def set_killswitch(log=True): def main(): killswitch_script = ( r'#!/bin/bash\n' 'PERSISTENCE_FILE=' + paths.KILLSWITCH_DATA + '\n\n' 'case $2 in' ' vpn-up)\n' ' nmcli -f type,device connection | awk \'$1~/^vpn$/ && $2~/[^\-][^\-]/ { print $2; }\' > "${PERSISTENCE_FILE}"\n' ' ;;\n' ' vpn-down)\n' ' xargs -n 1 -a "${PERSISTENCE_FILE}" nmcli device disconnect\n' ' ;;\n' 'esac\n') try: with open(paths.KILLSWITCH_SCRIPT, "w") as killswitch: print(killswitch_script, file=killswitch) utils.make_executable(paths.KILLSWITCH_SCRIPT) if log: logger.info("Network kill-switch enabled.") return True except Exception as e: logger.error("Error attempting to set kill-switch: %s" % e) return False # Requires root priveledge return utils.run_as_root(main)
def set_auto_connect(connection_name): def main(): interfaces = get_interfaces() if interfaces: interface_string = '|'.join(interfaces) auto_script = ( '#!/bin/bash\n\n' 'if [[ "$1" =~ ' + interface_string + ' ]] && [[ "$2" =~ up|connectivity-change ]]; then\n' ' nmcli con up id "' + connection_name + '" &\n' 'fi\n') try: with open(paths.AUTO_CONNECT_SCRIPT, "w") as auto_connect: print(auto_script, file=auto_connect) utils.make_executable(paths.AUTO_CONNECT_SCRIPT) return True except Exception as e: logger.error("Error attempting to set auto-conect: %s" % e) else: logger.error("No interfaces found to use with auto-connect") return False # Requires root priveledge return utils.run_as_root(main)
def set_ipv6(log=True): def main(): ipv6_script = ( '#!/bin/sh\n' 'case "$2" in\n' ' vpn-up)\n' ' echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6\n' ' ;;\n' ' vpn-down)\n' ' echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6\n' ' ;;\n' 'esac\n') try: with open(paths.IPV6_SCRIPT, "w") as ipv6: print(ipv6_script, file=ipv6) utils.make_executable(paths.IPV6_SCRIPT) if log: logger.info("IPv6 disable script enabled.") return True except Exception as e: logger.error("Error attempting to set IPv6 disable script: %s" % e) return False # Requires root privilege return utils.run_as_root(main)
def delete_configs(self): def main(): for f in os.listdir(paths.OVPN_CONFIGS): file_path = os.path.join(paths.OVPN_CONFIGS, f) try: if os.path.isfile(file_path): os.unlink(file_path) elif os.path.isdir(file_path): shutil.rmtree(file_path) except Exception as e: self.logger.error("Could not delete config file: %s" % e) # Requires root privilege return utils.run_as_root(main)
def remove_autoconnect(): def main(): try: os.remove(paths.AUTO_CONNECT_SCRIPT) logger.info("Auto-connect disabled.") return True except FileNotFoundError: pass except Exception as e: logger.error("Error attempting to remove auto-connect: %s" % e) return False # Requires root priveledge return utils.run_as_root(main)
def remove_global_mac_address(): def main(): try: os.remove(paths.MAC_CONFIG) logger.info( "Global NetworkManager MAC address settings have been removed successfully." ) return True except FileNotFoundError: pass except Exception as e: logger.error( "Could not remove the MAC address settings file '%s': %s" % (paths.MAC_CONFIG, e)) return False # Requires root priveledge return utils.run_as_root(main)
def remove_ipv6(log=True): def main(): try: os.remove(paths.IPV6_SCRIPT) if log: logger.info("IPv6 disable script disabled.") return True except FileNotFoundError: pass except Exception as e: logger.error("Error attempting to remove IPv6 disable script: %s" % e) return False # Requires root privilege return utils.run_as_root(main)
def set_global_mac_address(value): def main(): MIN_VERSION = "1.4.0" nm_version = get_version() if nm_version: if LooseVersion(nm_version) >= LooseVersion(MIN_VERSION): mac_config = configparser.ConfigParser(interpolation=None) mac_config['connection-mac-randomization'] = {} mac_config['connection-mac-randomization'][ 'wifi.cloned-mac-address'] = value mac_config['connection-mac-randomization'][ 'ethernet.cloned-mac-address'] = value try: with open(paths.MAC_CONFIG, 'w') as config_file: mac_config.write(config_file) logger.info( "Global NetworkManager MAC address settings set to '%s'.", value) return True except Exception: logger.error( "Could not save MAC address configuration to '%s'", paths.MAC_CONFIG) return False else: logger.error( "NetworkManager v%s or greater is required to change MAC address settings. You have v%s.", MIN_VERSION, nm_version) return False else: logger.error( "Could not get the version of NetworkManager in use. Aborting." ) return False # Requires root priveledge return utils.run_as_root(main)
def reload_connections(): def main(): try: output = subprocess.run(['nmcli', 'connection', 'reload'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) output.check_returncode() return True except subprocess.CalledProcessError: error = utils.format_std_string(output.stderr) logger.error(error) return False except Exception as ex: logger.error(ex) return False # Requires root privilege return utils.run_as_root(main)
def restart(): def main(): try: output = subprocess.run(['systemctl', 'restart', 'NetworkManager'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) output.check_returncode() logger.info("NetworkManager restarted successfully!") return True except subprocess.CalledProcessError: error = utils.format_std_string(output.stderr) logger.error(error) except Exception as ex: logger.error(ex) return False # Requires root priveledge return utils.run_as_root(main)
def remove_killswitch(log=True): def main(): try: os.remove(paths.KILLSWITCH_DATA) except FileNotFoundError: pass try: os.remove(paths.KILLSWITCH_SCRIPT) if log: logger.info("Network kill-switch disabled.") return True except FileNotFoundError: pass except Exception as e: logger.error("Error attempting to remove kill-switch: %s" % e) return False # Requires root priveledge return utils.run_as_root(main)
def import_connection(file_path, connection_name, username=None, password=None, dns_list=None, ipv6=False): def nmcli_import(): try: # Create a temporary config with the connection name, so we can import the config with its prettified name temp_path = os.path.join(os.path.dirname(file_path), connection_name + '.ovpn') shutil.copy(file_path, temp_path) except Exception as ex: logger.error("Failed to copy configuration file: %s" % ex) return False try: output = subprocess.run([ 'nmcli', 'connection', 'import', 'type', 'openvpn', 'file', temp_path ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) os.remove( temp_path) # Remove the temporary renamed config we created output.check_returncode() except subprocess.CalledProcessError: error = utils.format_std_string(output.stderr) logger.error("Could not add options to the connection: %s" % error) except Exception as ex: logger.error(ex) return False if not utils.run_as_root(nmcli_import): return False # Populate all connection options into connection_options connection_options = { '+vpn.secrets': ['password='******'+vpn.data': ['username='******'password-flags=0'], '+connection.permissions': ['user:'******'ipv6.method'] = ['ignore'] if dns_list: dns_string = ';'.join(map(str, dns_list)) connection_options['+ipv4.dns'] = [dns_string] connection_options['+ipv4.ignore-auto-dns'] = ['true'] try: for location, values in connection_options.items(): for value in values: output = subprocess.run([ 'nmcli', 'connection', 'modify', connection_name, location, value ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) output.check_returncode() return True except subprocess.CalledProcessError: error = utils.format_std_string(output.stderr) logger.error("Could not add options to the connection: %s" % error) return False except Exception as ex: logger.error(ex) return False