Much ado about scripting, Linux & Eclipse: card subject to change

2009-07-08

Mac OS X - VPN vs. LAN: DNS Royal Rumble

I've been "sharing the Mac experience" for the past day trying to get access to my local LAN and VPN concurrently. So far, it's only one or the other, but never both at the same time.

I've tried the Cisco client, the Shimo client, vpnc (compiled from scratch with and without openssl support), vpnc 0.5.3 from DarwinPorts, and even this custom bit of script I wrote based on some tips about using scutil.

#!/bin/bash
# goal here is to collect the DNS entries from the active services and merge them into the Global list

tmpfile=$(mktemp)

# get IPs from services using scutil
function getIPs ()
{
        return_IPs=""
        keys=$(echo "list State:/Network/"$1 | scutil | awk '{print $4}')
        for f in $keys; do
                echo "> show $f"
                printf "get "$f"\nshow "$f | scutil | grep "\."
                echo "show $f" | scutil 2>&1 | grep "\." 2>&1 | \
                  awk '{print $3}' 2>&1 >> $tmpfile
        done
        #cat $tmpfile
        IPlist=$(cat $tmpfile | sort -r 2>&1 | uniq 2>&1)
        for i in $IPlist; do
                return_IPs=$return_IPs" "$i
        done
        #echo $return_IPs
        rm -fr $tmpfile
}

function setIPs ()
{
        label="$1"
        IPs="$2"; # echo $IPs
        printf "get State:/Network/$label\nd.add ServerAddresses *$IPs\nset State:/Network/$label" | scutil
        echo "> show State:/Network/"$label
        printf "get State:/Network/"$label"\nshow State:/Network/"$label | \
          scutil | grep "\."
}

echo "--- BEFORE ---"
getIPs "Service/.+/DNS"
IPs=$return_IPs

echo ""; echo "--- AFTER ---"
setIPs "Service/com.cisco.VPN/DNS" "$IPs"
setIPs "Global/DNS" "$IPs"

mv /etc/resolv.conf /etc/resolv.conf.bak
for i in $IPs; do echo "nameserver $i" >> /etc/resolv.conf; done
# ./dnsfix.sh 
--- BEFORE ---
> show State:/Network/Service/F1C45B82-45A1-4F44-89AC-82102F187F0B/DNS
    0 : 192.168.x.y
> show State:/Network/Service/com.cisco.VPN/DNS
    0 : a.b.c.d
    1 : e.f.g.h

--- AFTER ---
> show State:/Network/Service/com.cisco.VPN/DNS
    0 : 192.168.x.y
    1 : a.b.c.d
    2 : e.f.g.h
> show State:/Network/Global/DNS
    0 : 192.168.x.y
    1 : a.b.c.d
    2 : e.f.g.h

Obviously, since it's a Mac, there's got to be a dead-simple way for this to work. Anyone know how?

0 comments: