Hey how do I setup the script command if the vpn connection is ended? I see the Down script and when I enter:
sudo service transmission-daemon stop
reboot
Is this enough for a killswitch?
Why do you reboot? Isn’t the tunnel supposed to keep trying to reconnect?
I’m torrenting so I need a kill switch
I understood that, but you are already stopping the transmission. If you reboot it will start again.
You’ll probably have to look up how to write that into ip tables. Tons of info on it out there.
I currently use this as a “kill switch”.
ufw to only allow web traffic out Tun0. So if the VPN (Tun0) goes down, internet traffic will stop.
I added a follow up rule to always allow local network traffic so that we can access the pi at any time.
dietpi-nordvpn is ofcourse set to autostart.
example
sudo ufw status verbose
Status: active
Logging: on (low)
Default: allow (incoming), deny (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
Anywhere ALLOW OUT Anywhere on tun0
1194/udp ALLOW OUT Anywhere
53 ALLOW OUT Anywhere
192.168.178.0/24 ALLOW OUT Anywhere
224.0.0.0/24 ALLOW OUT Anywhere
239.0.0.0/8 ALLOW OUT Anywhere
Anywhere (v6) ALLOW OUT Anywhere (v6) on tun0
1194/udp (v6) ALLOW OUT Anywhere (v6)
53 (v6) ALLOW OUT Anywhere (v6)
some permissions allow traffic to build the tunnel (port 1194/udp in my case) and port 53 for name resolution.
seems to work OK, but i’m still learning…
First, google how to install and enable UFW.
Then follow;
https://www.reddit.com/r/nordvpn/comments/9752fq/nordvpn_for_linux_kill_switch_and_stop_dns_leaks/
I am not torrenting anything I need privacy for, or using NordVPN. But I am using UFW to killswitch in case my Mullvad VPN (www.mullvad.net) goes down. It’s working flawlessly.