VPNKillSwitch on github

I was just curious if anybody’s ever tried this

the code looks good

Very honestly, I would not connect any device in a way that it can be accessed from the outside.
If VPN, make it a real VPN connected to your firewall (The way I did it). And use tools provided by the LKinux distribution manufacturer.

1 Like

Thanks for the reply,

i set mine up through a firewall, the firewall only allows it to go out to my vpn server nothing else

1 Like

Iptables?

Actually, I use shorewall (Shoreline firewall) with an own built firewall :} (based on this: https://www.amazon.fr/gp/product/B01GBHC7VA/ref=oh_aui_detailpage_o09_s00?ie=UTF8&psc=1).
With that, openvpn as VPN Software if I need to VPN In. But that is not to access the Media devices, rather my NAS feeding also my media devices.

i used ufw which is an easier version of iptables

jimblazin do you have a configuration reference on how best to acomplish this in ufw?

FYI - shorewall uses iptables and more, and all you need to be able to do, is configure some text-files and read docs. The rest, shorewall will do for you.

The Shorewall makers are a bunch of geeks who use it both in private and professional environment, and they really know what they do.
Check it out yourself: http://shorewall.net/index.html

you will have to install ufw, login as root(if you don’t wanna use root just type sudo before everything)
apt-get install ufw
next you will have to enable ufw
ufw enable
we are going to allow your local network
ufw allow out to YOUR LOCAL IP ADDRESS/24 ufw allow in to YOUR LOCAL IP ADDRESS/24
for example this is what mine looks like
ufw allow out to 10.10.1.0/24 ufw allow in to 10.10.1.0/24
next we will connect to your vpn server(get your servers ip)
ufw allow out to VPN IP ADDRESS port 443 proto udp
we need to allow you to send out on tun0
ufw allow out on tun0
now we will block outgoing connections and incoming connections
ufw default deny outgoing ufw default deny incoming
now test with the vpn off if you can ping google, you should get back operation not permitted. if you get that back reconnect your vpn and try pinging google again and you should get back information. if those last two steps worked then you’re set. This is how i did mine and i have tested it many times and has worked perfect for months.

1 Like

i will take a look at this, thank you for the information