-
-
Save rfwatson/2d684ea3378900af3c886b72a2c79365 to your computer and use it in GitHub Desktop.
Force a VPN connection for all WiFi networks, except those included in a list of trusted SSIDs. Save to /etc/NetworkManager/dispatcher.d/vpn and enable NetworkManager-dispatcher.service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| wan_iface = '<wifi network interface>' | |
| vpn_name = '<vpn connection name in NetworkManager>' | |
| trusted_ssids = ['<trusted>', '<wifi SSIDs>'] | |
| ssid = `iwgetid -r`.chomp | |
| interface, status = ARGV[0..1] | |
| exit unless interface == wan_iface | |
| def conn_up?(conn) | |
| system('nmcli conn show -a | grep -q "^%s\b"' % conn) | |
| end | |
| case status | |
| when 'up', 'vpn-down' | |
| if !trusted_ssids.include?(ssid) && !conn_up?(vpn_name) | |
| `nmcli conn up id "#{vpn_name}"` | |
| end | |
| when 'down' | |
| if conn_up?(vpn_name) | |
| `nmcli conn down id "#{vpn_name}"` | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment