UBports Robot Logo UBports Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    VPN kill switch

    Scheduled Pinned Locked Moved Unsolved Support
    5 Posts 3 Posters 491 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
      Reply
      • Reply as topic
      Log in to reply
      This topic has been deleted. Only users with topic management privileges can see it.
      • U Offline
        ubportsuser
        last edited by ubportsuser

        Hi good people of ubports!

        I have a question regarding vpn kill switch. I run 2 scripts with a set of commands as follows:

        i use the below commands before connecting to my VPN

        sudo ufw reset
sudo ufw deny incoming
sudo ufw deny forward
sudo ufw allow outgoing
sudo ufw enable

        And is in a file called unfirewall.sh

        I use the below commands after connecting to the vpn so that there is no leak.

        sudo ufw default deny incoming
sudo ufw default deny forward
sudo ufw default deny outgoing
sudo ufw allow out on tun0 from any to any
sudo ufw enable

        And this is in a file called ./firewall.sh

        I run ./unfirewall.sh from the terminal, connect to the vpn and run ./firewall.sh from the terminal again. My question is, is there a way to make an executable icon called "on" (for ./firewall.sh) and "off" (for ./unfirewall.sh) and put it in the app drawer so that i dont have to use the terminal to do it every time my vpn disconnects?

        D 1 Reply Last reply Reply Quote 0
        • D Offline
          davedanger @ubportsuser
          last edited by

          @ubportsuser how do you keep the script running after you close the terminal?

          U 1 Reply Last reply Reply Quote 0
          • U Offline
            ubportsuser @davedanger
            last edited by ubportsuser

            @davedanger I open the terminal> execute ./unfirewall.sh > connect to vpn via GUI> use ./firewall.sh> and then close the terminal. ufw doesnt require the terminal to be open after the commamds have been executed. Both .sh files are inside the home directory.

            i saw your post "Auto Execute Startup Scripts" just now. Here the terminal doesnt need to be kept open. Although I do get the following warnings

            WARN: /etc is group writable!
WARN: / is world writable!
WARN: / is group writable!
WARN: /lib is world writable!
WARN: /lib is group writable!
WARN: /usr is world writable!
WARN: /usr is group writable!

            And my ufw was enabled by default since the fist installation (OTA-19). Although in my ut tweak tools, "make image writable" can be set to read-only.

            LuksusL 1 Reply Last reply Reply Quote 0
            • LuksusL Offline
              Luksus @ubportsuser
              last edited by Luksus

              @ubportsuser
              you can create *.desktop files in ~/.local/share/applications with content like this:

              [Desktop Entry]
Type=Application
Name=Firewall ON
Exec=sh /home/phablet/firewall.sh
Icon=

              And make it executale.
              But I don't know, how to workaround the sudo command. This won't work that way...

              @davedanger
              If you need to keep Terminal working in background, you can use the app "UT Tweak Tool" and prevent specific apps from going to sleep.

              Devices: BQ e4.5, Fairphone 2, Fairphone 3, Lenovo X605F, Pinephone, Moto Z2 Force, OnePlus5T

              D 1 Reply Last reply Reply Quote 0
              • D Offline
                davedanger @Luksus
                last edited by

                @luksus @ubportsuser I'm a big fan of the UT Tweaks Tool, it's very handy. I've just been trying to find a way to execute scripts and keep them running without having to keep the terminal open.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post