Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
vpn hotspot script
#!/storage/xbin/bash
# This script should help forward VPN over any tethered connection on a Android device. Turn on tethering, then enable VPN, then run this script.
# Inital variable setup
tethering=0
# Setup iptables before forwarding VPN
iptables -A POSTROUTING -o tun0 -j MASQUERADE -t nat
# Check if bluetooth is tethered, if so forward VPN
blue=$(/system/bin/ifconfig bt-pan 2>/dev/null | grep "UP" | wc -l)
blueIP=$(ifconfig bt-pan | grep "inet addr" | cut -d":" -f2 | cut -d' ' -f1 | cut -d'.' -f1-3)
if [[ "$blue" -gt 0 ]];
then
iptables -A FORWARD -i tun0 -o bt-pan -m state --state RELATED,ESTABLISHED -j RETURN
iptables -A FORWARD -i bt-pan -o tun0 -m state --state INVALID -j DROP
iptables -A FORWARD -i bt-pan -o tun0 -j RETURN
ip rule add from $blueIP.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add $blueIP.0/24 dev bt-pan scope link table 61
ip route add broadcast 255.255.255.255 dev bt-pan scope link table 61
blueTethered=1
tethering=1
echo "Set up VPN on Bluetooth sucessfully"
else
blueTethered=0
echo "Not tethering on Bluetooth"
fi
# Check if USB is tethered, if so forward VPN
usb=$(/system/bin/ifconfig rndis0 2>/dev/null | grep "UP" | wc -l)
usbIP=$(ifconfig rndis0 | grep "inet addr" | cut -d":" -f2 | cut -d' ' -f1 | cut -d'.' -f1-3)
if [[ "$usb" -gt 0 ]];
then
iptables -A FORWARD -i tun0 -o rndis0 -m state --state RELATED,ESTABLISHED -j RETURN
iptables -A FORWARD -i rndis0 -o tun0 -m state --state INVALID -j DROP
iptables -A FORWARD -i rndis0 -o tun0 -j RETURN
ip rule add from $usbIP.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add $usbIP.0/24 dev rndis0 scope link table 61
ip route add broadcast 255.255.255.255 dev rndis0 scope link table 61
usbTethered=1
tethering=1
else
usbTethered=0
echo "Not tethering on USB"
fi
# Check if WIFI is tethered, if so forward VPN
wifi=$(dumpsys wifi | grep curState=TetheredState | wc -l)
wifiIP=$(ifconfig wlan0 | grep "inet addr" | cut -d":" -f2 | cut -d' ' -f1 | cut -d'.' -f1-3)
if [[ "$wifi" -gt 0 ]];
then
iptables -A FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j RETURN
iptables -A FORWARD -i wlan0 -o tun0 -m state --state INVALID -j DROP
iptables -A FORWARD -i wlan0 -o tun0 -j RETURN
ip rule add from $wifiIP.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add $wifiIP.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
wifiTethered=1
tethering=1
echo "Set up VPN on WIFI successfully"
else
wifiTethered=0
echo "Not tethering on WIFI"
fi
# Clean up if no tethering is occuring
if [[ "$tethering" -eq 0 ]];
then
iptables -D POSTROUTING -o tun0 -j MASQUERADE -t nat
if [[ "$blueTethered" -gt 0 ]];
then
iptables -D FORWARD -i tun0 -o bt-pan -m state --state RELATED,ESTABLISHED -j RETURN
iptables -D FORWARD -i bt-pan -o tun0 -m state --state INVALID -j DROP
iptables -D FORWARD -i bt-pan -o tun0 -j RETURN
ip rule add from $blueIP.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add $blueIP.0/24 dev bt-pan scope link table 61
ip route add broadcast 255.255.255.255 dev bt-pan scope link table 61
fi
if [[ "$usbTethered" -gt 0 ]];
iptables -D FORWARD -i tun0 -o rndis0 -m state --state RELATED,ESTABLISHED -j RETURN
iptables -D FORWARD -i rndis0 -o tun0 -m state --state INVALID -j DROP
iptables -D FORWARD -i rndis0 -o tun0 -j RETURN
ip rule delete from $usbIP.0/24 lookup 61
ip route delete default dev tun0 scope link table 61
ip route delete $usbIP.0/24 dev rndis0 scope link table 61
ip route delete broadcast 255.255.255.255 dev rndis0 scope link table 61
fi
if [[ "$wifiTethered" -gt 0 ]];
iptables -D FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j RETURN
iptables -D FORWARD -i wlan0 -o tun0 -m state --state INVALID -j DROP
iptables -D FORWARD -i wlan0 -o tun0 -j RETURN
ip rule delete from $wifiIP.0/24 lookup 61
ip route delete default dev tun0 scope link table 61
ip route delete $wifiIP.0/24 dev wlan0 scope link table 61
ip route delete broadcast 255.255.255.255 dev wlan0 scope link table 61
echo "Cleaned up iptables rules since we are not tethering"
else
echo "Sucessfully forwarding VPN over tethering"
fi
@woojamwtj
Copy link

woojamwtj commented Nov 10, 2017

vpn_tethering

dear friend,
i use adb shell to connect to my android6.0 cell phone , type the shell commands. but it doesnot work. can you help me ?

@xbxolivesupport
Copy link

xbxolivesupport commented Sep 13, 2018

xsXasccd

@dimaslanjaka
Copy link

dimaslanjaka commented Jan 31, 2020

Turn hotspot first or vpn first ?

@ShapeShifter499
Copy link
Author

ShapeShifter499 commented Feb 7, 2020

@dimaslanjaka I posted this so long ago that I'm not even sure it's valid anymore for newer android devices. I'd recommend people here try another method or maybe this application https://f-droid.org/en/packages/be.mygod.vpnhotspot/

@dimaslanjaka
Copy link

dimaslanjaka commented Feb 20, 2020

your script still working. hotspot > vpn on > run script.
thanks

@ibnusaja
Copy link

ibnusaja commented May 14, 2021

your script still working. hotspot > vpn on > run script.
thanks

Hello bro, where should i put this script on the path?

@dimaslanjaka
Copy link

dimaslanjaka commented May 18, 2021

Hello bro, where should i put this script on the path?

@ibnusaja. Taruh dimana saja. asal call root dahulu.

# misal di sdcard
su
cd sdcard
sh vpn-hotspot.sh #/sdcard/vpn-hotspot.sh

# OR

su
sh /sdcard/vpn-hotspot.sh

# OR termux dynamic shell script
bash <(curl -s https://gist.githubusercontent.com/ShapeShifter499/2aed7b6975b31341ea606ad8fea3fc09/raw/68907a15616c68578e303542c34596504cdfc8fc/vpn-hotspot.sh)

@ary0544
Copy link

ary0544 commented Dec 25, 2021

Wlan0 bt-pan usb ip failed to get it here i am replace with this ,its workit on my device
ifconfig wlan0 | egrep -o 'inet [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | cut -d' ' -f2 | cut -d'.' -f1-3

@ary0544
Copy link

ary0544 commented Dec 25, 2021

But there was no internet aces to the client when using this script ,event not edited script ,and thats was make my phone bootloop

@ary0544
Copy link

ary0544 commented Dec 25, 2021

Ilang postingan gue joss

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment