iankelling.org
/
git
/
distro-setup
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
various fixes
[distro-setup]
/
untrusted-network
diff --git
a/untrusted-network
b/untrusted-network
index 8fc3d7baedb561b8669d4e70e2d59b29083b2298..b4fdb70e0e5304af943e683d34d0074d77c56e2b 100755
(executable)
--- a/
untrusted-network
+++ b/
untrusted-network
@@
-3,17
+3,22
@@
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
-[[ $EUID == 0 ]] || exec sudo -E "$
BASH_SOURCE
" "$@"
+[[ $EUID == 0 ]] || exec sudo -E "$
{BASH_SOURCE[0]}
" "$@"
# Usage: use when switching from a trusted network to an untrusted one,
# like public wifi.
# Usage: use when switching from a trusted network to an untrusted one,
# like public wifi.
-cat >/etc/dnsmasq.d/untrusted-network.conf <<'EOF'
+if [[ ! -s /etc/dnsmasq.d/untrusted-network.conf ]]; then
+ cat >/etc/dnsmasq.d/untrusted-network.conf <<'EOF'
server=8.8.4.4
server=8.8.8.8
server=2001:4860:4860::8844
server=2001:4860:4860::8888
no-resolv
server=8.8.4.4
server=8.8.8.8
server=2001:4860:4860::8844
server=2001:4860:4860::8888
no-resolv
+# https://ret2got.wordpress.com/2018/01/19/how-your-ethereum-can-be-stolen-using-dns-rebinding/
+stop-dns-rebind
EOF
EOF
-systemctl reload dnsmasq
+ nscd -i hosts
+ systemctl restart dnsmasq
+fi