Hedgehog with OOB/VPN connection sets ARKIME_NODE_HOST incorrectly

[mmguero]

Issue for tracking #559 by @divinehawk.

When using Hedgehog that has an OOB/VPN connection, ARKIME_NODE_HOST is set incorrectly to the IP address of the default gateway interface.

This patch will use the IP interface of the route for the OS_HOST, if set, rather than the default.

PR commit staged into development fork for release as mmguero-dev/Malcolm@ef5e672

[mmguero]

Hmmm, one thing I just thought of is what if OS_HOST is a hostname rather than an IP address (this actually would also mean shared/bin/ufw_allow_requests.sh would need to be tweaked).

We should probably detect this case and try to resolve it (?) before doing the ip route, as:

$ ip route get example.org
Error: any valid prefix is expected rather than "example.org"

So, I'll do like dig +short $OS_HOST first if it's not already an IP address, e.g.:

$ ip route get $(dig +short "example.org") | grep -Po '(?<=src )(\d{1,3}.){4}' | sed "s/ //g"
172.16.0.20

[mmguero]

Here's what I ended up on for that logic:

  ROUTE_DEST_IP=
  if [[ -n "$OS_HOST" ]]; then
    if [[ "$OS_HOST" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
      ROUTE_DEST_IP="$OS_HOST"
    else
      ROUTE_DEST_IP=$(dig +short "$OS_HOST" 2>/dev/null | head -n 1)
    fi
  fi
  [[ -n "$ROUTE_DEST_IP" ]] || ROUTE_DEST_IP=255.255.255.255
  PRIMARY_IP=$(ip route get "$ROUTE_DEST_IP" | grep -Po '(?<=src )(\d{1,3}.){4}' | sed "s/ //g")