-
-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathsetup.sh
126 lines (102 loc) · 2.36 KB
/
setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/usr/bin/env bash
set -euo pipefail
[[ -n ${DEBUG:-} ]] && set -x
# Intialize variables
PROVIDER="${PROVIDER:-generic}"
VPN_TYPE="${VPN_TYPE:-openvpn}"
export VPN_TYPE
create_tun() {
mkdir -p /dev/net
[[ -c /dev/net/tun ]] || mknod -m 0666 /dev/net/tun c 10 200
}
isfile() {
if [[ -r "${1:-}" ]]; then
true
return
fi
false
return
}
# Check for CAP_NET_ADMIN and CAP_NET_RAW
if ! iptables -nL >/dev/null 2>&1; then
>&2 echo "Container requires CAP_NET_ADMIN and CAP_NET_RAW," \
"add using '--cap-add=NET_ADMIN --cap-add=NET_RAW'."
exit 1
fi
# Check for a valid Provider
case "${PROVIDER}" in
"cyberghost")
echo "Loading CyberGhost..."
;;
"generic")
echo "Loading Generic $VPN_TYPE..."
UNAME="generic"
PASSWD="generic"
;;
"ipvanish")
echo "Loading IPVanish..."
;;
"nord")
echo "Loading NordVPN..."
;;
"pia")
echo "Loading Private Internet Access..."
;;
"surfshark")
echo "Loading SurfShark..."
;;
"tor")
echo "Loading Tor Network Proxy..."
;;
"torguard")
echo "Loading TorGuard..."
;;
"tunnelbear")
echo "Loading TunnelBear..."
;;
*)
echo "Invalid Provider"
exit 1
;;
esac
# Set Location of iptables File
IPV4_FPATH="./iptables/v4/${PROVIDER}"
IPV6_FPATH="./iptables/v6/${PROVIDER}"
# Double check to make sure file exists
if isfile "${IPV4_FPATH}" && isfile "${IPV6_FPATH}"; then
iptables-restore "${IPV4_FPATH}" || {
echo "Error Loading IPv4 iptables";
exit 1
}
# Check for IPV6 Support
if test -f /proc/net/if_inet6; then
ip6tables-restore "${IPV6_FPATH:-./iptables/v6/block_all}" >/dev/null 2>&1 || echo "modprobe ip6table_filter for IPv6 Support."
fi
else
echo "Invalid iptables file [${IPV4_FPATH}, ${IPV6_FPATH}]"
exit 1
fi
# Check if Username and Password are Populated
if [ "${PROVIDER}" != "tor" ]; then
if [[ -z ${UNAME:-} || -z ${PASSWD:-} ]]; then
printf "%s\n" "Missing Username or Password";
exit 1;
else
rm -f /dev/shm/auth_file
cat <<EOT > /dev/shm/auth_file
$UNAME
$PASSWD
EOT
chmod 0600 /dev/shm/auth_file
fi
fi
# Cloudflare DNS
# TODO: DoT over VPN
echo 'nameserver 1.1.1.1' > /etc/resolv.conf
create_tun
# Load Provider
spath="./scripts/${PROVIDER}.sh"
if [ -r "${spath}" ]; then
# shellcheck source=/dev/null
/bin/bash "${spath}"
fi