theodric/killswitch.txt

## killswitch.txt
cat /etc/udev/rules.d/81-vpn-firewall.rules
KERNEL=="tun0", ACTION=="add", RUN+="/usr/bin/forward.sh add"
KERNEL=="tun0", ACTION=="remove", RUN+="/usr/bin/forward.sh remove"

cat /usr/bin/forward.sh
#!/bin/bash
#
# forward.sh
# VER 0.1
#
# Reloads the ferm firewall ruleset and is invoked by
# the udev via /etc/udev/rules.d/81-vpn-firewall.rules.
#
#

LOGGER=/usr/bin/logger
LOGGER_TAG=$0

UDEV_ACTION=$1

MSG_FW_RULE_ADD="Enabling forwarding"
MSG_FW_RULE_REMOVE="Disabling forwarding"
MSG_UDEV_ACTION_UNKNOWN="dafuq"

case "$UDEV_ACTION" in
    add)
        $LOGGER -t $LOGGER_TAG $MSG_FW_RULE_ADD
        $FERM $FERM_CONF
        sysctl net.ipv4.ip_forward=1
        ;;
    remove)
        $LOGGER -t $LOGGER_TAG $MSG_FW_RULE_REMOVE
        sysctl net.ipv4.ip_forward=0
        $FERM $FERM_CONF
        ;;
    *)
        $LOGGER -t $LOGGER_TAG $MSG_UDEV_ACTION_UNKNOWN
        exit 1
esac
	cat /etc/udev/rules.d/81-vpn-firewall.rules
	KERNEL=="tun0", ACTION=="add", RUN+="/usr/bin/forward.sh add"
	KERNEL=="tun0", ACTION=="remove", RUN+="/usr/bin/forward.sh remove"

	cat /usr/bin/forward.sh
	#!/bin/bash
	#
	# forward.sh
	# VER 0.1
	#
	# Reloads the ferm firewall ruleset and is invoked by
	# the udev via /etc/udev/rules.d/81-vpn-firewall.rules.
	#
	#

	LOGGER=/usr/bin/logger
	LOGGER_TAG=$0

	UDEV_ACTION=$1

	MSG_FW_RULE_ADD="Enabling forwarding"
	MSG_FW_RULE_REMOVE="Disabling forwarding"
	MSG_UDEV_ACTION_UNKNOWN="dafuq"

	case "$UDEV_ACTION" in
	add)
	$LOGGER -t $LOGGER_TAG $MSG_FW_RULE_ADD
	$FERM $FERM_CONF
	sysctl net.ipv4.ip_forward=1
	;;
	remove)
	$LOGGER -t $LOGGER_TAG $MSG_FW_RULE_REMOVE
	sysctl net.ipv4.ip_forward=0
	$FERM $FERM_CONF
	;;
	*)
	$LOGGER -t $LOGGER_TAG $MSG_UDEV_ACTION_UNKNOWN
	exit 1
	esac