daily pastebin goal
40%
SHARE
TWEET

ufw4vpn

bt90 Sep 29th, 2013 895 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. ###########################################
  3. #          Created by Thomas Butz         #
  4. #   E-Mail: btom1990(at)googlemail.com    #
  5. #  Feel free to copy & share this script  #
  6. ###########################################
  7.  
  8. # Adapt this value to your config!
  9. VPN_DST_PORT=3478
  10.  
  11. # Don't change anything beyond this point
  12. ###########################################
  13.  
  14. # Check for root priviliges
  15. if [[ $EUID -ne 0 ]]; then
  16.    printf "Please run as root:\nsudo %s\n" "${0}"
  17.    exit 1
  18. fi
  19.  
  20.  
  21. # Reset the ufw config
  22. ufw --force reset
  23.          
  24. # let all incoming traffic pass
  25. ufw default allow incoming
  26. # and block outgoing by default
  27. ufw default deny outgoing
  28.  
  29. # Every communiction via VPN is considered to be safe
  30. ufw allow out on tun0
  31.  
  32. # Don't block the creation of the VPN tunnel
  33. ufw allow out $VPN_DST_PORT
  34. # Don't block DNS queries
  35. ufw allow out 53
  36.  
  37. # Allow local IPv4 connections
  38. ufw allow out to 10.0.0.0/8
  39. ufw allow out to 172.16.0.0/12
  40. ufw allow out to 192.168.0.0/16
  41. # Allow IPv4 local multicasts
  42. ufw allow out to 224.0.0.0/24
  43. ufw allow out to 239.0.0.0/8
  44.  
  45. # Allow local IPv6 connections
  46. ufw allow out to fe80::/64
  47. # Allow IPv6 link-local multicasts
  48. ufw allow out to ff01::/16
  49. # Allow IPv6 site-local multicasts
  50. ufw allow out to ff02::/16
  51. ufw allow out to ff05::/16
  52.  
  53. # Enable the firewall
  54. ufw enable
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top