bt90

ufw4vpn

Sep 29th, 2013
1,418
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. ###########################################
  3. #          Created by Thomas Butz         #
  4. #   E-Mail: btom1990(at)googlemail.com    #
  5. #  Feel free to copy & share this script  #
  6. ###########################################
  7.  
  8. # Adapt this value to your config!
  9. VPN_DST_PORT=3478
  10.  
  11. # Don't change anything beyond this point
  12. ###########################################
  13.  
  14. # Check for root priviliges
  15. if [[ $EUID -ne 0 ]]; then
  16.    printf "Please run as root:\nsudo %s\n" "${0}"
  17.    exit 1
  18. fi
  19.  
  20.  
  21. # Reset the ufw config
  22. ufw --force reset
  23.          
  24. # let all incoming traffic pass
  25. ufw default allow incoming
  26. # and block outgoing by default
  27. ufw default deny outgoing
  28.  
  29. # Every communiction via VPN is considered to be safe
  30. ufw allow out on tun0
  31.  
  32. # Don't block the creation of the VPN tunnel
  33. ufw allow out $VPN_DST_PORT
  34. # Don't block DNS queries
  35. ufw allow out 53
  36.  
  37. # Allow local IPv4 connections
  38. ufw allow out to 10.0.0.0/8
  39. ufw allow out to 172.16.0.0/12
  40. ufw allow out to 192.168.0.0/16
  41. # Allow IPv4 local multicasts
  42. ufw allow out to 224.0.0.0/24
  43. ufw allow out to 239.0.0.0/8
  44.  
  45. # Allow local IPv6 connections
  46. ufw allow out to fe80::/64
  47. # Allow IPv6 link-local multicasts
  48. ufw allow out to ff01::/16
  49. # Allow IPv6 site-local multicasts
  50. ufw allow out to ff02::/16
  51. ufw allow out to ff05::/16
  52.  
  53. # Enable the firewall
  54. ufw enable
RAW Paste Data