forked from svenstaro/dotfiles
-
Notifications
You must be signed in to change notification settings - Fork 0
/
vpn
executable file
·64 lines (50 loc) · 1.37 KB
/
vpn
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
#!/usr/bin/env bash
if [[ $UID != 0 ]]; then
echo "This must be run as root."
exit 1
fi
function iface_up() {
ip netns add vpnns
ip link add wg0 type wireguard
ip link set wg0 netns vpnns
ip -n vpnns -4 address add 10.64.236.160/32 dev wg0
ip -n vpnns -6 address add fc00:bbbb:bbbb:bb01::1:ec9f/128 dev wg0
ip netns exec vpnns wg setconf wg0 /etc/wireguard/wg0.conf
ip -n vpnns link set wg0 up
ip -n vpnns -4 route add default dev wg0
ip -n vpnns -6 route add default dev wg0
ip link add veth1 type veth peer name br-veth1
ip link set veth1 netns vpnns
ip -n vpnns -4 addr add 10.10.10.2/24 dev veth1
ip link add name br1 type bridge
ip link set br1 up
ip link set br-veth1 up
ip -n vpnns link set veth1 up
ip link set br-veth1 master br1
ip addr add 10.10.10.1/24 brd + dev br1
mkdir -p /etc/netns/vpnns
echo 'nameserver 1.1.1.1' > /etc/netns/vpnns/resolv.conf
ip netns exec vpnns fping -q www.google.com
}
function iface_down() {
ip netns pids vpnns | xargs -rd'\n' kill
rm -rf /etc/netns/vpnns
ip netns delete vpnns
ip link del br1
}
function run() {
shift
exec sudo ip netns exec vpnns "$@"
}
case "$1" in
up)
iface_up ;;
down)
iface_down ;;
run)
run "$@" ;;
*)
echo "Syntax: $0 up|down|run"
exit 1
;;
esac