This post is a follow-up from the one posted at TheTinHat.com
What we want to ensure is that:
- We connect to our VPN and all traffic goes through it (including DNS).
- If our VPN connection drops there is no leak and it reconnects automatically.
- We can return to not using VPN safely.
We will use two scripts, vpn-firewall.sh and vpn-off.sh. Pleace them under your /home/user/bin folder or anywhere else. Make then executable with
chmod +x vpn-*
- Make sure you have the
- Before opening any app, execute vpn-firewall.sh to connect to the vpn and set up the firewall. This script will monitor your connection and re-connect to VPN if it drops avoiding any leaks. You can stop monitoring using Ctrl + Z.
- If you want to stop using VPN, stop monitoring by Ctrl +Z and execute vpn-off.sh IMPORTANT: Make sure your close all apps first or list them under KILL_APPS on the vpn-off.sh script.
If you want to run vpn-firewall.sh each time you open session, you can create a file vpn-firewall.desktop under
~/.config/autostart/ folder with the following content:
Name=VPN Firewall autostart
Note that this might not work for you since this script needs root access to modify Firewall rules.
7 comments for “VPN Kill switch for Linux – Protect from VPN drops and DNS leaks”