Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- ##############################################
- # ACPR (Automated Custom Policy Routing) v1.4
- ##############################################
- # This script automates adding IPs into the OpenVPN policy
- # routing without using the GUI and especially NVRAM space.
- ##############################################
- # One line for reference. You can specify 2 types of inputs
- # A) Individual IP
- # B) domain name
- ##############################################
- # For multiple OpenVPN client you need a different script
- # per OpenVPN Client in use. Set each script with the
- # correct variable here below.
- # ipsetpolicy for OpenVPN client1 = vpnrouting311
- # ipsetpolicy for OpenVPN client2 = vpnrouting312
- # ipsetpolicy for OpenVPN client3 = vpnrouting313
- # Call each script with a different filename. e.g.
- # acpr_vpn1.sh
- # acpr_vpn2.sh
- # acpr_vpn3.sh
- ipsetpolicy=vpnrouting311
- # pick up a public server you're not using.
- # This is to be used exclusively to resolve the
- # domains via the VPN and then to be forgotten
- DNSIP="9.9.9.9"
- # Add your domains in this variable
- CustomPolicyRouting="
- 10.0.0.1
- ferrari.com
- "
- ##############################################
- ####### Do not edit below this line ##########
- alias plog='logger -t "| ACPR" -s'
- addme () {
- ipset -T $ipsetpolicy $1 >/dev/null 2>&1 && echo "| ACPR: $2 existing. SKIPPING." || ( ipset -A $ipsetpolicy ${1%*/32} 2> /dev/null && ipset -T $ipsetpolicy $1 >/dev/null 2>&1 && plog "$2 Successfully ADDED." || plog "!!! $2 could NOT be added!!!")
- }
- removeme () {
- ipset -D $ipsetpolicy $1 >/dev/null 2>&1 && plog "$2 REMOVED."
- }
- echo $CustomPolicyRouting | tr " " "\n" | grep -Ev "^#|^$" | tr -d "\r" |
- (
- plog "Automated Custom Policy Routing - Import Started."
- #Secure DNS resolution
- ipset -T $ipsetpolicy $DNSIP >/dev/null 2>&1 && removedns=0 || removedns=1
- if [[ $removedns -eq "1" ]]; then
- addme $DNSIP "~~~ SERVER FOR SECURE NSLOOKUP ~~~"
- fi
- while read IP
- do
- q=0
- n=`echo $(( $n + 1 ))`
- # Within script domain
- echo "$IP" | grep -E "(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9])" >/dev/null 2>&1 && q=1
- # Within script given IP
- echo "$IP" | grep -Eo "^([2][5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5]|[2][0-4][0-9]|[1][0-9][0-9]|[0-9][0-9]|[0-9])$" >/dev/null 2>&1 && q=2
- if [[ $q -eq 1 ]]; then
- nslookup $IP $DNSIP | grep "Address [0-9]*:" | grep -v 127.0.0.1 | grep -v "\:\:" | grep -Eo "(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])" |
- while read IPR
- do
- addme $IPR $IP
- done
- elif [[ $q -eq 2 ]]; then
- addme $IP $IP
- fi
- done
- if [[ $removedns -eq "1" ]]; then
- removeme $DNSIP "~~~ SERVER FOR SECURE NSLOOKUP ~~~"
- fi
- plog "Automated Custom Policy Routing - Import Completed. $n references processed."
- )
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement