Threaded Mode | Linear Mode

Faxopita · (This post was last modified: Dec. 08, 2017 10:25 PM by Faxopita.)

Allow Privoxy to Block All Requests if VPN Turned Off!

Some VPN apps offer the option to block Internet access if, for example, they happen to be disabled accidentally. I don't have this option, so I decided to create a tiny script to do that job (to some extent) with the help of Privoxy. The script automatically blocks all HTTP/HTTPS requests if your VPN is down. To do so, it simply uncomments these lines if TUN device is not returned in ifconfig output:

Code:

# { +block{VPN is not running. Turn it on first!} }

#  /

Be warned that the script will not deal with layers other than HTTP/HTTPS. So, you might still be able to use, for example, SMTP or FTP if your VPN is down. Any exception rule under `{ -block }` put after the above enforced block action will still allow for Internet access even though your VPN is down; useful to let you at least connect to your VPN, by the wayâ€¦

If you are interested, then this post is for you, but first: retrieve the attached archive to this post and back up immediately your `user.action` file!

Design choice: the script does its own little job only if the hidden file `.AllVPN` is present in your Home directory. It's a kind of a switch. It's a choice I made, but you can certainly modify the script so it doesn't take account of this switch! So, for now, create it with your favourite Terminal:

Code:

cd `echo $HOME`

touch .AllVPN

Amend your own `user.action` file.

Add this section at the end of your `user.action` file:

Code:

# { +block{VPN is not running. Turn it on first!} }

#  /

  { -block }

# However, you have to whitelist your VPN provider hereâ€¦

Also, be warned the script requires you to have write permissions on `user.action` file; in Terminal `cd` to your Privoxy directory, thenâ€¦

Code:

sudo chmod 664 user.action

sudo chown `echo $USER`:admin user.action

Amend script AllVPN.

The script uses GNU sed; I got it with Homebrew. Perhaps you'd like to use the version installed with the base system. If so, you might find the need to tweak the corresponding syntax in the script.

Code:

brew info gnu-sed brew home gnu-sed brew install gnu-sed
Allocate your own paths to `pri_path` and `sed_path`.
Copy AllVPN.sh script to your script folder.

Setting up the dÃ¦mon.

Copy privoxy.vpn.bridge.plist to ~/Library/LaunchAgents; it's the one attached to your Home directory.
Edit the above .PLIST file and replace [INSERT_ABSOLUTE_PATH] by the pathâ€”in absolute termsâ€”leading to the script `AllVPN.sh`.
Service should start automatically at next login, but you can run it now; `cd` first to `~/Library/LaunchAgents`, thenâ€¦
- launchctl load privoxy.vpn.bridge.plist
- To stop the service: launchctl unload privoxy.vpn.bridge.plist
- To verify the service is loaded: launchctl list | grep "bridge"

-â€“â€”

Minuscule donations are always appreciatedâ€¦

Code:

BTC --> 34WKogWorDoReJ2MSxw8rTsrGD87VMAPJY

BCH --> 1AXwyMdtMFZktZPvXScC58ESUZXptmjvge

DASH -> XusJsETR6PwDnG4Gde7cvGeRhXzUJFSxtD

ETH --> 0xb829FA99AA9AB31C32590dbc88B837bC5D91453e

ETC --> 0x059F128357331c346Ad2E23F95a4639beC3f0b3a

LTC --> MK7vxk93A1M6HHAYT38W8NPJSb8zANqCia

ZEC --> t1JNCuxdZEWUPBQiAzxZPUMqb4BM87sxs9H

DOGE -> DBPAUuCaez4JYGobAn4RHNNhFXwa9u1W6N

STRAT > SgG6jAHuxQfzW1QBaWyQRVdCdSq514BcyM