Skip to content

Instantly share code, notes, and snippets.

@EpiphanyMachine

EpiphanyMachine/pia-iptm

Created April 26, 2015 00:57
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save EpiphanyMachine/15a95548ae3dcef0450f to your computer and use it in GitHub Desktop.
Save EpiphanyMachine/15a95548ae3dcef0450f to your computer and use it in GitHub Desktop.
Download ZIP
PIA Iptables Manager v0.5
Raw
pia-iptm
#!/bin/bash
# PIA Iptables Manager
# Version 0.5
# Modified by: EpiphanyMachine@gmail.com
# Originally Created by ShadowSpectre <shadowspectre@tormail.org>
# https://www.privateinternetaccess.com/forum/discussion/1151/pia-iptables-manager-new
clear
echo ".: PIA Iptables Manager v0.4 :."
echo ""
start() {
clear
echo ".: Warning :."
echo ""
echo "CONNECT TO VPN SERVER NOW."
echo ""
echo "YOU MUST BE CONNECTED TO THE VPN BEFORE PROCEEDING OR THE IPTABLES WILL NOT BE CONFIGURED PROPERLY."
echo ""
echo "Press ENTER to proceed."
read pause
clear
IP=$(wget https://duckduckgo.com/?q=whats+my+ip -q -O - | grep -Eo '\<[[:digit:]]{1,3}(\.[[:digit:]]{1,3}){3}\>')
iptables -F
iptables -A INPUT -i tun+ -j ACCEPT
iptables -A OUTPUT -o tun+ -j ACCEPT
iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -d 127.0.0.1 -j ACCEPT
iptables -A INPUT -s $IP -j ACCEPT
iptables -A OUTPUT -d $IP -j ACCEPT
echo "Iptables have been set."
sleep 2
clear
}
stop() {
iptables -F
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -j ACCEPT
clear
echo "Iptables have been cleared."
sleep 2
clear
}
status() {
clear
echo ".: Status :."
echo ""
IP=$(wget https://duckduckgo.com/?q=whats+my+ip -q -O - | grep -Eo '([0-9]{1,3}[\.]){3}[0-9]{1,3}')
IPTABLES=$(iptables -S)
OFF="-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -j ACCEPT
-A OUTPUT -j ACCEPT"
ON="-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i tun+ -j ACCEPT
-A INPUT -s 127.0.0.1/32 -j ACCEPT
-A INPUT -s $IP/32 -j ACCEPT
-A OUTPUT -o tun+ -j ACCEPT
-A OUTPUT -d 127.0.0.1/32 -j ACCEPT
-A OUTPUT -d $IP/32 -j ACCEPT"
if [ "$IPTABLES" = "$OFF" ]; then
echo "Status: Inactive"
elif [ "$IPTABLES" = "$ON" ]; then
echo "Status: Active"
else
echo "Status: Custom iptables configuration"
echo ""
echo "Either deactivate or reactivate. If you have another iptables firewall you may need to disable that while connected to the vpn."
fi
echo ""
echo "Press ENTER to return to the MENU."
read pause
clear
}
credits() {
clear
echo ".: Credits :."
echo ""
echo "PIA Iptables Manager v0.4"
echo "Created by ShadowSpectre"
echo "Email: shadowspectre@tormail.org"
echo "Donate: 1MMgC7fD91bGsc8AnFNAd2DfV9n1gBfMfn"
echo ""
echo "I'd appreciate any comments/suggestions!"
echo "Email me or find the original thread of the PIA forums and post your comment!"
echo ""
echo "Press ENTER to return to the MENU."
read pause
clear
}
quit() {
stop
echo "PIA Iptables Manager will now close."
sleep 1
clear
exit
}
invalid() {
clear
echo ".: Invalid Option :."
echo ""
echo "I'm sorry, but that was an invalid option."
echo "Try entering a number like 1, 2, 3, 4, or 5."
echo ""
echo "Press ENTER to return to the MENU."
read pause
clear
}
while :
do
cat << !
.: Menu :.
1. Activate
2. Deactivate
3. Status
4. Credits
5. Quit
!
echo -n "Command: "
read choice
case $choice in
1) start ;;
2) stop ;;
3) status ;;
4) credits ;;
5) quit ;;
*) invalid ;;
esac
done
@schummbo
Copy link

schummbo commented Jun 7, 2017

I know this was awhile ago, but I just came across this. I can't seem to get this to act as a kill switch. When I run this, the script says it was activated. But then if I kill my VPN, I can still ping external servers and it appears the the kill switch didn't do anything.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment