wifi-updown v1.0 [05 Feb 2025] by Dominic
Description
wifi-updown.sh brings up or takes down a wifi network interface depending on whether there is a live wired network interface. For use under GNU/Linux. Intended to be run at boot time (e.g. from /etc/rc.local) as a way to reduce the attack surface for a machine which has both wired and wifi interfaces connecting to the same network.
wifi-updown.sh can be run by a non-root user to show the situation, but not to make changes.
Notes
1. Taking down the wifi interface with wifi-updown.sh may leave the machine with no default route, so that DNS lookups fail - to check/fix this, run https://www.timedicer.co.uk/programs/help/routefix.sh.php after wifi-updown.sh.
2. To maintain consistent initial wifi state at boot time (i.e. on), and prevent it from being flipped by systemd, you may also need to specify kernel command line parameter 'systemd.restore_state=0' (e.g. by setting/modifying GRUB_CMDLINE_LINUX_DEFAULT in /etc/default/grub)
Options
-h show this help and exit
-l show changelog and exit
-q be a little quieter (i.e. no header)
Exit Codes
A non-zero exit code indicates a problem. Wifi is enabled using 'rfkill' then 'ip link', and disabled using the same in reverse order. Where a change is attempted, the exit code for wifi-updown.sh is 10 x the exit code from 'rfkill' plus the exit code from 'ip link'.
Dependencies
logger[util-linux] rfkill[util-linux]
License
Copyright © 2025 Dominic Raferd. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at https://www.apache.org/licenses/LICENSE-2.0. Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Changelog
1.0 [05 Feb 2025] - add a message at the end of the datetime that it finished, add datetime for each loop
0.9 [18 Jan 2025] - add a loop so that a transient change can be auto-corrected, fix for change in 'ip link show' text output
0.8 [26 Oct 2023] - minor changes to exit codes and to help text, full shellcheck conformity
0.7 [09 Oct 2023] - add display of start date/time
0.6 [28 Apr 2022] - small change to help text
0.5 [07 Jun 2020] - recognise any device with name beginning with 'w' as wifi
0.4 [30 Jan 2020] - add use of rfkill (as well as ip link set up/down)
0.3 [19 Dec 2019] - remove dependency on ifup/ifdown
0.2 [09 Nov 2018] - first public release
0.1 [05 Nov 2018] - first version with help/changelog
Download wifi-updown.sh
Donation
I have provided this software free gratis and for nothing. If you would like to thank me with a contribution, please let me know and I will send you a link. Thank you!
My Other Sites
- TimeDicer - Onsite/offsite data backup for Windows (uses rdiff-backup)
- Finding a 4D Backup Solution
- Web Scraping How To - extracting data from web sites
My Programs
Here is a selection of some (other) programs I have written, most of which run under GNU/Linux from the command line (CLI), are freely available and can be obtained by clicking on the links. Dependencies are shown and while in most cases written and tested on an x86-based Linux server, they should run on a Raspberry Pi, and many can run under Windows using Windows Subsystem for Linux (WSL) or Cygwin. Email me if you have problems or questions, or if you think I could help with a programming requirement.
Backup Utilities
- TimeDicer - Onsite/offsite data backup for Windows (uses rdiff-backup) [ GNU/Linux & MS Windows©: 2008-20 ]
- rdiff-backup-regress - GNU/Linux script to regress an rdiff-backup archive. [ GNU/Linux: 2012-25 ]
Debian/Ubuntu kernel and LVM Utilities
- kernel-remove - GNU/Linux script to list the installed GNU/Linux kernels in a Debian-based distro (e.g. Ubuntu), and can be used to remove an unwanted kernel and related packages, updating grub appropriately. [ GNU/Linux-Debian/Ubuntu: 2010-24 ]
- lvm-usage - GNU/Linux script to show available disk space and how it is used; run as cron job to warn if usage is above a set percentage. Provides additional information if LVM is in use. [ GNU/Linux: 2012-25 ]
- lvm-delete-snapshot - GNU/Linux script to remove LVM snapshot that has been left over by another process. [ GNU/Linux: 2012-21 ]
- netnames - GNU/Linux script shows current name, biosdevname and 'predictable name' of network device - helps with network device name scheme migration. [ GNU/Linux-Debian/Ubuntu: 2020-20 ]
- lv-convert2cache - GNU/Linux script to convert an existing LV into a cache LV using a smaller faster device as a cache. [ GNU/Linux: 2022-25 ]
Miscellaneous Programs
- sleepwalker - Windows© program which can be run from a remote machine to 'wake up' a Windows© machine behind a router, wait for it to start and then initiate Remote Desktop session. [MS Windows©: 2008-22]
- numliststat - GNU/Linux program giving statistical value(s) for a piped-in list of numbers. [ GNU/Linux: 2022-24 ]
- relay-enforcer - GNU/Linux program enabling a postfix-based mail server relaying to Gmail to act on reports from Gmail about blocked emails. [ GNU/Linux: 2016-25 ]
- pdf-compress - GNU/Linux program to create smaller b/w pdf file from an original large pdf file, especially when original resulted from scanning. [ GNU/Linux: 2016-26 ]
- tiny-device-monitor - GNU/Linux program to test webpages (including password-protected) or machines to check they are live; use as a cron job for your own websites, for hardware presenting a webpage, or for any machines with a presence on your local LAN or on the internet. [ GNU/Linux: 2009-24 ]
- form-extractor - GNU/Linux program to extract form tags from a web page or downloaded file. [ GNU/Linux: 2012-24 ]
- mythic-dns-sync - GNU/Linux program to update DNS record at mythic-beasts.com to match local external ip. [ GNU/Linux: 2016-23 ]
- saynoto0870 - For UK, a GNU/Linux script which performs automated lookup of the www.saynoto0870.com database, finding cheap or free geographic number replacements for expensive non-geographic (087* or 084*) numbers. [ GNU/Linux: 2012-12 ]
- bind9-resolved-switch - GNU/Linux program for switching permanently between using bind9 or systemd-resolved as the system DNS resolver. [ GNU/Linux: 2016-24 ]
- unlock - GNU/Linux remote program for easy entering of decrypt passphrase on a remote machine which has root dm-crypt+LUKS. [ GNU/Linux: 2017-18 ]
- routefix - GNU/Linux program to restore a default ip traffic route if there is none such (e.g. after running wifi-updown). [ GNU/Linux: 2018-23 ]
- dutree - GNU/Linux program to show a tree-style list of files and directories at the specified location which are greater than the specified size (default 1GB). [ GNU/Linux: 2012-24 ]
- Accounts - Multi-business multi-currency accounting software, uses Access [MS Windows©: 1996-2025]
- Rents Program - Residential lettings/landlord front office program, with many special features for UK market [MS Windows©: 1991-2025]
This section is closed. If you have a question, please submit it by email, thank you.