2 # I, Ian Kelling, follow the GNU license recommendations at
3 # https://www.gnu.org/licenses/license-recommendations.en.html. They
4 # recommend that small programs, < 300 lines, be licensed under the
5 # Apache License 2.0. This file contains or is part of one or more small
6 # programs. If a small program grows beyond 300 lines, I plan to switch
9 # Copyright 2024 Ian Kelling
11 # Licensed under the Apache License, Version 2.0 (the "License");
12 # you may not use this file except in compliance with the License.
13 # You may obtain a copy of the License at
15 # http://www.apache.org/licenses/LICENSE-2.0
17 # Unless required by applicable law or agreed to in writing, software
18 # distributed under the License is distributed on an "AS IS" BASIS,
19 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 # See the License for the specific language governing permissions and
21 # limitations under the License.
23 if ! test "$BASH_VERSION"; then echo "error: shell is not bash" >&2; exit 1; fi
24 shopt -s inherit_errexit
2>/dev
/null ||
: # ignore fail in bash < 4.4
26 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?. PIPESTATUS: ${PIPESTATUS[*]}" >&2' ERR
28 [[ $EUID == 0 ]] ||
exec sudo
-E "${BASH_SOURCE[0]}" "$@"
32 # We block dns lookups from going outside the vpn network namespace,
33 # there might be some other workaround, but just resolving to static ips
37 while read -r host port
; do
39 echo $ip |
grep -E '[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*' &>/dev
/null ||
continue
40 printf "remote %s %s\n" "$ip" "$port" >>$conf
42 done < <(timeout
-s 9 1 dig +short
$host ||
:)
43 done < <(sed -rn 's/^ *# *remote //p' $conf)
48 sed --follow-symlinks -i '/^ *remote /d' $conf
51 # give it one retry if it failed initially
58 echo "vpn-static-ip: error: failed to set any ips" >&2