sirupsen · April 14, 2011 14:45
diff --git a/pvpn b/pvpn
 #!/bin/bash
 #
 # Launches sshuttle if you're on an untrusted network, currently only available on OS X.
 # Patches for Linux support welcome!
 #
 # sshutle: Transparent proxy server that works as a poor # man's VPN.
 # Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
 # https://github.com/apenwarr/sshuttle
 # 
 # Dependencies
 #
 #   ack
 #   awk
 #   sshuttle
 #   curl (if you use -i flag)
 # 
 # Intallation
 #
 # Currently only available on OS X, requires the Airport CLI, put it in your path by issueing:
 #     sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/sbin/airport
 #
 # Put this script in your $PATH, and clone sshuttle into your $PATH with:
 #     git clone https://github.com/apenwarr/sshuttle.git
 #
 # Make sure sshuttle works for you without pvpn, test with:
 #     curl -s ip.appspot.com && ./sshuttle -r username@sshserver 0.0.0.0/0 -vv && curl -s ip.appspot.com
 #
 # Launch pvpn with your SSH server as argument, as well as a your trusted networks, example:
 #     pvpn -s username@sshserver -t home-wifi-name -t work-wifi-name
 #
 # Still need to figure out how to put this in a Network hook on OS X, until then, run this in a cron job,
 # or figure it out and tell me here!

 help_pvpn() {
  echo "Usage for pvpn"
  echo "Arguments:"
  echo " -s <server> server to tunnel through, e.g. [email protected]"
  echo "Optional arguments:"
  echo " -i show ip before and after launch of sshutle"
  echo " -h show this"
  echo " -t <name> trusted network, pass this an artbitary number of times for multiple"
  exit 1
 }

 check_ip() {
  if [ $SHOW_IP == true ]; then
    echo "pvpn: getting remote ip.."
    [[ $1 == 'sleep' ]] && sleep 1 # let sshuttle do its magic first
    echo "pvpn: current remote ip: `curl -s ip.appspot.com`"
  fi
 }

 SERVER=''
 SSID_NAME=`airport -I | awk '/[^B]SSID/ { print $2 }'`
 ALLOWED_SSIDS=()
 SHOW_IP=false

 while getopts "ht:s:i" OPTION
 do
  case $OPTION in
    s) SERVER=$OPTARG ;;
    i) SHOW_IP=true ;;
    h) help_pvpn ;;
    t) ALLOWED_SSIDS=( ${ALLOWED_SSIDS[@]-} $(echo $OPTARG) ) ;;
  esac
 done

 echo "pvpn: current network name: $SSID_NAME"
 echo "pvpn: allowed networks: ${ALLOWED_SSIDS[*]}"

 # By default, network's not allowed
 ALLOW=false

 # Check if network is allowed
 for ssid in ${ALLOWED_SSIDS[@]}; do
  [[ $ssid == $SSID_NAME ]] && ALLOW=true;
 done

 if [[ $SERVER == '' ]]; then
  echo 'pvpn: server not set, see -h'
  exit 0
 fi

 # If not allowed, sshuttle us!
 if [ $ALLOW == false ]; then
  check_ip
  echo 'pvpn: in unallowed network! sshutling..'
  sshuttle-src/sshuttle -r $SERVER 0.0.0.0/0 -D

  check_ip 'sleep'
 else
  echo 'pvpn: on allowed network'
 fi
	#!/bin/bash
	#
	# Launches sshuttle if you're on an untrusted network, currently only available on OS X.
	# Patches for Linux support welcome!
	#
	# sshutle: Transparent proxy server that works as a poor # man's VPN.
	# Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
	# https://github.com/apenwarr/sshuttle
	#
	# Dependencies
	#
	# ack
	# awk
	# sshuttle
	# curl (if you use -i flag)
	#
	# Intallation
	#
	# Currently only available on OS X, requires the Airport CLI, put it in your path by issueing:
	# sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/sbin/airport
	#
	# Put this script in your $PATH, and clone sshuttle into your $PATH with:
	# git clone https://github.com/apenwarr/sshuttle.git
	#
	# Make sure sshuttle works for you without pvpn, test with:
	# curl -s ip.appspot.com && ./sshuttle -r username@sshserver 0.0.0.0/0 -vv && curl -s ip.appspot.com
	#
	# Launch pvpn with your SSH server as argument, as well as a your trusted networks, example:
	# pvpn -s username@sshserver -t home-wifi-name -t work-wifi-name
	#
	# Still need to figure out how to put this in a Network hook on OS X, until then, run this in a cron job,
	# or figure it out and tell me here!

	help_pvpn() {
	echo "Usage for pvpn"
	echo "Arguments:"
	echo " -s <server> server to tunnel through, e.g. [email protected]"
	echo "Optional arguments:"
	echo " -i show ip before and after launch of sshutle"
	echo " -h show this"
	echo " -t <name> trusted network, pass this an artbitary number of times for multiple"
	exit 1
	}

	check_ip() {
	if [ $SHOW_IP == true ]; then
	echo "pvpn: getting remote ip.."
	[[ $1 == 'sleep' ]] && sleep 1 # let sshuttle do its magic first
	echo "pvpn: current remote ip: `curl -s ip.appspot.com`"
	fi
	}

	SERVER=''
	SSID_NAME=`airport -I \| awk '/[^B]SSID/ { print $2 }'`
	ALLOWED_SSIDS=()
	SHOW_IP=false

	while getopts "ht:s:i" OPTION
	do
	case $OPTION in
	s) SERVER=$OPTARG ;;
	i) SHOW_IP=true ;;
	h) help_pvpn ;;
	t) ALLOWED_SSIDS=( ${ALLOWED_SSIDS[@]-} $(echo $OPTARG) ) ;;
	esac
	done

	echo "pvpn: current network name: $SSID_NAME"
	echo "pvpn: allowed networks: ${ALLOWED_SSIDS[*]}"

	# By default, network's not allowed
	ALLOW=false

	# Check if network is allowed
	for ssid in ${ALLOWED_SSIDS[@]}; do
	[[ $ssid == $SSID_NAME ]] && ALLOW=true;
	done

	if [[ $SERVER == '' ]]; then
	echo 'pvpn: server not set, see -h'
	exit 0
	fi

	# If not allowed, sshuttle us!
	if [ $ALLOW == false ]; then
	check_ip
	echo 'pvpn: in unallowed network! sshutling..'
	sshuttle-src/sshuttle -r $SERVER 0.0.0.0/0 -D

	check_ip 'sleep'
	else
	echo 'pvpn: on allowed network'
	fi