#!/bin/ash


# add killswitch rules
iptables -A INPUT -i tun+ -j ACCEPT
iptables -A OUTPUT -o tun+ -j ACCEPT
iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -d 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 9091 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 9091 -j ACCEPT
iptables -I OUTPUT 1 -m owner --uid-owner root -p udp --dport 53 -j ACCEPT
iptables -A OUTPUT -m mark ! --mark 0x1 ! -o tun+ -j DROP

# start openvpn with killswitch whitelist mark
openvpn --mark 1 --config /openvpn/config.ovpn &

# start transmission
transmission-daemon --foreground --config-dir /transmission