Scripting - internal or external condition

LorealITG
New Contributor

Hello EveryBody,

First message, even if I read you all the time. I'm trying to modify a script created by Aaron Baumgarner.

that script is to install VLC. Actually we have here a cloud based proxy. I would like to modify the script to cross that proxy when we are in the intranet and not if we are outside.
here what I did:

check= ping -c 1 InternalIpOfEquipment if [$check = 0 ]; then /usr/bin/curl -x ProxyIP:443 --output /tmp/vlc.dmg "$fileURL" else /usr/bin/curl --output /tmp/vlc.dmg "$fileURL" fi

it seems not working. and don't find my error. Could you Help me?

1 ACCEPTED SOLUTION

ryan_ball
Valued Contributor

You can also do it like this where you have three checks:
1. Verify that the client IP address is 10.X.X.X
2. Verify that a dns lookup to a specific domain returns an ip of 10.X.X.X (rather than an external IP)
3. Verify that you can ping a specific internal server successfully

#!/bin/bash

function internal_network_test () {
    local domain="contoso.com"
    local internalServer="internalserver.contoso.com"

    echo "Performing internal network tests..."
    # Test that a user's IP address is an internal IP address
    addresses=$(ifconfig -a inet 2>/dev/null | sed -n -e '/127.0.0.1/d' -e '/0.0.0.0/d' -e '/inet/p' | awk '{print $2}')
    for address in $addresses; do
        if [[ "$address" =~ (^127.)|(^172.1[6-9].)|(^172.2[0-9].)|(^172.3[0-1].)|(^192.168.) ]]; then
            echo "Internal network test (Device IP) failed."
            return 1
        fi
    done

    # Test that DNS lookups find internal addresses, not external
    addresses=$(nslookup "$domain" | grep -A 1 "Name:" | grep "Address:" | awk '{print $2}')
    for address in $addresses; do
        if [[ ! "$address" =~ (^10.) ]]; then
            echo "Internal network test (DNS Lookup) failed."
            return 1
        fi
    done

    # Test for internal connectivity via Ping
    if ! ping -c 2 -o "$internalServer" &> /dev/null; then
        echo "Internal network test (Ping) failed."
        return 1
    fi
}

if internal_network_test; then
    echo "Device is internal."
   /usr/bin/curl -x ProxyIP:443 --output /tmp/vlc.dmg "$fileURL"
else
    echo "Device is external."
    /usr/bin/curl --output /tmp/vlc.dmg "$fileURL"
fi

exit 0

View solution in original post

3 REPLIES 3

ryan_ball
Valued Contributor

You are missing several quotes and your spaces inside your square brackets are off. Just do it like this:

#!/bin/bash

if ping -c 1 InternalIpOfEquipment; then
    /usr/bin/curl -x ProxyIP:443 --output /tmp/vlc.dmg "$fileURL"
else
    /usr/bin/curl --output /tmp/vlc.dmg "$fileURL"
fi

exit 0

ryan_ball
Valued Contributor

You can also do it like this where you have three checks:
1. Verify that the client IP address is 10.X.X.X
2. Verify that a dns lookup to a specific domain returns an ip of 10.X.X.X (rather than an external IP)
3. Verify that you can ping a specific internal server successfully

#!/bin/bash

function internal_network_test () {
    local domain="contoso.com"
    local internalServer="internalserver.contoso.com"

    echo "Performing internal network tests..."
    # Test that a user's IP address is an internal IP address
    addresses=$(ifconfig -a inet 2>/dev/null | sed -n -e '/127.0.0.1/d' -e '/0.0.0.0/d' -e '/inet/p' | awk '{print $2}')
    for address in $addresses; do
        if [[ "$address" =~ (^127.)|(^172.1[6-9].)|(^172.2[0-9].)|(^172.3[0-1].)|(^192.168.) ]]; then
            echo "Internal network test (Device IP) failed."
            return 1
        fi
    done

    # Test that DNS lookups find internal addresses, not external
    addresses=$(nslookup "$domain" | grep -A 1 "Name:" | grep "Address:" | awk '{print $2}')
    for address in $addresses; do
        if [[ ! "$address" =~ (^10.) ]]; then
            echo "Internal network test (DNS Lookup) failed."
            return 1
        fi
    done

    # Test for internal connectivity via Ping
    if ! ping -c 2 -o "$internalServer" &> /dev/null; then
        echo "Internal network test (Ping) failed."
        return 1
    fi
}

if internal_network_test; then
    echo "Device is internal."
   /usr/bin/curl -x ProxyIP:443 --output /tmp/vlc.dmg "$fileURL"
else
    echo "Device is external."
    /usr/bin/curl --output /tmp/vlc.dmg "$fileURL"
fi

exit 0

LorealITG
New Contributor

thanks a lot. it works perfectly and now a know how to :)