{"id":13714089,"url":"https://github.com/samm-git/jvpn","last_synced_at":"2025-05-07T01:32:08.418Z","repository":{"id":5525253,"uuid":"6727192","full_name":"samm-git/jvpn","owner":"samm-git","description":"Perl script to connect to the Juniper VPN with Host Checker enabled","archived":false,"fork":false,"pushed_at":"2017-01-27T15:41:59.000Z","size":189,"stargazers_count":77,"open_issues_count":16,"forks_count":61,"subscribers_count":13,"default_branch":"master","last_synced_at":"2024-05-23T04:32:59.692Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Perl","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/samm-git.png","metadata":{"files":{"readme":"README","changelog":"CHANGELOG","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2012-11-16T19:52:32.000Z","updated_at":"2024-05-23T04:32:59.693Z","dependencies_parsed_at":"2022-07-06T23:30:59.143Z","dependency_job_id":null,"html_url":"https://github.com/samm-git/jvpn","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samm-git%2Fjvpn","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samm-git%2Fjvpn/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samm-git%2Fjvpn/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/samm-git%2Fjvpn/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/samm-git","download_url":"https://codeload.github.com/samm-git/jvpn/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224551158,"owners_count":17330086,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T23:01:51.552Z","updated_at":"2024-11-14T01:30:37.505Z","avatar_url":"https://github.com/samm-git.png","language":"Perl","funding_links":[],"categories":["Perl"],"sub_categories":[],"readme":"Project status update: i do not have access to the Juniper VPN host anymore, \nso project is stalled. Feel free to fork it or use one of the 30+ forks :)\n\njvpn.pl - script to connect to the Juniper firewall with enabled HostChecker.\n\nFeatures\n * Emulates web browser to get authentication data\n * Automatically starts juniper client and passing data to it using TCP\n   connection (it is not possible with command line).\n * Able to download Linux client from the Juniper VPN server without browser or\n   Java.\n * Supports launching Host Checker to perform checks on a client host.\n * Could protect resolv.conf by setting +i attribute for the connection time\n * Works without Java machine on x86 and x86_64 hosts\n * Ability to run scripts on connect/disconnect events\n * Integration with external password/token providers, including \"stoken\" RSA\n   softkey.\n\nRequirements \n * Perl with LWP modules\n * openssl binary\n * unzip (only for client unpacking)\n\nUsage\nTo configure script edit jvpn.ini. If you don`t have installed client - run\njvpn.pl under sudo and it will download and install it automatically. If you \nwant to run it without sudo - set suid bit on the \"ncsvc\" binary.\nIf you have multiply configurations - use --conf switch to define ini file.\n\nHow it works\n 1) Script connecting to the VPN web portal with provided user name and password.\n 2) Then script handling different authentication scenarios to get DSID value\n 3) After getting DSID value script getting md5 fingerprint of the SSL \n    certificate.\n 4) If VPN client is not installed script downloading and unpacking it.\n 5) Script starting ncsvc and connecting to daemon (using TCP 127.0.0.1:4242\n    socket in ncsvc mode or using \"ncui\" wrapper in ncui mode).\n 6) Script emulates native GUI and passing configuration data to daemon. After\n    this step VPN should work.\n 7) Script can optionally protect resolv.conf from dhcpd or Network Manager by\n    setting +i flag on it (disabled by default).\n 8) On Ctrl+C script sending \"Disconnect\" command to the daemon and logging out\n    on the web site.\n\nDifference between mode=ncui and mode=ncsvc\nBy default jvpn work in the ncsvc mode. This could be changed in jvpn.ini using\n\"mode\" configuration setting. In ncsvc (default) mode jvpn establishing TCP \nsocket to nvsvc daemon and trying to establish connection using it protocol.\nIn \"ncui\" mode jvpn trying to use main() function libncui.so which later calling\nncsvc. If default mode does not work for you i am recommending to try \"ncui\"\nmode. Please note that to use ncui mode you should have gcc installed.\n\nScripting support\nIt is possible to run user-defined scripts on conncect/disconnect events. To\nuse this functionality you will need to define script to run in the jvpn.ini\nusing script=\u003cscriptname\u003e line. Script should be executable file.\nList of pre-defined variables and sample route table modification could be found \nin scripts/sample-script.sh.\n\nDifferent ways to provide password\nBy default jvpn asks for password on startup. It is also possible to define\npassword in configuration file or to use external program to provide pass/token.\nTo store password in configuration use \"password=plaintext:mypassword\" in ini\nfile. To use external scripts use \"password=helper:scripts/script.sh\".\nHelper script should provide password to stdout. If it is called second time\n(some VPN servers requesting additional tokens) jvpn defines OLDPIN variable\ncontaining first token code. See scripts/stoken.sh for example of \"stoken\"\nintegration.\n\nHost checker support\nIn version 0.7.0 it is possible to run hostchecker using \"hostchecker=1\" setting\nin jvpn.ini. Host Checker is used to perform checks on endpoint computers that\nconnect to the VPN device to make sure the endpoints meet certain security\nrequirements. If hostchecker support is enabled jvpn trying to run tncc.jar using\nJava, as web browser applet do. JRE needs to be installed to support this\nfeature. It is recommended to enable only if you are unable to connect without\nhost checker running.\n\nBugs and debugging\nThis script is done without any documentation, only using wireshark and\ndebugger. It is very likely that it has a bugs or will not work correctly for\nyou. If you need some support - enable debug and send me all information.\nScript debug is written to stdout and daemon log is written to the\n~/.juniper_networks/network_connect/ncsvc.log file.\n\nLicense\nThe author has placed this work in the Public Domain, thereby relinquishing\nall copyrights. Everyone is free to use, modify, republish, sell or give away\nthis work without prior consent from anybody.\n\nThis software is provided on an \"as is\" basis, without warranty of any\nkind. Use at your own risk! Under no circumstances shall the author(s) or\ncontributor(s) be liable for damages resulting directly or indirectly from\nthe use or non-use of this software.\n\nAuthor\nAlex Samorukov, samm@os2.kiev.ua\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsamm-git%2Fjvpn","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsamm-git%2Fjvpn","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsamm-git%2Fjvpn/lists"}