Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #! /bin/bash
- # This script enables policy routing after the tunnel interface is brought up
- # Policy routing is used to make sure response packets go through the tunnel interface
- # This is mandatory when your ISP has setup anti-spoofing filters
- # Add a default route via tun0 into the VPN routing table
- ip route add default dev $1 table VPN
- # Pass traffic from lo:1 (192.168.10.1) to the VPN routing table, using policy routing ("ip rule" commands)
- ip rule add from 192.168.10.1/32 table VPN
- # Pass traffic from tur0 IP address to the VPN routing table
- ip rule add from $4/32 table VPN
- #sed -i 's/\(\"bind-address-ipv4\":\).*/\1\ \"'"$4"'\",/' /etc/transmission-daemon/settings.json
- #On ajoute les règles iptables pour faire le NAT
- # Source NAT and destination NAT rules to make sure the incoming and ougoing packets on 192.168.10.1 are $
- iptables -A PREROUTING -t nat -i $1 -p tcp --dport 443 -j DNAT --to 192.168.10.1
- iptables -A PREROUTING -t nat -i $1 -p udp --dport 443 -j DNAT --to 192.168.10.1
- iptables -A POSTROUTING -t nat -o $1 -j MASQUERADE
- # Allow session continuation traffic
- iptables -A INPUT -i $1 -m state --state RELATED,ESTABLISHED -j ACCEPT
- # Allow Bittorrent traffic via tun0
- iptables -A SERVICES -p tcp --dport 51413 -j ACCEPT # rTorrent random range
- iptables -A SERVICES -p udp --dport 51413 -j ACCEPT # DHT
- # Disallow BitTorrent traffic via eth0 - Just to be extra safe ;)
- iptables -A FORWARD -s 192.168.10.1/32 -o eth0 -j DROP
- #Démarrage de transmission
- /etc/init.d/transmission-daemon restart
- #Démarrage du script vérifiant que le VPN est toujours actif
- killall checkVPN
- /usr/bin/checkVPN &
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement