Advertisement
rs232

ACPR

Dec 18th, 2018
261
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 3.29 KB | None | 0 0
  1. #!/bin/sh
  2. ##############################################
  3. # ACPR (Automated Custom Policy Routing) v1.4
  4. ##############################################
  5. # This script automates adding IPs into the OpenVPN policy
  6. # routing without using the GUI and especially NVRAM space.
  7. ##############################################
  8. # One line for reference. You can specify 2 types of inputs
  9. # A) Individual IP
  10. # B) domain name
  11. ##############################################
  12. # For multiple OpenVPN client you need a different script
  13. # per OpenVPN Client in use. Set each script with the
  14. # correct variable here below.
  15. # ipsetpolicy for OpenVPN client1 = vpnrouting311
  16. # ipsetpolicy for OpenVPN client2 = vpnrouting312
  17. # ipsetpolicy for OpenVPN client3 = vpnrouting313
  18. # Call each script with a different filename. e.g.
  19. # acpr_vpn1.sh
  20. # acpr_vpn2.sh
  21. # acpr_vpn3.sh
  22.  
  23. ipsetpolicy=vpnrouting311
  24.  
  25. # pick up a public server you're not using.
  26. # This is to be used exclusively to resolve the
  27. # domains via the VPN and then to be forgotten
  28. DNSIP="9.9.9.9"
  29.  
  30. # Add your domains in this variable
  31. CustomPolicyRouting="
  32. 10.0.0.1
  33. ferrari.com
  34. "
  35.  
  36. ##############################################
  37. ####### Do not edit below this line ##########
  38.  
  39. alias plog='logger -t "| ACPR" -s'
  40.  
  41. addme () {
  42. ipset -T $ipsetpolicy $1 >/dev/null 2>&1 &&  echo "| ACPR: $2 existing. SKIPPING." || ( ipset -A $ipsetpolicy ${1%*/32} 2> /dev/null && ipset -T $ipsetpolicy $1 >/dev/null 2>&1 && plog "$2 Successfully ADDED." || plog "!!! $2 could NOT be added!!!")
  43. }
  44.  
  45. removeme () {
  46. ipset -D $ipsetpolicy $1 >/dev/null 2>&1 &&  plog "$2 REMOVED."
  47. }
  48.  
  49. echo $CustomPolicyRouting | tr " " "\n" | grep -Ev "^#|^$" | tr -d "\r" |
  50.    (
  51.         plog "Automated Custom Policy Routing - Import Started."
  52.         #Secure DNS resolution
  53.         ipset -T $ipsetpolicy $DNSIP >/dev/null 2>&1 && removedns=0 || removedns=1
  54.         if [[ $removedns -eq "1" ]]; then
  55.         addme $DNSIP "~~~ SERVER FOR SECURE NSLOOKUP ~~~"
  56.         fi
  57.         while read IP
  58.                 do
  59.                 q=0
  60.                 n=`echo $(( $n + 1 ))`
  61.                 # Within script domain
  62.                 echo "$IP" | grep -E "(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9])" >/dev/null 2>&1 && q=1
  63.                 # Within script given IP
  64.                 echo "$IP" | grep -Eo "^([2][5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5]|[2][0-4][0-9]|[1][0-9][0-9]|[0-9][0-9]|[0-9])$" >/dev/null 2>&1 && q=2
  65.                         if [[ $q -eq 1 ]]; then
  66.                                            nslookup $IP $DNSIP | grep "Address [0-9]*:" | grep -v 127.0.0.1 | grep -v "\:\:" | grep -Eo "(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])" |
  67.                                                                            while read IPR
  68.                                                                            do
  69.                                                                            addme $IPR $IP
  70.                                                                            done
  71.                         elif [[ $q -eq 2 ]]; then
  72.                                                                            addme $IP $IP
  73.                         fi
  74.                 done
  75.         if [[ $removedns -eq "1" ]]; then
  76.         removeme $DNSIP "~~~ SERVER FOR SECURE NSLOOKUP ~~~"
  77.         fi
  78.         plog "Automated Custom Policy Routing - Import Completed. $n references processed."
  79.         )
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement