How to Secure IP Binding for Linux

For more info and other scripts regarding IP binding on linux, please see:

This script allows Secure IP Binding for Linux:

#!/bin/bash cd `dirname $0` if $1 == '-l' then   curl -s "http://vpn.hidemyass.com/vpnconfig/countries.php" else   sudo iptables -F   COUNTRY=`echo $1 | sed 's/ /+/g'`   curl -s "http://vpn.hidemyass.com/vpnconfig/client_config.php?win=1&loc=$COUNTRY" > client.cfg # Allow traffic to any HMA server.   for remote in `cat client.cfg | awk '/remote [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/ { print $2; }'`;   do     REMOTE_IP=`echo $remote | cut -d ':' -f 1`     sudo iptables -A INPUT -s $REMOTE_IP -j ACCEPT   done   # Allow local traffic.   sudo iptables -A INPUT -s 10.0.0.0/8 -j ACCEPT   sudo iptables -A INPUT -s 172.16.0.0/12 -j ACCEPT   sudo iptables -A INPUT -s 192.168.0.0/16 -j ACCEPT   # Disallow everything else.   sudo iptables -A INPUT ! -i tun+ -j DROP # Allow traffic from any HMA server.   for remote in `cat client.cfg | awk '/remote [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/ { print $2; }'`;   do     REMOTE_IP=`echo $remote | cut -d ':' -f 1`     sudo iptables -A OUTPUT -d $REMOTE_IP -j ACCEPT   done   # Allow local traffic.   sudo iptables -A OUTPUT -d 10.0.0.0/8 -j ACCEPT   sudo iptables -A OUTPUT -d 172.16.0.0/12 -j ACCEPT   sudo iptables -A OUTPUT -d 192.168.0.0/16 -j ACCEPT   # Disallow everything else.   sudo iptables -A OUTPUT ! -o tun+ -j DROP   sudo openvpn --config client.cfg --auth-user-pass client.cred --daemon fi

Note that this Script requires a username/password auth-user-pass file called "client.cred" in the working directory of the script.

It should be formatted thusly:

YourUserName
YourPassword

Type "man openvpn" for more information.