dietpi-nordvpn killswitch?

Having issues with your DietPi installation, or, found a bug? Post it here.
Post Reply
vbarter
Posts: 13
Joined: Mon Feb 17, 2020 10:15 am

dietpi-nordvpn killswitch?

Post by vbarter »

Hey how do I setup the script command if the vpn connection is ended? I see the Down script and when I enter:

sudo service transmission-daemon stop
reboot

Is this enough for a killswitch?
trendy
Posts: 119
Joined: Tue Feb 25, 2020 2:54 pm

Re: dietpi-nordvpn killswitch?

Post by trendy »

Why do you reboot? Isn't the tunnel supposed to keep trying to reconnect?
vbarter
Posts: 13
Joined: Mon Feb 17, 2020 10:15 am

Re: dietpi-nordvpn killswitch?

Post by vbarter »

trendy wrote: Tue Jun 16, 2020 9:45 am Why do you reboot? Isn't the tunnel supposed to keep trying to reconnect?
I’m torrenting so I need a kill switch
trendy
Posts: 119
Joined: Tue Feb 25, 2020 2:54 pm

Re: dietpi-nordvpn killswitch?

Post by trendy »

I understood that, but you are already stopping the transmission. If you reboot it will start again.
hd888
Posts: 21
Joined: Fri Apr 06, 2018 2:56 pm

Re: dietpi-nordvpn killswitch?

Post by hd888 »

You'll probably have to look up how to write that into ip tables. Tons of info on it out there.
User avatar
Ode
Posts: 9
Joined: Thu Jul 02, 2020 3:06 pm

Re: dietpi-nordvpn killswitch?

Post by Ode »

I currently use this as a "kill switch".
ufw to only allow web traffic out Tun0. So if the VPN (Tun0) goes down, internet traffic will stop.
I added a follow up rule to always allow local network traffic so that we can access the pi at any time.
dietpi-nordvpn is ofcourse set to autostart.

example

Code: Select all

sudo ufw status verbose
Status: active
Logging: on (low)
Default: allow (incoming), deny (outgoing), disabled (routed)
New profiles: skip

To                         		Action      		From
--                         		------      		----
Anywhere                   	ALLOW OUT   	Anywhere on tun0
1194/udp                   	ALLOW OUT   	Anywhere
53                         		ALLOW OUT   	Anywhere
192.168.178.0/24           	ALLOW OUT   	Anywhere
224.0.0.0/24               	ALLOW OUT   	Anywhere
239.0.0.0/8                	ALLOW OUT   	Anywhere
Anywhere (v6)              	ALLOW OUT   	Anywhere (v6) on tun0
1194/udp (v6)              	ALLOW OUT   	Anywhere (v6)
53 (v6)                    		ALLOW OUT   	Anywhere (v6)


some permissions allow traffic to build the tunnel (port 1194/udp in my case) and port 53 for name resolution.

seems to work OK, but i'm still learning...
aftensleuk
Posts: 30
Joined: Sun Jul 21, 2019 8:27 pm

Re: dietpi-nordvpn killswitch?

Post by aftensleuk »

First, google how to install and enable UFW.

Then follow;

https://www.reddit.com/r/nordvpn/commen ... dns_leaks/

I am not torrenting anything I need privacy for, or using NordVPN. But I am using UFW to killswitch in case my Mullvad VPN (www.mullvad.net) goes down. It's working flawlessly.
Post Reply