1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to block traffic in case VPN drops

Discussion in 'Tomato Firmware' started by jason, May 12, 2011.

  1. jason

    jason Networkin' Nut Member

    I setup openvpn successfully on my Asus N16 router using Tomato, and now all traffic seems to be going through the vpn connection. However, I want to make sure that my ip address is not leaked in case the vpn connection goes down for whatever reason. I tried to google this and found a lot of people saying it's possible by using firewall rules. However, I am a newb with iptables and I couldn't find any useful examples that I can try. Can someone show me some example iptables rules that I can try?

    Thank you very much!
     
  2. SgtPepperKSU

    SgtPepperKSU Network Guru Member

    I think this should do it. It blocks any outgoing traffic not destined for your VPN server.
    Code:
    iptables -t filter -A wanout -d ! <your vpn server> -j DROP
     
  3. jason

    jason Networkin' Nut Member

    I just tried that rule, it blocked everything except those going directly to the vpn server. But that means no internet access at all even when vpn is connected since if I am going to google.com, the destination is google.com even though the traffic is going through the VPN tunnel. Can you think of anything else that could accomplish this? Thanks!
     

Share This Page