> PLEASE IMPROVE SO WE ALL BENEFIT!
This script allows certain apps to only run while you're on VPN.
This program is adapted from Marek Novotny's "tbird.sh" script,
which, like all of Marek's scripts that I've posted, you should
get from him.
Some apps, like your bittorrent and newsreader clients, you might
only want to run when you're ON VPN (since they habitually give away
your IP address).
So you don't want to accidentally run these apps UNLESS you're
on VPN.
Also, you might want to ensure that any inadvertent configuration
changes made to the program while in use are destroyed when you
kill the program (so I modified Marek's script accordingly).
So Marek's tbird.sh script was adapted to ensure that pan started
every single time with the *same* setup, no matter what happens
to Pan settings in the interim.
(A similar script was modified for Firefox.)
#!/bin/bash
# Run this first when you are NOT on VPN so that it will ask you to
# create a $HOME/.pan file and it will ask to add the current IP
# address to that file. After that, the script will not start pan, &
# the script will only start pan when you are NOT on that IP address.
###############################################################
#
# script: pan.sh (adapted from Marek's tbird.sh)
# version: .07.03 beta
# purpose: launch pan only if NOT using your home IP
# date: Mon Jun 22 2015 02:56PM
# by: marek novotny
#
# revisions: added ping test
# : added results test for obtaining IP info
# : using only public IP addressing
# : added xmessage features
#
# notes: creates $HOME/.pan with approved
# : public IP for NOT launching pan.
# : more IPs can be added if needed.
# : first approved ip is stored in
# : $HOME/.pan and used to compare
# : to existing public IP for launch
#
# requirements: wget or curl, xmessage and pan
#
################################################################
sendMessage()
{
xmessage -display $DISPLAY -fg white -bg purple -title "${title}" -geom +60+30 -timeout 4 -buttons Okay:1 -default Okay "$1"
}
sendError()
{
xmessage -display $DISPLAY -fg black -bg orange -title "${title}" -geom +60+30 -buttons Okay:1 -default Okay "$1"
}
sendPrompt()
{
xmessage -display $DISPLAY -fg black -bg green -title "${title}" -geom +60+30 -buttons "$buttons" -default "$default" "$1"
}
setupDisplay()
{
if [[ -z "$DISPLAY" ]]
then
DISPLAY=':0'
fi
}
checkCommands()
{
if [[ ! $(type -p xmessage) ]]
then
echo " This script requires xmessage to be installed..."
exit 1
fi
if [[ ! $(type -p wget) ]] && [[ ! $(type -p curl) ]]
then
title="${0##*/} Error: Required App Not Found"
sendError " This script requires wget or curl which are not installed. "
exit 1
fi
if [[ ! $(type -p pan) ]]
then
title="${0##*/} Error: Required App Not Found"
sendError " Pan is not installed. "
exit 1
fi
# This ifthenelse requires the script NOT to have "pan" in the name (Pan is ok):
# if [[ $(pgrep pan) ]]
# This allows the letters "pan" to be in the file name (e.g., pan.sh):
if [[ $(pgrep -x pan) ]]
then
title="${0##*/} Alert:"
sendMessage " Pan is already running. "
exit 1
fi
}
checkNetworkStatus()
{
ip addr | grep "state UP" > /dev/null 2>&1
if (($? != 0))
then
title="${0##*/} Error: Network Down"
sendError " Your network has been detected as down."
exit 1
fi
requiredHosts=("
icanhazip.com")
for xi in "${requiredHosts[@]}"
do
ping -q -c2 "$xi" > /dev/null 2>&1
if (($? != 0))
then
title="${0##*/} Error: Ping"
sendError " A required ping test of site: ${xi} has failed."
exit 1
fi
done
}
obtainIP()
{
type -p wget > /dev/null
if (($? == 0))
then
cmd='wget -4 -qO-'
else
cmd='curl -s -4'
fi
publicIP=$($cmd
icanhazip.com)
if (($? != 0))
then
title="${0##*/} Error: Outside IP Address"
sendError " Unable to obtain your public IP address. "
exit 1
fi
}
testAndExecuteApp()
{
let approved=0
for x in "${approvedIPs[@]}"
do
if [[ "${publicIP}" == "$x" ]]
then
((approved++))
fi
done
# The copy commands below ensure pan always starts up the same!
# if ((approved >= 1))
if ((approved < 1))
then
title="${0##*/} Alert:"
sendMessage " Launching Pan"
cp $HOME/.pan2_golden/accels.txt $HOME/.pan2/.
cp $HOME/.pan2_golden/servers.xml $HOME/.pan2/.
cp $HOME/.pan2_golden/posting.xml $HOME/.pan2/.
cp $HOME/.pan2_golden/group-preferences.xml $HOME/.pan2/.
pan > /dev/null 2>&1 &
exit 0
else
title="${0##*/} Request Denied:"
sendError " Pan is not approved to launch from ${publicIP}. "
exit 1
fi
}
readIPTable()
{
IFS=$'\n'
approvedIPs=($(cat $HOME/.pan))
testAndExecuteApp
}
writeIPTable()
{
echo "${publicIP}" >> $HOME/.pan
if (($? != 0))
then
title="${0##*/} Write Error:"
sendError " Configuration file could not be written."
exit 1
else
readIPTable
fi
}
getUserInput()
{
while true
do
title="${0##*/} Authorization Request:"
buttons='Yes:2,No:1'
default="No"
sendPrompt "There are no currently approved IP addresses set to execute Pan
Will you approve the current address: $publicIP"
case $? in
[2] )
writeIPTable
;;
[1] )
exit 1
;;
esac
done
}
testFile()
{
if [[ -f "$HOME/.pan" ]] && [[ -r "$HOME/.pan" ]]
then
readIPTable
else
getUserInput
fi
}
setupDisplay
checkCommands
checkNetworkStatus
obtainIP
testFile
## end of pan.sh ##