From e2c5e906415a3e16dec6c6af251bbe752e0283ad Mon Sep 17 00:00:00 2001 From: Janis Jansons Date: Thu, 14 Dec 2023 16:45:26 +0200 Subject: [PATCH] Allow specifying external domain names to be routed through VPN --- .gitignore | 1 + README.md | 1 + domains.txt.sample | 2 ++ routing.sh | 23 ++++++++++++++++++++++- 4 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 domains.txt.sample diff --git a/.gitignore b/.gitignore index d01df26..fcfed6f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ routes.txt +domains.txt run.sh \ No newline at end of file diff --git a/README.md b/README.md index 4c0c8b2..9995288 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,7 @@ brew install vpn-slice brew install oath-toolkit brew install swiftbar brew install terminal-notifier +brew install bind ``` On Macos add server address, username, password and 2fa seed in keychain with these names: diff --git a/domains.txt.sample b/domains.txt.sample new file mode 100644 index 0000000..daf6548 --- /dev/null +++ b/domains.txt.sample @@ -0,0 +1,2 @@ +www.example.com +en.wikipedia.org diff --git a/routing.sh b/routing.sh index c846d37..fa81adb 100755 --- a/routing.sh +++ b/routing.sh @@ -1,6 +1,7 @@ #!/bin/bash ROUTE_FILE=routes.txt +DOMAIN_FILE=domains.txt VPN_SLICE=vpn-slice @@ -50,12 +51,32 @@ if test -f "$ROUTE_FILE"; then echo "Loading subnets from $ROUTE_FILE" while read p; do case "$p" in \#*) continue ;; esac - add_subnet $p + if [ "$p" != "" ]; then + echo "Subnet: ${p}" + add_subnet $p + fi done <$ROUTE_FILE else echo "$ROUTE_FILE does not exist. This should not happen." fi +if test -f "$DOMAIN_FILE"; then + echo "Loading domains from $DOMAIN_FILE" + while read d; do + case "$d" in \#*) continue ;; esac + echo "Domain: ${d}" + if [ "$d" != "" ]; then + for p in `dig +short "$d" a | grep '^[.0-9]*$'`; do + echo "Resolved IP for domain ${d}: ${p}" + add_subnet $p/32 + done + fi + done <$DOMAIN_FILE + +else + echo "$DOMAIN_FILE does not exist. Ignoring." +fi + # Load default script $VPN_SLICE -S