Open smithjw opened 1 week ago
Hi James, yes I think there is a way this be improved. The way it works today is that before every outgoing request, Alpaca checks the set of network interfaces, and if this changes then it re-checks the PAC URL. This worked fine initially when there was no VPN to connect to, but the set of network interfaces won't change when a VPN connection is made. I've become a bit too reliant on your LaunchDaemon and never got around to fixing this :)
I'm thinking we could use a similar approach to that taken by the myIpAddress()
function as of #123 (released in v2.0.4), which now tries to detect the IP address of the internet-facing network interface. This does change when the VPN connection is made, so it would be a good check to make in addition to the set of network interfaces.
I'll give this a go over the next few days, is this something you could test on your end before it gets released?
I won't lie, I'm also pretty reliant on the LaunchDaemon and it almost makes things so transparent that I forget it's doing its thing.
But from a technical-complexity point of view, removing the dependency of this LaunchDaemon and a bash script to kickstart the LaunchAgent would be a big win.
I'd still package it with the LaunchAgent, but that would be all :).
Once you've got something to test, let me know!
I've found that
alpaca
doesn't always detect network changes (it's usually good about changing Wi-Fi networks, disconnecting/reconnecting), specifically connecting and disconnecting from VPN clients. Is there anything that could be done to improve its detection around these cases?In my current environment (and at the last org I had it deployed), the way that I have solved for this is to deploy
alpaca
with both aLaunchAgent
and aLaunchDaemon
. The Agent would be responsible for launchingalpaca
on login and keep it running, while the Daemon would be configured with aWatchPaths
to determine when GlobalProtect (current VPN client) wrote to a specific preferences file; this happens on connection and disconnection.Once the Daemon is triggered, it would wait a couple seconds, then kickstart the Agent as the logged in user to restart
alpaca
. I'd love if I didn't have to package these additional pieces withalpaca
to simplify things. Outside of this, the app does what it says and works great 😄.