mfaltys
/
seedpod
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Add killswitch

master
Matthew Faltys 7 years ago
parent
eec4eaa4cb
commit
0304f70c35
2 changed files with 17 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      Makefile
  2. 16
      deps/run.sh

1
Makefile
Unescape View File

@ -21,6 +21,7 @@ run:
-d \
--name seedpod \
--cap-add=NET_ADMIN \
--cap-add=NET_RAW \
--device=/dev/net/tun \
--dns=8.8.8.8 \
-p 9091:9091 \

16
deps/run.sh vendored
Unescape View File

@ -1,4 +1,18 @@
#!/bin/ash
openvpn /config.ovpn &
# add killswitch rules
iptables -A INPUT -i tun+ -j ACCEPT
iptables -A OUTPUT -o tun+ -j ACCEPT
iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -d 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 9091 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 9091 -j ACCEPT
iptables -I OUTPUT 1 -m owner --uid-owner root -p udp --dport 53 -j ACCEPT
iptables -A OUTPUT -m mark ! --mark 0x1 ! -o tun+ -j DROP
# start openvpn with killswitch whitelist mark
openvpn --mark 1 --config /config.ovpn &
# start transmission
transmission-daemon --foreground --config-dir /transmission

Write Preview
Loading…
Cancel
Save