UBports Robot Logo UBports Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    VPN kill switch

    Scheduled Pinned Locked Moved Unsolved
    Support
    3
    5
    408
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • U
      ubportsuser
      last edited by ubportsuser

      Hi good people of ubports!

      I have a question regarding vpn kill switch. I run 2 scripts with a set of commands as follows:

      i use the below commands before connecting to my VPN

      sudo ufw reset
sudo ufw deny incoming
sudo ufw deny forward
sudo ufw allow outgoing
sudo ufw enable

      And is in a file called unfirewall.sh

      I use the below commands after connecting to the vpn so that there is no leak.

      sudo ufw default deny incoming
sudo ufw default deny forward
sudo ufw default deny outgoing
sudo ufw allow out on tun0 from any to any
sudo ufw enable

      And this is in a file called ./firewall.sh

      I run ./unfirewall.sh from the terminal, connect to the vpn and run ./firewall.sh from the terminal again. My question is, is there a way to make an executable icon called "on" (for ./firewall.sh) and "off" (for ./unfirewall.sh) and put it in the app drawer so that i dont have to use the terminal to do it every time my vpn disconnects?

      D 1 Reply Last reply Reply Quote 0
      • D
        davedanger @ubportsuser
        last edited by

        @ubportsuser how do you keep the script running after you close the terminal?

        U 1 Reply Last reply Reply Quote 0
        • U
          ubportsuser @davedanger
          last edited by ubportsuser

          @davedanger I open the terminal> execute ./unfirewall.sh > connect to vpn via GUI> use ./firewall.sh> and then close the terminal. ufw doesnt require the terminal to be open after the commamds have been executed. Both .sh files are inside the home directory.

          i saw your post "Auto Execute Startup Scripts" just now. Here the terminal doesnt need to be kept open. Although I do get the following warnings

          WARN: /etc is group writable!
WARN: / is world writable!
WARN: / is group writable!
WARN: /lib is world writable!
WARN: /lib is group writable!
WARN: /usr is world writable!
WARN: /usr is group writable!

          And my ufw was enabled by default since the fist installation (OTA-19). Although in my ut tweak tools, "make image writable" can be set to read-only.

          LuksusL 1 Reply Last reply Reply Quote 0
          • LuksusL
            Luksus @ubportsuser
            last edited by Luksus

            @ubportsuser
            you can create *.desktop files in ~/.local/share/applications with content like this:

            [Desktop Entry]
Type=Application
Name=Firewall ON
Exec=sh /home/phablet/firewall.sh
Icon=

            And make it executale.
            But I don't know, how to workaround the sudo command. This won't work that way...

            @davedanger
            If you need to keep Terminal working in background, you can use the app "UT Tweak Tool" and prevent specific apps from going to sleep.

            Devices: BQ e4.5, Fairphone 2, Fairphone 3, Lenovo X605F, Pinephone, Moto Z2 Force, OnePlus5T

            D 1 Reply Last reply Reply Quote 0
            • D
              davedanger @Luksus
              last edited by

              @luksus @ubportsuser I'm a big fan of the UT Tweaks Tool, it's very handy. I've just been trying to find a way to execute scripts and keep them running without having to keep the terminal open.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post