admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Removed useless DNS shell code

Browse Source
This commit is contained in:
Quentin McGaw
2018-09-20 20:42:37 +02:00
parent b652823d89
commit 41d7ca9824
1 changed files with 7 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
entrypoint.sh
View File

@@ -1,18 +1,12 @@
#!/bin/sh #!/bin/sh
printf "=== PIA CONTAINER ==="
# Obtaining your original IP address to use for the healthcheck # Obtaining your original IP address to use for the healthcheck
printf "\nGetting non VPN public IP address..." printf "\nGetting non VPN public IP address..."
export INITIAL_IP=$(wget -qqO- 'https://duckduckgo.com/?q=what+is+my+ip' | grep -ow 'Your IP address is [0-9.]*[0-9]' | grep -ow '[0-9][0-9.]*') export INITIAL_IP=$(wget -qqO- 'https://duckduckgo.com/?q=what+is+my+ip' | grep -ow 'Your IP address is [0-9.]*[0-9]' | grep -ow '[0-9][0-9.]*')
printf "$INITIAL_IP" printf "$INITIAL_IP"
# Setting up cloudflare DNS 1.1.1.1 over TLS
printf "\nChanging DNS to localhost..."
echo "nameserver 127.0.0.1" > /etc/resolv.conf
echo "options ndots:0" >> /etc/resolv.conf
printf "DONE"
printf "\nLaunching Unbound daemon to connect to Cloudflare DNS 1.1.1.1 at its TLS endpoint..."
unbound
printf "DONE"
printf "\nSetting firewall for killswitch purposes..." printf "\nSetting firewall for killswitch purposes..."
printf "\n * Detecting local subnet..." printf "\n * Detecting local subnet..."
SUBNET=$(ip route show default | tail -n 1 | awk '// {print $1}') SUBNET=$(ip route show default | tail -n 1 | awk '// {print $1}')
@@ -27,7 +21,7 @@ printf "\n * Detecting IP addresses corresponding to $PIADOMAIN..."
VPNIPS=$(nslookup $PIADOMAIN localhost | tail -n +5 | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}') VPNIPS=$(nslookup $PIADOMAIN localhost | tail -n +5 | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')
for ip in $VPNIPS for ip in $VPNIPS
do do
printf "\n $ip" printf "\n $ip"
done done
printf "\n * Deleting all iptables rules..." printf "\n * Deleting all iptables rules..."
iptables --flush iptables --flush
@@ -46,10 +40,10 @@ iptables -A OUTPUT -d $SUBNET -j ACCEPT -o eth0
printf "DONE" printf "DONE"
for ip in $VPNIPS for ip in $VPNIPS
do do
printf "\n * Adding rules to accept traffic with $ip on port $PROTOCOL $PORT..." printf "\n * Adding rules to accept traffic with $ip on port $PROTOCOL $PORT..."
iptables -A OUTPUT -j ACCEPT -d $ip -o eth0 -p $PROTOCOL -m $PROTOCOL --dport $PORT iptables -A OUTPUT -j ACCEPT -d $ip -o eth0 -p $PROTOCOL -m $PROTOCOL --dport $PORT
iptables -A INPUT -j ACCEPT -s $ip -i eth0 -p $PROTOCOL -m $PROTOCOL --sport $PORT iptables -A INPUT -j ACCEPT -s $ip -i eth0 -p $PROTOCOL -m $PROTOCOL --sport $PORT
printf "DONE" printf "DONE"
done done
printf "\n * Adding rules to accept traffic going through the tun device..." printf "\n * Adding rules to accept traffic going through the tun device..."
iptables -A INPUT -j ACCEPT -i tun0 iptables -A INPUT -j ACCEPT -i tun0