[Bug 1264] New: Killswitch VPN don't work
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Wed Jun 27 08:48:21 CEST 2018
https://bugzilla.netfilter.org/show_bug.cgi?id=1264
Bug ID: 1264
Summary: Killswitch VPN don't work
Product: iptables
Version: 1.6.x
Hardware: x86_64
OS: Ubuntu
Status: NEW
Severity: enhancement
Priority: P5
Component: iptables
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: mtzseb at yahoo.fr
Hello,
I just changed PC, and I would like to do as on the old: cut any internet
stream if the VPN server falls (killswitch).
On my other machines, I had no problem. But on the new, a fresh install, I can
not properly change my rules in Iptables (1.6.1) ...
To start, Iptables-persistent is not installed, /etc/iptables/ is empty, and
ufw is inactive (checked in its conf file)
At startup, everything is OK, internet works perfectly, VPN in function or not.
iptables -P OUTPUT DROP closes any outbound connection as expected
iptables -A OUTPUT -p udp -m multiport -dport 53,1194 -j ACCEPT to allow
outgoing traffic to openvpn and dns servers in udp protocol
iptables -A OUTPUT -o tun + -j ACCEPT to allow outgoing traffic over the VPN
connection
iptables -A OUTPUT -d 192.168.1.1/24 -j ACCEPT and iptables -A INPUT -s
192.168.1.0/24 -j ACCEPT to allow traffic on the local network (minidlna, wifi
printer ...)
service network-manager restarted to restart the connection
Nothing works after that, not even way to go back after an iptables -F then
iptables -X, forced to reboot.
On my other machines (same Kubuntu version, but upgraded from oldest, this is
the only difference I can see), the commands work perfectly. I do not
understand what I could break on my new PC. An idea ?
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180627/0e5e83b1/attachment.html>
More information about the netfilter-buglog
mailing list