Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- tempDir='/tmp/nord'
- serversIpList='serversIpList'
- enableKillSwitchScript='/home/goog/Documents/Enable_VPN_Kill_Switch.sh'
- wifiInterfaceName='wlp2s0'
- connectionProtocol='udp'
- connectionPort='1194'
- linkToOvpnZip='https://nordvpn.com/api/files/zip'
- # Download new IP list
- printf "\nCreating temporary directory"
- mkdir $tempDir
- printf "\nDownloading new VPN config files\n"
- wget --directory-prefix=$tempDir $linkToOvpnZip
- printf "\nExtracting IPs from config files"
- unzip -q $tempDir/zip -d $tempDir
- grep -h "remote " $tempDir/*ovpn | cut -d ' ' -f 2 | sort -u > $tempDir/$serversIpList
- #Create script that will enable kill switch$enableKillSwitchScript
- printf "\nCreating new Kill Switch Script"
- rm -f $enableKillSwitchScript
- touch $enableKillSwitchScript
- echo "#!/bin/bash" >> $enableKillSwitchScript
- echo "iptables --flush" >> $enableKillSwitchScript
- echo "iptables --delete-chain" >> $enableKillSwitchScript
- echo "iptables -t nat --flush" >> $enableKillSwitchScript
- echo "iptables -t nat --delete-chain" >> $enableKillSwitchScript
- echo "iptables -P OUTPUT DROP" >> $enableKillSwitchScript
- echo "iptables -A INPUT -j ACCEPT -i lo" >> $enableKillSwitchScript
- echo "iptables -A OUTPUT -j ACCEPT -o lo" >> $enableKillSwitchScript
- IP_LIST=$(tr '\n' ' ' < $tempDir/$serversIpList)
- for IP in $IP_LIST; do
- echo "echo 'adding rules for IP: $IP'" >> $enableKillSwitchScript
- echo "iptables -A OUTPUT -j ACCEPT -d $IP/27 -o $wifiInterfaceName -p $connectionProtocol -m $connectionProtocol --dport $connectionPort" >> $enableKillSwitchScript
- echo "iptables -A INPUT -j ACCEPT -s $IP/27 -i $wifiInterfaceName -p $connectionProtocol -m $connectionProtocol --sport $connectionPort" >> $enableKillSwitchScript
- done
- echo "iptables -A INPUT -j ACCEPT -i tun0" >> $enableKillSwitchScript
- echo "iptables -A OUTPUT -j ACCEPT -o tun0" >> $enableKillSwitchScript
- echo "iptables -A INPUT --src 192.168.0.0/24 -j ACCEPT -i $wifiInterfaceName" >> $enableKillSwitchScript
- echo "iptables -A OUTPUT -d 192.168.0.0/24 -j ACCEPT -o $wifiInterfaceName" >> $enableKillSwitchScript
- echo "iptables -A INPUT -j DROP" >> $enableKillSwitchScript
- echo "iptables -A OUTPUT -j DROP" >> $enableKillSwitchScript
- echo "printf '\nVPN Kill Switch Enabled!\n'" >> $enableKillSwitchScript
- printf "\nClening up"
- chmod 744 $enableKillSwitchScript
- rm -rf $tempDir
- printf "\nDone. \nKill Switch Script is here: $enableKillSwitchScript\n"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement