-
-
Save salehjg/f32ee9f0f0bd7a2f168a3f7c9d4aa271 to your computer and use it in GitHub Desktop.
vpn hotspot script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/storage/xbin/bash | |
| # This script should help forward VPN over any tethered connection on a Android device. Turn on tethering, then enable VPN, then run this script. | |
| # Inital variable setup | |
| tethering=0 | |
| # Setup iptables before forwarding VPN | |
| iptables -A POSTROUTING -o tun0 -j MASQUERADE -t nat | |
| # Check if bluetooth is tethered, if so forward VPN | |
| blue=$(/system/bin/ifconfig bt-pan 2>/dev/null | grep "UP" | wc -l) | |
| blueIP=$(ifconfig bt-pan | grep "inet addr" | cut -d":" -f2 | cut -d' ' -f1 | cut -d'.' -f1-3) | |
| if [[ "$blue" -gt 0 ]]; | |
| then | |
| iptables -A FORWARD -i tun0 -o bt-pan -m state --state RELATED,ESTABLISHED -j RETURN | |
| iptables -A FORWARD -i bt-pan -o tun0 -m state --state INVALID -j DROP | |
| iptables -A FORWARD -i bt-pan -o tun0 -j RETURN | |
| ip rule add from $blueIP.0/24 lookup 61 | |
| ip route add default dev tun0 scope link table 61 | |
| ip route add $blueIP.0/24 dev bt-pan scope link table 61 | |
| ip route add broadcast 255.255.255.255 dev bt-pan scope link table 61 | |
| blueTethered=1 | |
| tethering=1 | |
| echo "Set up VPN on Bluetooth sucessfully" | |
| else | |
| blueTethered=0 | |
| echo "Not tethering on Bluetooth" | |
| fi | |
| # Check if USB is tethered, if so forward VPN | |
| usb=$(/system/bin/ifconfig rndis0 2>/dev/null | grep "UP" | wc -l) | |
| usbIP=$(ifconfig rndis0 | grep "inet addr" | cut -d":" -f2 | cut -d' ' -f1 | cut -d'.' -f1-3) | |
| if [[ "$usb" -gt 0 ]]; | |
| then | |
| iptables -A FORWARD -i tun0 -o rndis0 -m state --state RELATED,ESTABLISHED -j RETURN | |
| iptables -A FORWARD -i rndis0 -o tun0 -m state --state INVALID -j DROP | |
| iptables -A FORWARD -i rndis0 -o tun0 -j RETURN | |
| ip rule add from $usbIP.0/24 lookup 61 | |
| ip route add default dev tun0 scope link table 61 | |
| ip route add $usbIP.0/24 dev rndis0 scope link table 61 | |
| ip route add broadcast 255.255.255.255 dev rndis0 scope link table 61 | |
| usbTethered=1 | |
| tethering=1 | |
| else | |
| usbTethered=0 | |
| echo "Not tethering on USB" | |
| fi | |
| # Check if WIFI is tethered, if so forward VPN | |
| wifi=$(dumpsys wifi | grep curState=TetheredState | wc -l) | |
| wifiIP=$(ifconfig wlan0 | grep "inet addr" | cut -d":" -f2 | cut -d' ' -f1 | cut -d'.' -f1-3) | |
| if [[ "$wifi" -gt 0 ]]; | |
| then | |
| iptables -A FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j RETURN | |
| iptables -A FORWARD -i wlan0 -o tun0 -m state --state INVALID -j DROP | |
| iptables -A FORWARD -i wlan0 -o tun0 -j RETURN | |
| ip rule add from $wifiIP.0/24 lookup 61 | |
| ip route add default dev tun0 scope link table 61 | |
| ip route add $wifiIP.0/24 dev wlan0 scope link table 61 | |
| ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61 | |
| wifiTethered=1 | |
| tethering=1 | |
| echo "Set up VPN on WIFI successfully" | |
| else | |
| wifiTethered=0 | |
| echo "Not tethering on WIFI" | |
| fi | |
| # Clean up if no tethering is occuring | |
| if [[ "$tethering" -eq 0 ]]; | |
| then | |
| iptables -D POSTROUTING -o tun0 -j MASQUERADE -t nat | |
| if [[ "$blueTethered" -gt 0 ]]; | |
| then | |
| iptables -D FORWARD -i tun0 -o bt-pan -m state --state RELATED,ESTABLISHED -j RETURN | |
| iptables -D FORWARD -i bt-pan -o tun0 -m state --state INVALID -j DROP | |
| iptables -D FORWARD -i bt-pan -o tun0 -j RETURN | |
| ip rule add from $blueIP.0/24 lookup 61 | |
| ip route add default dev tun0 scope link table 61 | |
| ip route add $blueIP.0/24 dev bt-pan scope link table 61 | |
| ip route add broadcast 255.255.255.255 dev bt-pan scope link table 61 | |
| fi | |
| if [[ "$usbTethered" -gt 0 ]]; | |
| iptables -D FORWARD -i tun0 -o rndis0 -m state --state RELATED,ESTABLISHED -j RETURN | |
| iptables -D FORWARD -i rndis0 -o tun0 -m state --state INVALID -j DROP | |
| iptables -D FORWARD -i rndis0 -o tun0 -j RETURN | |
| ip rule delete from $usbIP.0/24 lookup 61 | |
| ip route delete default dev tun0 scope link table 61 | |
| ip route delete $usbIP.0/24 dev rndis0 scope link table 61 | |
| ip route delete broadcast 255.255.255.255 dev rndis0 scope link table 61 | |
| fi | |
| if [[ "$wifiTethered" -gt 0 ]]; | |
| iptables -D FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j RETURN | |
| iptables -D FORWARD -i wlan0 -o tun0 -m state --state INVALID -j DROP | |
| iptables -D FORWARD -i wlan0 -o tun0 -j RETURN | |
| ip rule delete from $wifiIP.0/24 lookup 61 | |
| ip route delete default dev tun0 scope link table 61 | |
| ip route delete $wifiIP.0/24 dev wlan0 scope link table 61 | |
| ip route delete broadcast 255.255.255.255 dev wlan0 scope link table 61 | |
| echo "Cleaned up iptables rules since we are not tethering" | |
| else | |
| echo "Sucessfully forwarding VPN over tethering" | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment