Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Should it block traffic if I disconnect from VPN manually? #31

Open
JonLaliberte opened this issue Apr 16, 2022 · 7 comments
Open

Should it block traffic if I disconnect from VPN manually? #31

JonLaliberte opened this issue Apr 16, 2022 · 7 comments

Comments

@JonLaliberte
Copy link

I was testing this today, and maybe I'm misunderstanding and this is expected behavior?

My Test:

  • Connect via WiFi (only).
  • Connected to VPN (L2TP over IPSec).
  • Ran sudo killswitch -e.
  • Received "killswitch enabled"
  • Disconnect VPN manually.
  • Tested WiFi, it was working as normal (using public IP).
@nbari
Copy link
Member

nbari commented Apr 16, 2022

hi @JonLaliberte if you disconnect the VPN there should be no traffic going out (if killswitch is enabled)

@JonLaliberte
Copy link
Author

@nbari I thought so. Anything I should check to see what is happening?

When testing I confirmed I was connected via the VPN (VPN connection also had the setting enabled to send all traffic through it if that matters).

Does the order of the networks in network settings matter?

@nbari
Copy link
Member

nbari commented Apr 18, 2022

If you run killswitch -leak ping can work

@JonLaliberte
Copy link
Author

Tested as described.
I'm traveling and connecting to my home network VPN.
Pinging 1.1.1.1 always worked. myip.country showed the changed public IP from/to my home IP when disconnecting/connecting to the VPN.

Here is the output from killswitch if it helps:

~ sudo killswitch -e
Interface  MAC address         IP
en0        18:3e:ef:ab:47:11   192.168.67.154/24
ppp0                           192.168.2.6

Public IP address: xxx.xxx.xxx.xxx
PEER IP address:  xxx.xxx.xxx.xxx

# --------------------------------------------------------------
# Loading rules
# --------------------------------------------------------------
No ALTQ support in kernel
ALTQ related functions disabled
block drop all
block drop out quick inet6 all
pass inet proto udp from any to 224.0.0.0/4 keep state
pass inet proto udp from 224.0.0.0/4 to any keep state
pass inet from any to 255.255.255.255 flags S/SA keep state
pass inet from 255.255.255.255 to any flags S/SA keep state
pass on en0 proto udp from any port 67:68 to any port 67:68 keep state
pass on en0 inet proto tcp from any to xxx.xxx.xxx.xxx flags S/SA keep state
pass on en0 inet proto udp from any to xxx.xxx.xxx.xxx keep state
pass on ppp0 all flags S/SA keep state

killswitch enabled

@qudwill
Copy link

qudwill commented Jun 5, 2022

I have similar issue.

Is there any way how I can debug it and found the problem why it doesn't block connection when VPN is disabled?

Thank you.

@nbari
Copy link
Member

nbari commented Jun 5, 2022

If VPN goes down no traffic should be going out (if the killswitch is enabled), the way you can test/debug is experimenting directly with the PF rules

@KeramxD
Copy link

KeramxD commented Jan 4, 2023
edited
Loading

Same here. When I disable NordVPN, https://myip.country/ shows my public IP. Is there any solution?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@nbari @JonLaliberte @KeramxD @qudwill