Skip to content

Instantly share code, notes, and snippets.


Adam Ayala swoopsta

View GitHub Profile
swoopsta /
Last active May 11, 2017
Port Forwarding for Raspberry Pi 3 Split VPN for PIA and Transmission
#!/usr/bin/env bash
# Author: Adam Ayala
# Adapted from
# Author: Mike
# Based on
# Set path for root Cron Job
swoopsta /
Last active Apr 10, 2018
IP Tables for VPN LXC Instance
#! /bin/bash
# Flush
iptables -t nat -F
iptables -t mangle -F
iptables -F
iptables -X
# Flush V6
ip6tables -t nat -F
swoopsta /
Created May 4, 2017
Make VPN loopback failsafe
#! /bin/bash
GATEWAYIP=$(ifconfig $VPNIF | egrep -o '([0-9]{1,3}\.){3}[0-9]{1,3}' | egrep -v '255|(127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})' | tail -n1)
if [[ `ip rule list | grep -c 0x1` == 0 ]]; then
ip rule add from all fwmark 0x1 lookup $VPNUSER
ip route replace default via $GATEWAYIP table $VPNUSER
ip route append default via dev lo table $VPNUSER
swoopsta /
Last active May 12, 2017
PIA Port Forwarding For Transmission
#!/usr/bin/env bash
# Enable port forwarding when using Private Internet Access
echo 'Loading port forward assignment information...'
pia_client_id=`head -n 100 /dev/urandom | sha256sum | tr -d " -"` forwarded_port=$(curl "\?client_id=$pia_client_id" 2>/dev/null | awk -F ':' '{ print $2 }'| awk -F '}' '{ print $1 }')
json=`curl "$client_id" 2>/dev/null`
if [ "$json" == "" ]; then
echo "Port forwarding is already activated on this connection, has expired, or you are not connected to a PIA region that supports port forwarding"
View gist:ebd6fbe79ae23bc7b268568728926ae8
* Template Name: Example Custom Template
* See the codex entry on custom template for more information:
* Add html above or below the_content inside the comments
* Add php snippets as well with their own opening and closing php
global $avia_config, $post;
View Whitelist Cloudflare
# Source:
for i in `curl`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
for i in `curl`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
# Avoid racking up billing/attacks
# WARNING: If you get attacked and CloudFlare drops you, your site(s) will be unreachable.
iptables -A INPUT -p tcp -m multiport --dports http,https -j DROP
View WP Perms
# This script configures WordPress file permissions based on recommendations
# from
# Author: Michael Conigliaro
View Gravity Email
<title>New submission from Upload Documents</title>
<table width="99%" border="0" cellpadding="1" cellspacing="0" bgcolor="#EAEAEA"><tr><td>
<table width="100%" border="0" cellpadding="5" cellspacing="0" bgcolor="#FFFFFF">
<tr bgcolor="#EAF2FA">
<td colspan="2">
<font style="font-family: sans-serif; font-size:12px;"><strong>File</strong></font>
swoopsta /
Last active Mar 2, 2021 — forked from GAS85/
Force Torrent/user Traffic through VPN Split Tunnel on Ubuntu 18.04

Difference to Original:

  1. Add random VPN Land change on start/restart.
  2. Add IP Tables rules that avoid nginx reverse proxy usage.

Lets start

You have fullcontrol over which applications you want to route over VPN. You will have an Automatic Kill Switch implemented (using firewall rules) so if your VPN connection drops or breaks, your real IP address will not be revealed and torrent traffic will stop. DNS leaks are also prevented. Remote access to your Torrent client of choice (Transmission or Deluge) is possible.

View Split Tunnel In An LXC Container
Finally Got it. It's not a split tunnel since that would be fairly redundant in a container.
Cloned LXC Container named vpn
Changed Config. Added this to the vpn config:
# Allow Tun Device
lxc.cgroup.devices.allow = c 10:200 rwm
# Run an autodev hook to setup the device
lxc.autodev = 1
lxc.hook.autodev = /lxc/vpn/autodev