You are not logged in.
Hello,
I use Mullvad as my VPN provider, using OpenVPN config files imported into NetworkManager. And it works just fine.
But from time to time (once in a month or two), the VPN is disconnected. I don't know why for the moment, but I'll definitely investigate that when I have some more time.
So I'd need a kill switch (= no connection allowed if the VPN is disconnected). Mullvad provides one on the following page : OpenVPN installation on Linux.
sudo iptables -P OUTPUT DROP
sudo iptables -A OUTPUT -o tun+ -j ACCEPT
sudo iptables -A INPUT -i lo -j ACCEPT
sudo iptables -A OUTPUT -o lo -j ACCEPT
sudo iptables -A OUTPUT -d 255.255.255.255 -j ACCEPT
sudo iptables -A INPUT -s 255.255.255.255 -j ACCEPT
sudo iptables -A OUTPUT -o eth+ -p udp -m multiport --dports 53,1300:1302,1194:1197 -d 185.213.152.0/24,185.65.134.0/24,185.65.135.0/24,193.138.219.0/24,193.138.218.0/24,185.213.154.0/24 -j ACCEPT
sudo iptables -A OUTPUT -o eth+ -p tcp -m multiport --dports 53,443 -d 185.213.152.0/24,185.213.154.0/24,193.138.218.0/24,185.65.134.0/24,185.65.135.0/24,193.138.218.0/24 -j ACCEPT
sudo iptables -A OUTPUT -o eth+ ! -d 193.138.218.74 -p tcp --dport 53 -j DROP
sudo ip6tables -P OUTPUT DROP
sudo ip6tables -A OUTPUT -o tun+ -j ACCEPTBut this kill switch uses iptables, and I'm not familiar with it. In particular, this kill switch prevents my shared folders (shared with Samba) to be accessible from my local network, and, despite many attempts, I haven't been able to solve this problem. Furthermore, I don't like to use some code that I don't fully understand. So I'd rather use Uncomplicated FireWall (ufw).
I don't have any problem with the last lines ; but could anyone help me to "convert" the first 6 lines from iptables rules to ufw rules ?
Thanx for any help !
Offline