El Rincón del Tío Nuke

Mozilla, software libre, privacidad y más

VPN Kill switch for Linux – Protect from VPN drops and DNS leaks

This post is a follow-up from the one posted at TheTinHat.com

What we want to ensure is that:

  • We connect to our VPN and all traffic goes through it (including DNS).
  • If our VPN connection drops there is no leak and it reconnects automatically.
  • We can return to not using VPN safely.

We will use two scripts, vpn-firewall.sh and vpn-off.sh. Pleace them under your /home/user/bin folder or anywhere else. Make then executable with chmod +x vpn-*

vpn-firewall.sh

vpn-off.sh

Usage:

  • Make sure you have the ufw package installed.
  • Before opening any app, execute vpn-firewall.sh to connect to the vpn and set up the firewall. This script will monitor your connection and re-connect to VPN if it drops avoiding any leaks. You can stop monitoring using Ctrl + Z.
  • If you want to stop using VPN, stop monitoring by Ctrl +Z and execute vpn-off.sh IMPORTANT: Make sure your close all apps first or list them under KILL_APPS on the vpn-off.sh script.

If you want to run vpn-firewall.sh each time you open session, you can create a file vpn-firewall.desktop under ~/.config/autostart/ folder with the following content:

[Desktop Entry]
Name=VPN Firewall autostart
Type=Application
NoDisplay=true
Exec=~/bin/vpn-firewall.sh

Note that this might not work for you since this script needs root access to modify Firewall rules.

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *