Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#!/bin/bash -e
if [ "$EUID" -ne 0 ]; then
echo "You are not root." >&2
exit 1
fi
remote_ip="169.229.10.47" # vpn.ocf.berkley.edu
port="1194"
proto="udp"
gateway=$(/sbin/ip -4 route list default | head -n1 | cut -d' ' -f3)
route="$remote_ip via $gateway"
echo "Need to add a special route for $remote_ip:"
echo -e "\t$route"
ip route del "$remote_ip" > /dev/null 2>&1 || true # remove if exists
ip route add $route
echo "Added route."
# openvpn calls the "up" script with a bunch of extra arguments;
# we only need the first, but can't disable this behavior, so we make a new
# temporary binary to do it for us
tmp=$(mktemp)
cat > "$tmp" <<EOF
#!/bin/sh -e
/sbin/dhclient "\$1" &
EOF
chmod +x "$tmp" # this might fail if /tmp is noexec... meh
# start the vpn (in foreground)
echo "Starting openvpn..."
openvpn --remote "$remote_ip" "$port" "$proto" --comp-lzo --dev tap \
--auth-user-pass --ca vpn.crt --client \
--script-security 2 --up "$tmp" --route-noexec
echo "Cleaning up..."
rm "$tmp"
/sbin/dhclient -r tap0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment