-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathkillswitch.sh
More file actions
33 lines (26 loc) · 942 Bytes
/
killswitch.sh
File metadata and controls
33 lines (26 loc) · 942 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
#!/bin/bash
# Define the name of your WireGuard VPN interface
VPN_INTERFACE="utun3"
# Enable the firewall rules
sudo pfctl -E
# Create a temporary pf configuration file to block all traffic by default
echo "block all" | sudo pfctl -f - 2>/dev/null
# Allow traffic through the VPN interface
echo "pass out on $VPN_INTERFACE all" | sudo pfctl -f - 2>/dev/null
# Display a message indicating the killswitch is active
echo "VPN Killswitch is active. Only traffic through $VPN_INTERFACE is
allowed."
# Monitor the VPN connection status and block traffic when VPN is
disconnected
while true; do
if ifconfig $VPN_INTERFACE &> /dev/null; then
# VPN interface exists, VPN is connected
sleep 5
else
# VPN interface doesn't exist, VPN is disconnected, block all
traffic
echo "VPN is disconnected. Enforcing killswitch."
echo "block all" | sudo pfctl -f - 2>/dev/null
sleep 5
fi
done