vpn hotspot script

vpn-hotspot.sh

#!/storage/xbin/bash

# This script should help forward VPN over any tethered connection on a Android device. Turn on tethering, then enable VPN, then run this script.

# Inital variable setup
tethering=0

# Setup iptables before forwarding VPN
iptables -A POSTROUTING -o tun0 -j MASQUERADE -t nat

# Check if bluetooth is tethered, if so forward VPN
blue=$(/system/bin/ifconfig bt-pan 2>/dev/null | grep "UP" | wc -l)
blueIP=$(ifconfig bt-pan | grep "inet addr" | cut -d":" -f2 | cut -d' ' -f1 | cut -d'.' -f1-3)

if [[ "$blue" -gt 0 ]];
 then
  iptables -A FORWARD -i tun0 -o bt-pan -m state --state RELATED,ESTABLISHED -j RETURN
  iptables -A FORWARD -i bt-pan -o tun0 -m state --state INVALID -j DROP
  iptables -A FORWARD -i bt-pan -o tun0 -j RETURN
  ip rule add from $blueIP.0/24 lookup 61
  ip route add default dev tun0 scope link table 61
  ip route add $blueIP.0/24 dev bt-pan scope link table 61
  ip route add broadcast 255.255.255.255 dev bt-pan scope link table 61
  blueTethered=1
  tethering=1
  echo "Set up VPN on Bluetooth sucessfully"
 else
  blueTethered=0
  echo "Not tethering on Bluetooth"
fi

# Check if USB is tethered, if so forward VPN
usb=$(/system/bin/ifconfig rndis0 2>/dev/null | grep "UP" | wc -l)
usbIP=$(ifconfig rndis0 | grep "inet addr" | cut -d":" -f2 | cut -d' ' -f1 | cut -d'.' -f1-3)

if [[ "$usb" -gt 0 ]];
 then
  iptables -A FORWARD -i tun0 -o rndis0 -m state --state RELATED,ESTABLISHED -j RETURN
  iptables -A FORWARD -i rndis0 -o tun0 -m state --state INVALID -j DROP
  iptables -A FORWARD -i rndis0 -o tun0 -j RETURN
  ip rule add from $usbIP.0/24 lookup 61
  ip route add default dev tun0 scope link table 61
  ip route add $usbIP.0/24 dev rndis0 scope link table 61
  ip route add broadcast 255.255.255.255 dev rndis0 scope link table 61
  usbTethered=1
  tethering=1
 else
  usbTethered=0
  echo "Not tethering on USB"
fi

# Check if WIFI is tethered, if so forward VPN 
wifi=$(dumpsys wifi | grep curState=TetheredState | wc -l)
wifiIP=$(ifconfig wlan0 | grep "inet addr" | cut -d":" -f2 | cut -d' ' -f1 | cut -d'.' -f1-3)

if [[ "$wifi" -gt 0 ]];
 then
  iptables -A FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j RETURN
  iptables -A FORWARD -i wlan0 -o tun0 -m state --state INVALID -j DROP
  iptables -A FORWARD -i wlan0 -o tun0 -j RETURN
  ip rule add from $wifiIP.0/24 lookup 61
  ip route add default dev tun0 scope link table 61
  ip route add $wifiIP.0/24 dev wlan0 scope link table 61
  ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
  wifiTethered=1
  tethering=1
  echo "Set up VPN on WIFI successfully"
 else
  wifiTethered=0
  echo "Not tethering on WIFI"
fi

# Clean up if no tethering is occuring
if [[ "$tethering" -eq 0 ]];
 then
    iptables -D POSTROUTING -o tun0 -j MASQUERADE -t nat
  if [[ "$blueTethered" -gt 0 ]];
   then
    iptables -D FORWARD -i tun0 -o bt-pan -m state --state RELATED,ESTABLISHED -j RETURN
    iptables -D FORWARD -i bt-pan -o tun0 -m state --state INVALID -j DROP
    iptables -D FORWARD -i bt-pan -o tun0 -j RETURN
    ip rule add from $blueIP.0/24 lookup 61
    ip route add default dev tun0 scope link table 61
    ip route add $blueIP.0/24 dev bt-pan scope link table 61
    ip route add broadcast 255.255.255.255 dev bt-pan scope link table 61
  fi
  if [[ "$usbTethered" -gt 0 ]];
    iptables -D FORWARD -i tun0 -o rndis0 -m state --state RELATED,ESTABLISHED -j RETURN
    iptables -D FORWARD -i rndis0 -o tun0 -m state --state INVALID -j DROP
    iptables -D FORWARD -i rndis0 -o tun0 -j RETURN
    ip rule delete from $usbIP.0/24 lookup 61
    ip route delete default dev tun0 scope link table 61
    ip route delete $usbIP.0/24 dev rndis0 scope link table 61
    ip route delete broadcast 255.255.255.255 dev rndis0 scope link table 61
  fi
  if [[ "$wifiTethered" -gt 0 ]];
    iptables -D FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j RETURN
    iptables -D FORWARD -i wlan0 -o tun0 -m state --state INVALID -j DROP
    iptables -D FORWARD -i wlan0 -o tun0 -j RETURN
    ip rule delete from $wifiIP.0/24 lookup 61
    ip route delete default dev tun0 scope link table 61
    ip route delete $wifiIP.0/24 dev wlan0 scope link table 61
    ip route delete broadcast 255.255.255.255 dev wlan0 scope link table 61
  echo "Cleaned up iptables rules since we are not tethering"
 else
  echo "Sucessfully forwarding VPN over tethering"
fi

dear friend,
i use adb shell to connect to my android6.0 cell phone , type the shell commands. but it doesnot work. can you help me ?

xsXasccd

Turn hotspot first or vpn first ?

@dimaslanjaka I posted this so long ago that I'm not even sure it's valid anymore for newer android devices. I'd recommend people here try another method or maybe this application https://f-droid.org/en/packages/be.mygod.vpnhotspot/

your script still working. hotspot > vpn on > run script.
thanks

your script still working. hotspot > vpn on > run script.
thanks

Hello bro, where should i put this script on the path?

Hello bro, where should i put this script on the path?

@ibnusaja. Taruh dimana saja. asal call root dahulu.

# misal di sdcard
su
cd sdcard
sh vpn-hotspot.sh #/sdcard/vpn-hotspot.sh

# OR

su
sh /sdcard/vpn-hotspot.sh

# OR termux dynamic shell script
bash <(curl -s https://gist.githubusercontent.com/ShapeShifter499/2aed7b6975b31341ea606ad8fea3fc09/raw/68907a15616c68578e303542c34596504cdfc8fc/vpn-hotspot.sh)

Wlan0 bt-pan usb ip failed to get it here i am replace with this ,its workit on my device
ifconfig wlan0 | egrep -o 'inet [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | cut -d' ' -f2 | cut -d'.' -f1-3

But there was no internet aces to the client when using this script ,event not edited script ,and thats was make my phone bootloop

Ilang postingan gue joss