vpnkillswitch 1.16 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
#!/bin/bash

# process arguments
while getopts ":edt:" opt; do
	case ${opt} in
		e)
			# ENABLE KILLSWITCH
			# Default policies
			sudo /usr/bin/ufw default deny incoming
			sudo /usr/bin/ufw default deny outgoing
			
			# Openvpn interface (adjust interface accordingly to your configuration)
			sudo /usr/bin/ufw allow out on tun0

			# Openvpn (adjust port accordingly to your vpn setup)
			sudo /usr/bin/ufw allow out to any port 1194
			;;
		d)
			# DISABLE KILLSWITCH
			sudo /usr/bin/ufw --force reset
			sudo /usr/bin/ufw enable

			# delete backUP rules from reset
			sudo /usr/bin/rm /etc/ufw/*.rules.*
			
			# reset to defaults and enable
			sudo /usr/bin/ufw default deny incoming
			sudo /usr/bin/ufw default allow outgoing
			;;
		t)	
			# ADD OUTGOING RULE
			echo "allow outgoing traffic to $OPTARG"
			sudo /usr/bin/ufw allow out to $OPTARG
			;;
	esac
done

if (( $OPTIND == 1 )); then
	echo " "
	echo -e "Please provide at least one of the following options:\n    -e"
	echo "        enable killswitch"
	echo "    -d"
	echo "        disable killswitch"
	echo "    -t [CIDR]"
	echo -e "        open outgoing ufw rule to a specific CIDR (ip address or range)\n"
fi