Bash script to enable automatically killswitch on NordVPN

Endrit Qerreti

Endrit Qerreti

In this tutorial, we'll write a bash script that will check if nordvpn killswitch is off, and if off it will turn on killswitch again.

Killswitch is a security feature on nordvpn, which protects your ip from getting leaked if the connection is lost on the vpn server that you are connected.  Instead of turning on killswitch manually in cases where it gets turned off or some other issue happens, we are going to write a bash script to do this for us, the script basically will check every second if killswitch is on, and if off it will notify you and set killswitch status to on.

Step 1 - Create killswitch.sh file

killswitch.sh is the name of the bash script, create this file using any text editor. You can also create it using terminal, for example

sudo nano killswitch.sh

This is the file where we are going to write the bash script.

Step 2 - Writing bash script

In this bash script we are checking if nordvpn killswitch is set to on, if not the script will turn it on again.

Basically, the script will run the command nordvpn settings and then will look for the output of the killswitch, since we need only the status of killswitch we are using grep to remove all other characters and scrape only the output.

For example, if you run the command below, you'll get the output of the killswitch status

nordvpn settings | grep -oP '(?<=Kill Switch: ).*'

output

and based on this output as shown on the image above, we are going to proceed to the next step to check if the status returned was enabled or disabled

and if disabled we'll turn on killswitch by running the command

nordvpn set killswitch on

#!/bin/bash


                                     
#Check killswitch state : ON/OFF
killswitch="$(nordvpn settings | grep -oP '(?<=Kill Switch: ).*')"

#Turn on Killswitch if OFF

killswitch_on="nordvpn set killswitch on"



#Check if Killswitch is Enabled
if [[ $killswitch == *disabled* ]]; then

  $killswitch_on >> /dev/null 2>&1 

  echo "Killswitch was turned ON" 

  
  else

  echo "Killswitch is ON" 

  

fi
done
killswitch.sh - with no loop/logs

The script will run only one time, however, we can make it run every 5 seconds or less using the loop function, since the whole point of this script is to set killswitch to ON when it turns OFF, then the ideal setup would be to check every second. However, this also depends on your usage, and you can use loop or run the script via a cronjob.

#!/bin/bash

                                     

while true 
do 
sleep 1
#Check killswitch state : ON/OFF
killswitch="$(nordvpn settings | grep -oP '(?<=Kill Switch: ).*')"

#Turn on Killswitch if OFF
killswitch_on="nordvpn set killswitch on"



#Check if Killswitch is Enabled
if [[ $killswitch == *disabled* ]]; then

  $killswitch_on >> /dev/null 2>&1 

  echo "Killswitch was turned ON" 

  
  else

  echo "Killswitch is ON" 

  

fi
done
killswitch.sh - with loop function without logs

If you think checking every second is a bit excessive,  replace sleep 1 and set your preferred time.

So far we have a working script, but it doesn't have logs, and it doesn't say anywhere when the exact time the killswitch was enabled or disabled. To achieve this, we are going to add the log function, so we can log both actions and save the output to an external file that you can inspect at anytime.

#!/bin/bash

                                     

while true 
do 
sleep 1

#Check killswitch state : ON/OFF
killswitch="$(nordvpn settings | grep -oP '(?<=Kill Switch: ).*')"

#Turn on Killswitch if OFF
killswitch_on="nordvpn set killswitch on"

when="$(date)"




#Check if Killswitch is Enabled
if [[ $killswitch == *disabled* ]]; then
  $killswitch_on >> /dev/null 2>&1 
  echo "Killswitch was turned ON" $when >> logs.txt
  else
  echo "Killswitch is ON" $when >> logs.txt

fi

done
killswitch.sh - with loop function and logs

Now when you run the script, the output will be saved on logs.txt file, which looks like this

Killswitch was turned ON - means killswitch was disabled manually and enabled automatically by the script. This line shows when killswitch was disabled and enabled.

However, it can get confusing when the log file gets too big, it would be better to also log when killswitch was detected as disabled, so you know exactly when it was OFF and when it got enabled.

Now the script and the log file looks more completed.  

#!/bin/bash

                                     

while true 
do 
sleep 1

#Check killswitch state : ON/OFF
killswitch="$(nordvpn settings | grep -oP '(?<=Kill Switch: ).*')"

#Turn on Killswitch if OFF
killswitch_on="nordvpn set killswitch on"

when="$(date)"




#Check if Killswitch is Enabled
if [[ $killswitch == *disabled* ]]; then

  echo "Killswitch is OFF" $when >> logs.txt

  $killswitch_on >> /dev/null 2>&1 

  echo "Killswitch was turned ON" $when >> logs.txt

  
  else

  echo "Killswitch is ON" $when >> logs.txt


fi

done
killswitch.sh - with loop function + more detailed logs

Step 3 - Make killswitch.sh executable

To make killswitch.sh an executable file, run

chmod +x killswitch.sh

If you don't set the right permission you won't be able to run this script.

Step 4 - Run killswitch.sh

Next, after setting the right permissions, execute this script by running the command below

./killswitch.sh

If you run the script when killswitch is already on, you will see a similar output, since script checks every second, then once you disable killswitch manually, the script will enable it automatically and will display the message " Killswitch was turned ON".

logs without date or time

logs with date and time

Conclusion

In this tutorial, we made a bash script to check the state of killswitch of nordvpn, and if killswitch gets disabled , the script will enable it automatically and also save all the output of the commands into a log file.