Genesis

It as always been kind of a hassle to do actions upon connecting to a network using network manager, especially if you want your script to run a with user permissions.

Maybe you work for multiple companies and you want to setup and run some program when connecting to their VPN.

You could setup an up rule on your openvpn configuration but it would run as root, and only works for openvpn.

Why if instead you could have a program that watches network-manager events and run pre-specified commands?

Look no more and go check-out network-manager-connection-action.

How

This program is written in Rust and uses Tokio projects to connect to dbus and listen for event from network-manager, if an event come from a connection for which the UUID exist in config file, it runs the associated command.

SSH canonicalization usage

I personally been using this program to automatically setup ssh canonicalization on the company search domains when connecting to the VPN.

With the following ssh configuration at the top:

##################
#Canonicalization#
##################

# Don't canonicalize host with dots (assume there are already full hostname)
CanonicalizeMaxDots 0

# Fallback to local name Resolution in any case
CanonicalizeFallbackLocal yes
CanonicalizeHostname yes

# Include static list
Include static_canonical_domains.conf

# Include script generated list of CanonicalDomains
Include tmp/canonical_domains.conf

tmp/canonical_domains.conf is generated using ssh_canonicalization_gen.sh when connecting to the company VPN.

It will transform the file into this:

CanonicalDomains internal.company.com historic.company.com

This usage can be found in repository's example directory