From 797a1404213173791a5f4126a77ad383ceb00064 Mon Sep 17 00:00:00 2001 From: Christian Cleberg Date: Mon, 4 Mar 2024 22:34:28 -0600 Subject: initial migration to test org-mode --- blog/random-wireguard/index.org | 112 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 112 insertions(+) create mode 100644 blog/random-wireguard/index.org (limited to 'blog/random-wireguard/index.org') diff --git a/blog/random-wireguard/index.org b/blog/random-wireguard/index.org new file mode 100644 index 0000000..162ffc4 --- /dev/null +++ b/blog/random-wireguard/index.org @@ -0,0 +1,112 @@ +#+title: Connecting to a Random Mullvad Wireguard Host on Boot +#+date: 2023-01-23 +#+description: Learn how to connect to a random Mullvad Wireguard host on boot. +#+filetags: :linux: + +* Mullvad Wireguard +If you're using an OS that does not support one of Mullvad's apps, +you're likely using the Wireguard configuration files instead. + +If not, the first step is to visit Mullvad's +[[https://mullvad.net/en/account/#/wireguard-config][Wireguard +configuration files]] page and download a ZIP of the configuration files +you want to use. + +Personally, I downloaded all configuration files across the world and +chose my connections using the script below. + +Once the files are downloaded, unzip them and move them to your +preferred location: + +#+begin_src sh +cd Downloads +unzip mullvad_wireguard_linux_all_all.zip +mkdir ~/mullvad && mv ~/Downloads/*.conf ~/mullvad/ +#+end_src + +*** Creating a Script to Connect to a Random Host +Once you have a folder of Wireguard configuration files from Mullvad, +you can create a script to randomly connect to any one of the locations. + +Start by creating a shell script - mine is called =vpn.sh=. + +#+begin_src sh +nano ~/vpn.sh +#+end_src + +Within this script, you can paste the following info. Note that I +specify =us-*= in my script, which means that it will only consider +US-based VPN locations. You can alter this or simply change it =*= to +consider all locations. + +#+begin_src sh +#!/bin/sh + +ls /home/$USER/mullvad/us-** |sort -R |tail -n 1 |while read file; do + # Replace `doas` with `sudo` if your machine uses `sudo`, + # or remove `doas` if users don't need to su to run wg-quick + doas wg-quick up $file; + printf "\nCreated Mullvad wireguard connection with file: $file"; + printf "\n\nPrinting new IP info:\n" + curl https://am.i.mullvad.net/connected +done +#+end_src + +Once you've modified the script to your liking, add executable +permissions and run the script: + +#+begin_src sh +chmod +x ~/vpn.sh +~/vpn.sh +#+end_src + +The output should look like the following: + +#+begin_src txt +doas (user@host) password: + +# ... The script will process all of the iptables and wg commands here + +Created Mullvad wireguard connection with file: /home/user/mullvad/us-nyc-wg-210.conf + +Printing new IP info: +You are connected to Mullvad (server country-city-wg-num). Your IP address is 12.345.678.99 +#+end_src + +That's all there is to it. You can see your new location and IP via the +=printf= and =curl= commands included in the script. + +You can also go to the [[https://mullvad.net/en/check/][Connection Check +​| Mullvad]] page to see if you are fully connected to Mullvad and if any +leaks exist. + +#+caption: Mullvad Connection Check +[[https://img.cleberg.net/blog/20230123-random-mullvad-wireguard/mullvad_check.png]] + +* Disconnecting from the Wireguard Connection +If you forget which connection you're using, you can execute the +following command to see where Wireguard is currently connected: + +#+begin_src sh +wg show +#+end_src + +This command will show you the Wireguard interfaces and should output a +connection like so: =interface: us-lax-wg-104=. + +Once you have this, just disconnect using that files' full path: + +#+begin_src sh +wg-quick down /home/user/mullvad/us-lax-wg-104.conf +#+end_src + +I have a TODO item on figuring out how to easily export an environment +variable that contains the configuration file's full name, so that I can +just execute the following: + +#+begin_src sh +# Ideal situation if I can export the $file variable to the environment +wg-quick down $file +#+end_src + +If you have an idea on how to do this, email me! -- cgit v1.2.3-70-g09d2