Skip to content
GitLab
Switch branch/tag
Find file Normal viewHistoryPermalink
vpnkillswitch 1.16 KB
Newer Older
Jay Ta'ala's avatar
Switched to single script which can enable, disable, or -t option. Removed...  
Jay Ta'ala committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46 
#!/bin/bash

# process arguments
while getopts ":edt:" opt; do
	case ${opt} in
		e)
			# ENABLE KILLSWITCH
			# Default policies
			sudo /usr/bin/ufw default deny incoming
			sudo /usr/bin/ufw default deny outgoing
			
			# Openvpn interface (adjust interface accordingly to your configuration)
			sudo /usr/bin/ufw allow out on tun0

			# Openvpn (adjust port accordingly to your vpn setup)
			sudo /usr/bin/ufw allow out to any port 1194
			;;
		d)
			# DISABLE KILLSWITCH
			sudo /usr/bin/ufw --force reset
			sudo /usr/bin/ufw enable

			# delete backUP rules from reset
			sudo /usr/bin/rm /etc/ufw/*.rules.*
			
			# reset to defaults and enable
			sudo /usr/bin/ufw default deny incoming
			sudo /usr/bin/ufw default allow outgoing
			;;
		t)	
			# ADD OUTGOING RULE
			echo "allow outgoing traffic to $OPTARG"
			sudo /usr/bin/ufw allow out to $OPTARG
			;;
	esac
done

if (( $OPTIND == 1 )); then
	echo " "
	echo -e "Please provide at least one of the following options:\n    -e"
	echo "        enable killswitch"
	echo "    -d"
	echo "        disable killswitch"
	echo "    -t [CIDR]"
	echo -e "        open outgoing ufw rule to a specific CIDR (ip address or range)\n"
fi