I want to use the script given in this article (https://www.reddit.com/r/VPN/comments/43djk3/generic_kill_switch_script_for_openvpn_linux/) but the below line in the script, which finds IP address of VPN server always sees the same IP whether I am connected to VPN or not.
# Determine the server IP address after DNS resolution.
vpn_server_ip_address=$(ip route show | tail -1 | cut -d ' ' -f 1)
Here is the output of command ip route show when I am connected to VPN:
default via 10.31.1.5 dev tun0 proto static metric 50
default via 192.168.0.1 dev wlan0 proto static metric 600
10.31.1.1 via 10.31.1.5 dev tun0 proto static metric 50
10.31.1.5 dev tun0 proto kernel scope link src 10.31.1.6 metric 50
66.55.135.219 via 192.168.0.1 dev wlan0 proto static metric 600
169.254.0.0/16 dev wlan0 scope link metric 1000
192.168.0.0/24 dev wlan0 proto kernel scope link src 192.168.0.6 metric 600
When not connected to VPN:
default via 192.168.0.1 dev wlan0 proto static metric 600
169.254.0.0/16 dev wlan0 scope link metric 1000
192.168.0.0/24 dev wlan0 proto kernel scope link src 192.168.0.6 metric 600
Any help?
You can also use
curl checkip.amazonaws.com
AWS service, so unlikely to go down on you, like your neighbour’s wife.
Thanks for the reply. Could you please look into this script(#!/bin/bash# Check that OpenVPN is actually running.running=$(ps -e | grep - Pastebin.com) as why I am not able to browse(my browser says I am offline) when connected to VPN after running this script.
Here is the original script (https://www.reddit.com/r/VPN/comments/43djk3/generic_kill_switch_script_for_openvpn_linux/) and I updated it based on your reply.
Haha Thanks!
Thanks for the reply. Could you please look into this script(#!/bin/bash# Check that OpenVPN is actually running.running=$(ps -e | grep - Pastebin.com) as why I am not able to browse(my browser says I am offline) when connected to VPN after running this script.
Here is the original script (https://www.reddit.com/r/VPN/comments/43djk3/generic_kill_switch_script_for_openvpn_linux/) and I updated it based on your reply.
try removing the /ip from the end of curl ifconfig.me
curl ifconfig.me/ip failed when I tested it from the command line.
Tried removing ‘/ip’ from the script but still same the result.
Here is how I am doing:
1.Connect to VPN
2.Run the script (#!/bin/bash# Check that OpenVPN is actually running.running=$(ps -e | grep - Pastebin.com) by removing ‘/ip’
3.I get the confirmation message saying Now only allowing traffic through the VPN server at 173.239.210.23.
But still I am not able to access internet. Any help?
Try this script.
https://www.reddit.com/r/VPN/comments/2vxrey/is_there_a_way_to_set_up_ubuntu_so_that_it_will/comog21/
I just tested this one and it is working for me. I see that the script you are using only allows UDP. The script that I am testing allows IP, so any port, but to the VPN.
Put the script into a text editor and put all of your VPN IP Addresses in it.
That way you can very quickly test changes by copying and pasting from your text file.
sudo ufw enable
sudo ufw status
sudo ufw status verbose
sudo ufw disable
Hopefully this helps.
This script looks safer too. Zero packets get out of or into your workstation if they are not one of the VPN IP Addresses. Then after the tunnel comes up it works like it should. I verified this by disconnecting the VPN. Nothing worked, except connecting back to one of the VPN’s in the list.
Thank you for your time. Which script you are referring to? (#!/bin/bash# Check that OpenVPN is actually running.running=$(ps -e | grep - Pastebin.com) or (https://www.reddit.com/r/VPN/comments/2vxrey/is_there_a_way_to_set_up_ubuntu_so_that_it_will/comog21/) ?
I did the below commands in terminal
1.sudo ufw default deny outgoing
2.sudo ufw default deny incoming
But I am still able to access internet, shouldn’t it block everything?
Please ignore my above comment. I think it is working and I just need to play around with it to get what I need. Appreciate your time. Thanks!
Yes, but only after you type
sudo ufw enable
Then verify the firewall rules with
sudo ufw status
sudo ufw status verbose
You are very welcome. Thank you for motivating me to teach myself this today, so that I could help you out. This also helped me to secure my workstation.