Add support for running a command on VPN disconnection

When using VPN, I typically run a handful of SSH sessions to different servers. For convenience/stability/performance, I run those sessions over SSH ControlMaster connections. When I jump off the VPN, those master connections are left hanging and so are any SSH sessions using them. Even if I reconnect VPN, the master connection and its sessions are still non-responsive. And if I try to start a new SSH session, that will simply reuse the stale connection and will also hang with no progress or indication of what's wrong. My solution is to kill the stale master connections (also kills any lingering SSH sessions, and allows new sessions to establish a new, working, ControlMaster connection). I want this to happen automatically when I disconnect from VPN. This patch allows me to configure a command to be run automatically when disconnecting from VPN.
vlaci · Oct 20, 2020 · 6a43e67 · 6a43e67
1 parent ff29cc6
commit 6a43e67
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 0 deletions.
diff --git a/openconnect_sso/app.py b/openconnect_sso/app.py
@@ -77,6 +77,8 @@ def run(args):
     except KeyboardInterrupt:
         logger.warn("CTRL-C pressed, exiting")
         return 0
+    finally:
+        handle_disconnect(cfg.on_disconnect)
 
 
 def configure_logger(logger, level):
@@ -179,3 +181,9 @@ def run_openconnect(auth_info, host, proxy, args):
 
     logger.debug("Starting OpenConnect", command_line=command_line)
     return subprocess.run(command_line).returncode
+
+
+def handle_disconnect(command):
+    if command:
+        logger.info("Running command on disconnect", command_line=command)
+        return subprocess.run(command, timeout=5, shell=True).returncode
diff --git a/openconnect_sso/cli.py b/openconnect_sso/cli.py
@@ -79,6 +79,12 @@ def create_argparser():
         default="shown",
     )
 
+    parser.add_argument(
+        "--on-disconnect",
+        help="Command to run when disconnecting from VPN server",
+        default="",
+    )
+
     parser.add_argument(
         "-V", "--version", action="version", version=f"%(prog)s {__version__}"
     )

diff --git a/openconnect_sso/config.py b/openconnect_sso/config.py
@@ -115,6 +115,7 @@ class Config(ConfigNode):
             n: [AutoFillRule.from_dict(r) for r in rule] for n, rule in rules.items()
         },
     )
+    on_disconnect = attr.ib(converter=str, default="")
 
 
 class DisplayMode(enum.Enum):