Untitled

#! /bin/sh
### BEGIN INIT INFO


case "$1" in
start)
        echo "Limpiando reglas de iptables"
        iptables -P INPUT ACCEPT
        iptables -P FORWARD ACCEPT
        iptables -P OUTPUT ACCEPT
        iptables -t nat -F
        iptables -t mangle -F
        iptables -F
        iptables -X
        ip6tables -P INPUT ACCEPT
        ip6tables -P FORWARD ACCEPT
        ip6tables -P OUTPUT ACCEPT
        ip6tables -t nat -F
        ip6tables -t mangle -F
        ip6tables -F
        ip6tables -X
        echo "Limpiando dns:"
        mv /etc/resolv.conf /etc/resolv.conf.withoutvpn
        echo "nameserver 193.138.219.228" > /etc/resolv.conf
        echo "Conectando vpn en /etc/openvpn/mullvad_config_linux_all/"
        echo "Si no esta bajarla y copiarla en /etc/openvpn"
        echo "LINK: https://mullvad.net/en/download/config/"
        cd /etc/openvpn/mullvad_config_linux_all/
        echo "Usando servidor de nl"
        sudo nohup openvpn --config mullvad_nl.conf &
        sleep 5
        echo "Aplicando killswitch (verificar que las interfaces sean eth0 (old name): "
        sudo iptables -P OUTPUT DROP
        sudo iptables -A OUTPUT -o tun+ -j ACCEPT
        sudo iptables -A INPUT -i lo -j ACCEPT
        sudo iptables -A OUTPUT -o lo -j ACCEPT
        sudo iptables -A OUTPUT -d 255.255.255.255 -j ACCEPT
        sudo iptables -A INPUT -s 255.255.255.255 -j ACCEPT
        sudo iptables -A OUTPUT -o eth+ -p udp -m multiport --dports 53,1300:1302,1194:1197 -d 185.213.152.0/24,185.65.134.0/24,185.65.135.0/24,193.138.219.0/24,193.138.218.0/24,185.213.154.0/24 -j ACCEPT
        sudo iptables -A OUTPUT -o eth+ -p tcp -m multiport --dports 53,443 -d 185.213.152.0/24,185.213.154.0/24,193.138.218.0/24,185.65.134.0/24,185.65.135.0/24,193.138.218.0/24 -j ACCEPT
        sudo iptables -A OUTPUT -o eth+ ! -d 193.138.219.228 -p tcp --dport 53 -j DROP
        sudo ip6tables -P OUTPUT DROP
        sudo ip6tables -A OUTPUT -o tun+ -j ACCEPT
        echo "Testeando dns... (fijarse que tengan dir de vpn)"
        nslookup www.google.com
        echo "Testeando vpn..."
        whois $(curl https://am.i.mullvad.net)
        echo "Verificar manualmente el killswitch por si las moscas!!!"
        ;;
stop)
        echo "Matando el proceso de openvpn..."
        killall -s 15 openvpn
        sleep 5
        echo "Parando servidor"
        /etc/init.d/openvpn stop
        echo "Limpiando iptables..."
        iptables -P INPUT ACCEPT
        iptables -P FORWARD ACCEPT
        iptables -P OUTPUT ACCEPT
        iptables -t nat -F
        iptables -t mangle -F
        iptables -F
        iptables -X
        ip6tables -P INPUT ACCEPT
        ip6tables -P FORWARD ACCEPT
        ip6tables -P OUTPUT ACCEPT
        ip6tables -t nat -F
        ip6tables -t mangle -F
        ip6tables -F
        ip6tables -X
        echo "Limpiando routing table"
        echo "Si los dns quedaron bardeados se pueden restaurar con"
        echo "cp -a /etc/resolv.conf.orig /etc/resolv.conf"
        echo "Restaurando dns:"
        mv /etc/resolv.conf.withoutvpn /etc/resolv.conf
        echo "Testeando la conexion: "
        ping -c 1 www.google.com
        #por si se pone en pelotuda
        #ip route flush table main
        #/etc/init.d/networking restart
        #/etc/init.d/network-manager restart
        #route add default gw 192.168.1.0
        ;;
*)
        echo "Usage: mullvad {start|stop}"
        exit 1
        ;;
esac