Skip to content

Instantly share code, notes, and snippets.

@quinncomendant
Last active May 13, 2022 06:52
Show Gist options
  • Save quinncomendant/3be731567e529415d5ee to your computer and use it in GitHub Desktop.
Save quinncomendant/3be731567e529415d5ee to your computer and use it in GitHub Desktop.
[WARNING: this script no longer works with newer versions of the roaming client software, which now has a *Disable* control in its menu so use that instead.] Cisco Umbrella Roaming Client management script for Mac OS X. This makes it easy to manage the background processes of umbrella to start, stop, restart, sleep and get status.
#!/bin/bash
# Quinn Comendant <[email protected]>
# https://gist.github.com/quinncomendant/3be731567e529415d5ee
# Since 25 Jan 2015
# Version 1.2.2
# q 13942 0.0 0.3 4408332 22096 ?? SN 7:32PM 0:00.27 /Applications/OpenDNS Roaming Client/RoamingClientMenubar.app/Contents/MacOS/RoamingClientMenubar
# nobody 13937 0.0 0.1 4296740 5164 ?? Ss 7:31PM 0:00.06 /usr/local/sbin/dnscrypt-proxy --user nobody --local-address=127.0.0.1:53 --plugin=libdcplugin_erc.so -d
# root 13903 0.0 0.2 4366308 13752 ?? SNs 7:31PM 0:00.25 /Library/Application Support/OpenDNS Roaming Client/dns-updater
CMD=$1;
if [[ `id -u` = 0 ]]; then
echo "You mustn't be root when executing this script";
exit;
fi
function usage {
echo "CLI tool to manage the Cisco Umbrella Roaming Client on macOS.
https://docs.umbrella.com/product/umbrella/umbrella-roaming-security/
This script will invoke sudo to start (launchctl) and stop (killall) services.
Usage: $(basename $0) COMMAND
COMMANDS:
stop Stop the umbrella services via launchctl.
start Start the umbrella services via launchctl.
restart Stop umbrella, then start again.
status Show some info about umbrella's status.
quickstatus Return exit code 0 if umbrella is running, otherwise exit code 1.
sleep [N] Stop umbrella for N seconds (default 60), then start it again (time enough to open a banned URL).
";
exit 1;
}
function start () {
echo -e "\033[0;31mNote: you should be using \`Umbrella Menu → Enable\` instead!\033[0m\n";
exit 1;
echo "Starting umbrella…";
sudo launchctl load /Library/LaunchDaemons/com.opendns.osx.RoamingClientConfigUpdater.plist;
launchctl load -w -S Aqua /Library/LaunchAgents/com.cisco.umbrella.menu.plist;
# launchctl load -w -S Aqua /Library/LaunchAgents/com.opendns.osx.RoamingClientMenubar.plist;
# sudo launchctl bootstrap system/com.apple.Dock.plist /Library/LaunchAgents/com.opendns.osx.RoamingClientMenubar.plist
# launchctl load /Library/LaunchAgents/com.opendns.osx.RoamingClientMenubar.plist
}
function stop () {
echo -e "\033[0;31mNote: you should be using \`Umbrella Menu → Disable\` instead!\033[0m\n";
exit 1;
echo "Stopping umbrella…";
sudo launchctl unload /Library/LaunchDaemons/com.opendns.osx.RoamingClientConfigUpdater.plist;
sudo launchctl remove com.opendns.osx.RoamingClientConfigUpdater;
launchctl remove com.cisco.umbrella.menu;
# launchctl remove com.opendns.osx.RoamingClientMenubar;
# launchctl remove com.opendns.osx.RoamingClientMenubar.5096;
sudo killall OpenDNSDiagnostic &>/dev/null;
sleep 1;
$0 quickstatus || echo "Umbrella is stopped";
}
function status () {
if $0 quickstatus; then
echo "Umbrella is running. Checking debug.opendns.com DNS…";
dig debug.opendns.com txt +time=2 +tries=1 +short | sed 's/^"/ "/' | grep '"';
[[ 1 == $? ]] && echo "Umbrella is not functioning correctly!"
else
# Some part of umbrella is stopped. Let's stop it all to remain consistent.
stop &>/dev/null
echo "Umbrella is stopped";
[[ -e /etc/resolv.conf ]] && grep -q 127.0.0.1 /etc/resolv.conf && echo "Without umbrella running, you'll need to remove 127.0.0.1 from your DNS servers before you can resolve domains.";
fi
echo "Currently using name servers: $(cat /etc/resolv.conf | grep nameserver | sed 's/nameserver //' | tr '\n' ' ') (akamai says $(dig whoami.akamai.net +short); ultradns says $(dig whoami.ultradns.net +short))";
}
function quickstatus () {
# Exit status 0 = dnscrypt is running.
# if [[ 3 -eq $(ps auwwx | egrep "/(dnscrypt|RoamingClientMenubar|dns-updater)" | grep -v egrep | wc -l) ]]; then
if [[ 3 -eq $(ps auwwx | egrep "/(RoamingClientMenubar|dns-updater|dnscrypt-proxy)" | grep -v egrep | wc -l) ]]; then
exit 0;
else
exit 1;
fi;
}
case $CMD in
(start) start;;
(stop) stop;;
(restart) stop && start;;
# While sleeping, extent sudo credentials as long as duration.
(sleep) duration=${2:-60}; stop && echo "Sleeping $duration seconds…" && cnt=0 && while [[ cnt -lt $duration ]]; do sleep 1; sudo -v; ((cnt++)); done && start;;
(status) status;;
(quickstatus) quickstatus;;
(*) usage;;
esac
exit 0;
@jpjeandron
Copy link

this is great. works well

@Roberto14
Copy link

Works like a charm! Thanks!

@MrMauricioLeite
Copy link

Thanks!! Just saved me a lot of time.

@quinncomendant
Copy link
Author

Updated the umbrella script to version 1.2:

  • Added sleep [N] command that stops umbrella for N seconds (default 60), then starts it again. The gives you time to open a URL that is blocked without needing to add the domain to a whitelist in the Umbrella dashboard.
  • Added quickstatus command that only returns 0 or 1 exit code if umbrella processes are running correctly.
  • Minor refactoring.

@kylejericson
Copy link

How do you fix this issue?
2021-01-20_00-16-22

@quinncomendant
Copy link
Author

Please note this script no longer works with newer versions of the roaming client software. However, the umbrella client now has a Disable control in its menu, which obviates the utility of this script.

@kylejericson
Copy link

@quinncomendant I just want to create a script that reports that status on roaming client.
I don't need the script to do anything but report the status.
Results have the following status:
Not Installed
Installed Only
Running

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment