40 lines
915 B
Bash
Executable File
40 lines
915 B
Bash
Executable File
#!/bin/sh
|
|
|
|
KILL_SWITCH_FILE=/etc/wireguard/kill-switch
|
|
|
|
# 0. if kill-switch is not enabled, nothing to do
|
|
if ! test -f "$KILL_SWITCH_FILE"; then
|
|
exit 0
|
|
fi
|
|
|
|
# 1. if vpn config don't exist, fail
|
|
if test -f /etc/wireguard/vpn.conf; then
|
|
echo 'vpn config exist'
|
|
else
|
|
echo 'could NOT find vpn config!'
|
|
exit 1
|
|
fi
|
|
|
|
# 2. if wireguard tunnel is not up, start it
|
|
if ip link show vpn; then
|
|
echo 'wireguard is running'
|
|
else
|
|
echo 'wireguard is NOT running, restarting it'
|
|
wgScript=`which wg-quick`
|
|
sed -i '/sysctl -q net.ipv4.conf.all.src_valid_mark=1/d' $wgScript
|
|
resolvconf -u
|
|
wg-quick down vpn
|
|
wg-quick up vpn
|
|
fi
|
|
|
|
# 3. verify public ip is what is expected
|
|
ip=$(curl ifconfig.me)
|
|
if grep "${ip%${ip##*.}}" /etc/wireguard/vpn.conf; then
|
|
echo "public ip is as expected by the wireguard config"
|
|
else
|
|
echo "public ip is not what is expected by ip config!"
|
|
exit 1
|
|
fi
|
|
|
|
exit 0
|