Fixes firewall rules and corrects routes that may have been overwritten by a VPN client.

vpn_fix.sh

#!/usr/bin/env bash
# You must have sudo ability on your machine

machine=${1:-"default"}

if [[ ! $(docker-machine ls | grep ${machine}) ]]; then
  echo "${machine} is not a docker-machine"
  exit 1
fi

# check ipfw firewall rules
# TODO support pf (new as of Yosemite)
type "ipfw" > /dev/null 2>&1
if [ $? -ne 0 ]; then
  fwrule=`sudo ipfw -a list | grep "deny ip from any to any"`
  fwrule_id=`echo $fwrule | awk '{ print $1 }'`
  if [ "$fwrule" != "" ]; then
    echo "Found blocking firewall rule: $(tput setaf 1)${fwrule}$(tput sgr0)"
    printf "Deleting rule ${fwrule_id} ... "
    sudo ipfw delete ${fwrule_id}
    if [ $? == 0 ]; then
      echo "$(tput setaf 2)[OK]$(tput sgr0)"
    else
      echo "$(tput setaf 1)[FAIL]$(tput sgr0)"
      exit 1
    fi
  else
      echo "No rules found. You are good to go"
  fi
fi

# overwrite bad routes
dm_ip=`docker-machine ip ${machine} | awk -F. '{print $1"."$2"."$3".0/24"}'` 
docker_interface=$(VBoxManage showvminfo ${machine} | grep -o -E 'vboxnet\d\d?')
if [ -z "${docker_interface}" ]; then
  echo "No docker VM found!"
  exit 1
else
  echo "Found docker interface at $(tput setaf 1)${docker_interface}$(tput sgr0). Changing routes ..."
  sudo route delete ${dm_ip} && sudo route add -net ${dm_ip} -interface ${docker_interface}

  if [ $? == 0 ]; then
      echo "$(tput setaf 2)[OK]$(tput sgr0)"
  else
      echo "$(tput setaf 1)[FAIL]$(tput sgr0)"
      exit 1
  fi
fi