADDRESS")); echo("Internal Netmask: " + env("INTERNAL_IP4_NETMASK")); echo("Internal Gateway: " + internal_gw); - echo("Interface idx: \"" + tundevid + "\" (\"" + env("TUNDEV") + "\")"); + echo("Interface idx: \"" + env("TUNIDX") + "\" (\"" + env("TUNDEV") + "\")"); // Add direct route for the VPN gateway to avoid routing loops exec("route add " + env("VPNGATEWAY") + " mask 255.255.255.255 " + gw); if (env("INTERNAL_IP4_MTU")) { echo("MTU: " + env("INTERNAL_IP4_MTU")); - exec("netsh interface ipv4 set subinterface \"" + tundevid + "\" mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); + exec("netsh interface ipv4 set subinterface \"" + env("TUNIDX") + "\" mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); if (env("INTERNAL_IP6_ADDRESS")) { - exec("netsh interface ipv6 set subinterface \"" + tundevid + "\" mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); + exec("netsh interface ipv6 set subinterface \"" + env("TUNIDX") + "\" mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); } } - echo("Configuring \"" + tundevid + "\" interface for Legacy IP..."); + echo("Configuring \"" + env("TUNIDX") + "\" interface for Legacy IP..."); if (!env("CISCO_SPLIT_INC") && REDIRECT_GATEWAY_METHOD != 2) { // Interface metric must be set to 1 in order to add a route with metric 1 since Windows Vista - exec("netsh interface ip set interface \"" + tundevid + "\" metric=1"); + exec("netsh interface ip set interface \"" + env("TUNIDX") + "\" metric=1"); } if (env("CISCO_SPLIT_INC") || REDIRECT_GATEWAY_METHOD != 0) { - exec("netsh interface ip set address \"" + tundevid + "\" static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK")); + exec("netsh interface ip set address \"" + env("TUNIDX") + "\" static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK")); } else { // The default route will be added automatically - exec("netsh interface ip set address \"" + tundevid + "\" static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK") + " " + internal_gw + " 1"); + exec("netsh interface ip set address \"" + env("TUNIDX") + "\" static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK") + " " + internal_gw + " 1"); } if (env("INTERNAL_IP4_NBNS")) { var wins = env("INTERNAL_IP4_NBNS").split(/ /); for (var i = 0; i < wins.length; i++) { - exec("netsh interface ip add wins \"" + tundevid + "\" " + wins[i] + " index=" + (i+1)); + exec("netsh interface ip add wins \"" + env("TUNIDX") + "\" " + wins[i] + " index=" + (i+1)); } } if (env("INTERNAL_IP4_DNS")) { var dns = env("INTERNAL_IP4_DNS").split(/ /); for (var i = 0; i < dns.length; i++) { - exec("netsh interface ip add dns \"" + tundevid + "\" " + dns[i] + " index=" + (i+1)); + exec("netsh interface ip add dns \"" + env("TUNIDX") + "\" " + dns[i] + " index=" + (i+1)); } } echo("done."); @@ -191,25 +190,25 @@ case "connect": echo("Route configuration done."); if (env("INTERNAL_IP6_ADDRESS")) { - echo("Configuring \"" + tundevid + "\" interface for IPv6..."); - exec("netsh interface ipv6 set address \"" + tundevid + "\" " + env("INTERNAL_IP6_ADDRESS") + " store=active"); + echo("Configuring \"" + env("TUNIDX") + "\" interface for IPv6..."); + exec("netsh interface ipv6 set address \"" + env("TUNIDX") + "\" " + env("INTERNAL_IP6_ADDRESS") + " store=active"); echo("done."); // Add internal network routes echo("Configuring IPv6 networks:"); if (env("INTERNAL_IP6_NETMASK") && !env("INTERNAL_IP6_NETMASK").match("/128$")) { - exec("netsh interface ipv6 add route " + env("INTERNAL_IP6_NETMASK") + " \"" + tundevid + "\" fe80::8 store=active"); + exec("netsh interface ipv6 add route " + env("INTERNAL_IP6_NETMASK") + " \"" + env("TUNIDX") + "\" fe80::8 store=active"); } if (env("CISCO_IPV6_SPLIT_INC")) { for (var i = 0 ; i < parseInt(env("CISCO_IPV6_SPLIT_INC")); i++) { var network = env("CISCO_IPV6_SPLIT_INC_" + i + "_ADDR"); var netmasklen = env("CISCO_SPLIT_INC_" + i + "_MASKLEN"); - exec("netsh interface ipv6 add route " + network + "/" + netmasklen + " \"" + tundevid + "\" fe80::8 store=active"); + exec("netsh interface ipv6 add route " + network + "/" + netmasklen + " \"" + env("TUNIDX") + "\" fe80::8 store=active"); } } else { echo("Setting default IPv6 route through VPN."); - exec("netsh interface ipv6 add route 2000::/3 \"" + tundevid + "\" fe80::8 store=active"); + exec("netsh interface ipv6 add route 2000::/3 \"" + env("TUNIDX") + "\" fe80::8 store=active"); } echo("IPv6 route configuration done."); } @@ -222,10 +221,9 @@ case "connect": break; case "disconnect": var gw = getDefaultGateway(); - var tundevid = env("TUNIDX"); echo("Default Gateway: " + gw) - echo("Interface idx: \"" + tundevid + "\" (\"" + env("TUNDEV") + "\")"); + echo("Interface idx: \"" + env("TUNIDX") + "\" (\"" + env("TUNDEV") + "\")"); // Delete direct route for the VPN gateway echo("Deleting Direct Route for VPN Gateway"); @@ -238,8 +236,8 @@ case "disconnect": // ReSet Tunnel Adapter IP = nothing echo("Resetting Tunnel Adapter IP"); - exec("netsh interface ip set address \"" + tundevid + "\" source=static 1.0.0.0 255.255.255.255"); - exec("netsh interface ip delete address \"" + tundevid + "\" 1.0.0.0"); + exec("netsh interface ip set address \"" + env("TUNIDX") + "\" source=static 1.0.0.0 255.255.255.255"); + exec("netsh interface ip delete address \"" + env("TUNIDX") + "\" 1.0.0.0"); // Take Down IPv4 Split Tunnel Server-side Network Routes if (env("CISCO_SPLIT_INC")) { From ad13794c132ba25f8284ba60dc47f631d5957c45 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=CC=8Cubomi=CC=81r=20Carik?= Date: Sat, 30 Sep 2017 03:28:02 +0200 Subject: [PATCH 11/13] We don't need quotation mark for tun device index MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It's just a number. The quotation marks make sense for previous version of script with interface names (which contains white chars). Signed-off-by: Ľubomír Carik --- vpnc-script-win.js | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index cb4f6b2..b51a4c2 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -118,44 +118,44 @@ case "connect": echo("Internal Address: " + env("INTERNAL_IP4_ADDRESS")); echo("Internal Netmask: " + env("INTERNAL_IP4_NETMASK")); echo("Internal Gateway: " + internal_gw); - echo("Interface idx: \"" + env("TUNIDX") + "\" (\"" + env("TUNDEV") + "\")"); + echo("Interface idx: " + env("TUNIDX") + " (\"" + env("TUNDEV") + "\")"); // Add direct route for the VPN gateway to avoid routing loops exec("route add " + env("VPNGATEWAY") + " mask 255.255.255.255 " + gw); if (env("INTERNAL_IP4_MTU")) { echo("MTU: " + env("INTERNAL_IP4_MTU")); - exec("netsh interface ipv4 set subinterface \"" + env("TUNIDX") + "\" mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); + exec("netsh interface ipv4 set subinterface " + env("TUNIDX") + " mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); if (env("INTERNAL_IP6_ADDRESS")) { - exec("netsh interface ipv6 set subinterface \"" + env("TUNIDX") + "\" mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); + exec("netsh interface ipv6 set subinterface " + env("TUNIDX") + " mtu=" + env("INTERNAL_IP4_MTU") + " store=active"); } } - echo("Configuring \"" + env("TUNIDX") + "\" interface for Legacy IP..."); + echo("Configuring " + env("TUNIDX") + " interface for Legacy IP..."); if (!env("CISCO_SPLIT_INC") && REDIRECT_GATEWAY_METHOD != 2) { // Interface metric must be set to 1 in order to add a route with metric 1 since Windows Vista - exec("netsh interface ip set interface \"" + env("TUNIDX") + "\" metric=1"); + exec("netsh interface ip set interface " + env("TUNIDX") + " metric=1"); } if (env("CISCO_SPLIT_INC") || REDIRECT_GATEWAY_METHOD != 0) { - exec("netsh interface ip set address \"" + env("TUNIDX") + "\" static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK")); + exec("netsh interface ip set address " + env("TUNIDX") + " static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK")); } else { // The default route will be added automatically - exec("netsh interface ip set address \"" + env("TUNIDX") + "\" static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK") + " " + internal_gw + " 1"); + exec("netsh interface ip set address " + env("TUNIDX") + " static " + env("INTERNAL_IP4_ADDRESS") + " " + env("INTERNAL_IP4_NETMASK") + " " + internal_gw + " 1"); } if (env("INTERNAL_IP4_NBNS")) { var wins = env("INTERNAL_IP4_NBNS").split(/ /); for (var i = 0; i < wins.length; i++) { - exec("netsh interface ip add wins \"" + env("TUNIDX") + "\" " + wins[i] + " index=" + (i+1)); + exec("netsh interface ip add wins " + env("TUNIDX") + " " + wins[i] + " index=" + (i+1)); } } if (env("INTERNAL_IP4_DNS")) { var dns = env("INTERNAL_IP4_DNS").split(/ /); for (var i = 0; i < dns.length; i++) { - exec("netsh interface ip add dns \"" + env("TUNIDX") + "\" " + dns[i] + " index=" + (i+1)); + exec("netsh interface ip add dns " + env("TUNIDX") + " " + dns[i] + " index=" + (i+1)); } } echo("done."); @@ -190,25 +190,25 @@ case "connect": echo("Route configuration done."); if (env("INTERNAL_IP6_ADDRESS")) { - echo("Configuring \"" + env("TUNIDX") + "\" interface for IPv6..."); - exec("netsh interface ipv6 set address \"" + env("TUNIDX") + "\" " + env("INTERNAL_IP6_ADDRESS") + " store=active"); + echo("Configuring " + env("TUNIDX") + " interface for IPv6..."); + exec("netsh interface ipv6 set address " + env("TUNIDX") + " " + env("INTERNAL_IP6_ADDRESS") + " store=active"); echo("done."); // Add internal network routes echo("Configuring IPv6 networks:"); if (env("INTERNAL_IP6_NETMASK") && !env("INTERNAL_IP6_NETMASK").match("/128$")) { - exec("netsh interface ipv6 add route " + env("INTERNAL_IP6_NETMASK") + " \"" + env("TUNIDX") + "\" fe80::8 store=active"); + exec("netsh interface ipv6 add route " + env("INTERNAL_IP6_NETMASK") + " " + env("TUNIDX") + " fe80::8 store=active"); } if (env("CISCO_IPV6_SPLIT_INC")) { for (var i = 0 ; i < parseInt(env("CISCO_IPV6_SPLIT_INC")); i++) { var network = env("CISCO_IPV6_SPLIT_INC_" + i + "_ADDR"); var netmasklen = env("CISCO_SPLIT_INC_" + i + "_MASKLEN"); - exec("netsh interface ipv6 add route " + network + "/" + netmasklen + " \"" + env("TUNIDX") + "\" fe80::8 store=active"); + exec("netsh interface ipv6 add route " + network + "/" + netmasklen + " " + env("TUNIDX") + " fe80::8 store=active"); } } else { echo("Setting default IPv6 route through VPN."); - exec("netsh interface ipv6 add route 2000::/3 \"" + env("TUNIDX") + "\" fe80::8 store=active"); + exec("netsh interface ipv6 add route 2000::/3 " + env("TUNIDX") + " fe80::8 store=active"); } echo("IPv6 route configuration done."); } @@ -223,7 +223,7 @@ case "disconnect": var gw = getDefaultGateway(); echo("Default Gateway: " + gw) - echo("Interface idx: \"" + env("TUNIDX") + "\" (\"" + env("TUNDEV") + "\")"); + echo("Interface idx: " + env("TUNIDX") + " (\"" + env("TUNDEV") + "\")"); // Delete direct route for the VPN gateway echo("Deleting Direct Route for VPN Gateway"); @@ -236,8 +236,8 @@ case "disconnect": // ReSet Tunnel Adapter IP = nothing echo("Resetting Tunnel Adapter IP"); - exec("netsh interface ip set address \"" + env("TUNIDX") + "\" source=static 1.0.0.0 255.255.255.255"); - exec("netsh interface ip delete address \"" + env("TUNIDX") + "\" 1.0.0.0"); + exec("netsh interface ip set address " + env("TUNIDX") + " source=static 1.0.0.0 255.255.255.255"); + exec("netsh interface ip delete address " + env("TUNIDX") + " 1.0.0.0"); // Take Down IPv4 Split Tunnel Server-side Network Routes if (env("CISCO_SPLIT_INC")) { From 71282fa1d9596e4f83a38bd807ef17893d8b600b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=BDubom=C3=ADr=20Carik?= Date: Fri, 2 Mar 2018 20:32:28 +0100 Subject: [PATCH 12/13] Revert gateway method setup (resolve openconnect/openconnect-gui#190) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit New version introduce issues for some users. Later, this option will be configurable via GUI Signed-off-by: Ľubomír Carik --- vpnc-script-win.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index b51a4c2..1d6dcca 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -30,7 +30,7 @@ if (env("LOG2FILE")) { if (env("REDIRECT_GATEWAY_METHOD")) { var REDIRECT_GATEWAY_METHOD = env("REDIRECT_GATEWAY_METHOD"); } else { - var REDIRECT_GATEWAY_METHOD = -1; + var REDIRECT_GATEWAY_METHOD = 0; } From 6ff76a5972de58d208bd87e413a8c0df6ae2dce2 Mon Sep 17 00:00:00 2001 From: Kyle Johnson Date: Thu, 6 Sep 2018 17:57:35 -0500 Subject: [PATCH 13/13] Set the default domain when provided --- vpnc-script-win.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/vpnc-script-win.js b/vpnc-script-win.js index 1d6dcca..f60b74d 100644 --- a/vpnc-script-win.js +++ b/vpnc-script-win.js @@ -131,6 +131,11 @@ case "connect": } } + // Set the default domain + if (env("CISCO_DEF_DOMAIN")) { + exec("wmic path Win32_NetworkAdapterConfiguration where InterfaceIndex=" + env("TUNIDX") + " call SetDNSDomain " + env("CISCO_DEF_DOMAIN")); + } + echo("Configuring " + env("TUNIDX") + " interface for Legacy IP..."); if (!env("CISCO_SPLIT_INC") && REDIRECT_GATEWAY_METHOD != 2) {