Monday, April 29, 2024
Homepage · networking
 Popular · Latest · Hot · Upcoming
3
rated 0 times [  3] [ 0]  / answers: 1 / hits: 3300  / 1 Year ago, sat, may 6, 2023, 5:10:34

I have a laptop running Ubuntu 12.04 (still waiting for the 14.04.1)

I have set an openvpn network with the network manager.

If the vpn drops the network manager set back its route through the available network interface and the packet are routed through the other networks.

I there a simple way to avoid that ?





After some testing :

A VPN gateway can have many different addresses, you can check that using command 



nslookup VPN_gateway_name


If it is the case, each new request to establish a VPN will use randomly one IP in the address pool. To not change the IP filter at each new connection, one can use the DNS name of the gateway; iptables will set one rule for each IP.



second rule will looks like



 sudo iptables -A OUTPUT -d your_vpn_gateway_dns_name -j ACCEPT

More From » networking
 Answers
5

Iptables will do this



sudo iptables -A OUTPUT -o tun0 -j ACCEPT

sudo iptables -A OUTPUT -d your_vpn_gateway_ip -j ACCEPT

sudo iptables -A OUTPUT -d 127.0.0.0/8 -j ACCEPT

sudo iptables -A OUTPUT -j REJECT


Assuming all output is going to the VPN. Note: Depending on your network, you traffic can be monitored via various tools such as wireshark, sort, etc.


[#24117] Monday, May 8, 2023, 1 Year  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
tresein
Add To Favorites
Follow
Total Points: 197
Total Questions: 113
Total Answers: 112
Location: Hungary
Member since Wed, Nov 9, 2022
2 Years ago
tresein questions
Tue, Jun 28, 22, 17:57, 2 Years ago
Sun, Apr 3, 22, 07:11, 2 Years ago
Thu, Feb 3, 22, 18:03, 2 Years ago
Sat, Oct 23, 21, 08:56, 3 Years ago
Sat, May 13, 23, 13:00, 1 Year ago
View All
;