iankelling.org Git - distro-setup/blob - untrusted-network

   1 #!/bin/bash
   2
   3 set -eE -o pipefail
   4 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
   5
   6 [[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@"
   7
   8 # Usage: use when switching from a trusted network to an untrusted one,
   9 # like public wifi.
  10
  11 if [[ ! -s /etc/dnsmasq.d/untrusted-network.conf ]]; then
  12   cat >/etc/dnsmasq.d/untrusted-network.conf <<'EOF'
  13 server=8.8.4.4
  14 server=8.8.8.8
  15 server=2001:4860:4860::8844
  16 server=2001:4860:4860::8888
  17 no-resolv
  18 # https://ret2got.wordpress.com/2018/01/19/how-your-ethereum-can-be-stolen-using-dns-rebinding/
  19 stop-dns-rebind
  20 EOF
  21
  22   nscd -i hosts
  23   systemctl restart dnsmasq
  24 fi