VPN Killswitch
Welcome, Guest.
"When tyranny becomes law, rebellion becomes duty." -Thomas Jefferson

Author Topic: VPN Killswitch  (Read 5077 times)

Offline OmegaSW

  • Jr. Member
  • ***
  • Posts: 55
VPN Killswitch
« on: June 10, 2014, 02:55:08 AM »
When using Private Internet Access, without stopping traffic upon losing connection to the VPN, you're basically still at risk of leaking your ipaddress and dns to the world when browsing the web.

So at this point, the protection is only a placebo.

To combat this, the Windows version and the the Linux beta client for Ubuntu has a vpn kill switch options that blocks all Internet traffic on your computer when the vpn is down.
https://www.privateinternetaccess.com/forum/index.php?p=/discussion/1940/pia-vpn-app-linux-beta/p1

However, since you're a Manjaro advocate, how do you setup your system to protect yourself?

Option 1 Figure out the dependencies on your distro needed to run the Ubuntu client:

For Gentoo, I think this command will satisfy the dependencies needed, but I have yet to try it since it pulls a lot of Gnome 3 stuff, and I want to avoid this:
Code: [Select]
emerge libjpeg-turbo libgail-gnome xssstate libappindicator
wget [url]https://www.privateinternetaccess.com/installer/installer_linux.tar.gz[/url]
tar -xvzf installer_linux.tar.gz
chmod +x installer_linux.sh
./installer_linux.sh


The script will attempt to apt-get the dependencies, so ignore these apt-get related errors since these would be satisfied with the first command.


The binaries installs to your home directory, so to uninstall, just delete it and remove it from your menu.

Option 2 ufw method:
https://www.privateinternetaccess.com/forum/index.php?p=/discussion/3188/kill-switch-for-ubuntu#Item_1

Option 3 iptables method:
http://unix.stackexchange.com/questions/88034/set-up-firwall-with-iptables-to-only-allow-vpn

I'm sure there is better documentation out there, but I think the ufw method is possibly the best choice for me.

What are your thoughts?

edit: I tried the ufw method, but I couldn't get it to work. I give up for now. In a nut shell, I want to make rules to only allow connections through the tun0 interface.
« Last Edit: June 10, 2014, 04:42:20 AM by OmegaSW »
Setup: Netrunner Rolling

Offline Spatry

  • Benevolent Dictator
  • Administrator - Sysop
  • **********
  • Posts: 5860
  • Cup of Linux Founder
    • Cup of Linux
Re: VPN Killswitch
« Reply #1 on: June 10, 2014, 12:12:14 PM »
Seems this happened last night. My VPN went down and it showed I was connected but I could not access the internet at all. I switched to another location and my internet was working again. I do not have the client.
Windows assumes the user is an idiot... Linux DEMANDS Proof!