spokendotcpp/deluge-netns-VPN
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
master
deluge-netns-VPN/namespaced-openvpn-deluge.sh
T

68 lines
2.0 KiB
Bash
Raw Permalink Blame History

#!/usr/bin/env zsh
# Must be run as root:
if [[ "${UID}" -ne "0" ]]; then
printf "This script must be run as root.\n"
exit 1
fi
function start()
{
# Enable IP Forwarding
sysctl -q net.ipv4.ip_forward=1
# 'protected' network namespace created & connected to openvpn VPS (thanks to python script):
./namespaced-openvpn --config /home/cruiser/openvpn-files/delugevpn.ovpn &!
# Make sure that VPN tunnel is UP before going further:
while ! ip netns exec protected ip a show dev tun0 up; do
sleep .5
done
# Launch deluge daemon (as deluge user) into the 'protected' network namespace:
ip netns exec protected sudo -u deluge deluged &!
# Launch deluge web interface (as deluge user) into the 'protected' network namespace:
ip netns exec protected sudo -u deluge deluge-web &!
# Listen to port 8112 (deluge-web) & 58846 (deluged) inside 'root' network namespace which were forwarded into the 'protected' one.
socat tcp-listen:8112,fork,reuseaddr exec:'ip netns exec protected socat STDIO "tcp-connect:127.0.0.1:8112"',nofork &!
socat tcp-listen:58846,fork,reuseaddr exec:'ip netns exec protected socat STDIO "tcp-connect:127.0.0.1:58846"',nofork &!
}
function stop()
{
# Stop listening
lsof -i tcp:8112 | grep "*:8112" | awk '{print $2}' | xargs kill
lsof -i tcp:58846 | grep "*:58846" | awk '{print $2}' | xargs kill
# Kills programs (deluge-web & deluged) started from within 'protected' network namespace:
ip netns pids protected | xargs kill
# Shutdown VPN:
kill $(pidof openvpn)
# Remove properly the tun0 link from the 'protected' network namespace:
ip netns exec protected ip link delete tun0
# 'protected' network namespace is no more:
ip netns del protected
# Remove from disk 'protected' network namespace DNS configuration:
rm -r /etc/netns/protected
# Remove IP Forwarding
sysctl -q net.ipv4.ip_forward=0
}
case "${1}" in
"start")
start ;;
"stop")
stop ;;
*)
printf "Usage:\n\tsudo ./vpn-deluge-daemon.sh start|stop\n"
exit 1
;;
esac
Reference in New Issue View Git Blame Copy Permalink