Created
December 11, 2023 01:46
-
-
Save adamz01h/88ea567e3ac67f76c8bc6da3a3b2da38 to your computer and use it in GitHub Desktop.
ovpn_kill_switch.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Allow traffic all around the local subnet | |
| ufw allow in to 192.168.1.0/24 | |
| ufw allow out to 192.168.1.0/24 | |
| ## Default deny traffic rules | |
| ufw default deny outgoing | |
| ufw default deny incoming | |
| ## Allow connections to the OpenVPN Server on the specific port/protocol | |
| ufw allow out to 12.34.56.78 port 1194 proto udp | |
| ## Allow connections via the tunnel - confirm tunnel interface with `ip addr | grep inet` | |
| ufw allow out on tun0 from any to any | |
| ufw allow in on tun0 from any to any | |
| ## Enable the VPN Kill Switch | |
| ufw enable | |
| ## Check the firewall rules | |
| ufw status | |
| ## Test by starting/stopping the VPN tunnel | |
| systemctl stop [email protected] | |
| ping 1.1.1.1 | |
| systemctl start [email protected] | |
| ping 1.1.1.1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment