Due to lazyiness I have not yet set up a NordVPN VPN connection on IPFire, but for the next best thing, I went for the IPFire proxy server to forward everything to NordVPN proxies.
And I wanted to share here how I did this, if someone else would ever want to do this… And of course I’m open for improvements:
Make sure you have IPfire proxy configured and enabled
Create a file
/var/ipfire/proxy/advanced/acls/include.aclto configure squid to forward everything to NordVPN, except for internal networks:
cache_peer be145.nordvpn.com parent 80 3130 default no-query login=<nordvpn_account>:<nordvpn_password> always_direct allow IPFire_ips IPFire_networks never_direct allow all
<nordvpn_account>:<nordvpn_password>needs to be changed by your own NordVPN credentials. You can leave the server as is for the moment.
Create an hourly cronjob to check for the ‘best’ server to use according to NordVPN and update IPFire proxy with it: Create the file
#!/bin/bash # Retrieve best server according to nordvpn best_server=$(curl -s https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations | python -c 'import json,sys;obj=json.load(sys.stdin);print obj["hostname"]') # If result contains a nordvpn server (rudimentary check), put it in squid config echo $best_server | grep "nordvpn.com" && sed -i "s/[a-z0-9]\+\.nordvpn\.com/$best_server/g" /var/ipfire/proxy/advanced/acls/include.acl # and reconfigure squid squid -k reconfigure
and make the file executable with
chmod ug+x /etc/fcron.daily/squid-nordvpn-updater
Now run the script for a first time manually to activate forwarding to NordVPN. The nordvpn server in the
acl-file will be updated to a server best for you at that moment and squid will be reloaded.
I hope this helps someone. And please comment on/suggest improvements as you see fit.