4 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
6 [[ $EUID == 0 ]] ||
exec sudo
-E "${BASH_SOURCE[0]}" "$@"
8 # Usage: use when switching from a trusted network to an untrusted one,
14 local tmp tmpdir dest
="$1"
15 local base
="${dest##*/}"
20 tmp
=$
(rsync
-ic $tmpdir/"$base" "$dest")
29 read -r _ ver _
< <(systemd-resolve
--version)
31 # removes malware and adult content
32 servers
=(1.1.1.3 1.0.0.3 2606:4700:4700::1113 2606:4700:4700::1003)
34 servers
=(1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001)
37 #servers=(8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844)
40 # https://wiki.archlinux.org/index.php/Systemd-resolved#Manually
41 cat >/etc
/systemd
/resolved.conf.d
/untrusted-network.conf
<<EOF
48 i
/etc
/NetworkManager
/conf.d
/dns.conf
<<'EOF'
51 systemd-resolved=false
54 if $ir && [[ $
(systemctl is-active NetworkManager
) == active
]]; then
55 m systemctl restart NetworkManager
59 dhclient_restart
=false
61 if grep -qP '\bdomain-name-servers\b' /etc
/dhcp
/dhclient.conf
; then
62 sed -i 's/domain-name-servers,\?//' /etc
/dhcp
/dhclient.conf
66 read -r _ _ _ _ gateway_if _
< <(ip route get
8.8.8.8)
67 if [[ $gateway_if ]]; then
68 # we could do this, but dhclient is still running and will use its old settings
69 # from dependencies of ifupdown,
70 # from man dhclient-script
71 # from /etc/dhcp/dhclient-enter-hooks.d/resolved
72 # rm -f /run/systemd/resolved.conf.d/*$gateway_if*
75 if $dhclient_restart && grep -Pq "^ *auto ($gateway_if|.* $gateway_if( |$))" /etc
/network
/interfaces
; then
80 # at least on systemd 237 ifupdown it sets a global and this is not needed
81 systemd-resolve
--interface=$gateway_if --revert
86 # just for curiosity i did a
87 # wrapper around dhclient, then ifdown eth0; ifup eth0:
89 # Tue Mar 9 18:29:05 EST 2021
90 # args -4 -v -r -pf /run/dhclient.eth0.pid -lf /var/lib/dhcp/dhclient.eth0.leases -I -df /var/lib/dhcp/dhclient6.eth0.leases eth0
101 # PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
102 # IFUPDOWN_eth0=pre-down
104 # Tue Mar 9 18:29:07 EST 2021
105 # args -1 -4 -v -pf /run/dhclient.eth0.pid -lf /var/lib/dhcp/dhclient.eth0.leases -I -df /var/lib/dhcp/dhclient6.eth0.leases eth0
116 # PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
117 # IFUPDOWN_eth0=post-up