Join Log in
Score:0
avatar Server

Can't add VPN address to UFW killswitch

st flag
Krejko

I am trying to use UFW as a VPN killswitch as outlined in this guide: https://adamtheautomator.com/linux-killswitch/

So far, I have been successful up to the step where I need to restrict outbound traffic only to the VPN.

According to the instructions I should run the following command sudo ufw allow out to <vpn-address> port <vpn-port> proto <vpn-proto>

To get this information, I head the OpenVPN configuration file that was given to me by my VPN service provider which results in

client
remote 97-1-ch.cg-dialup.net 443
dev tun
proto tcp

So the final command I end up running is: sudo ufw allow out to 97-1-ch.cg-dialup.net port 443 proto tcp

This however yields the following error:

ERROR: Bad destination address

I am able to successfully connect to the VPN using this configuration file which begs the question 'why is the provided VPN address a bad destination for UFW?'.

Any help to get past this blocker would be very much appreciated. Thanks!

23
0 + 0
vpn
ufw
A.B avatar
cl flag
A.B
This DNS name resolves into multiple IP addresses. Chances are UFW doesn't like this.
0
Reply
st flag
Krejko
Thanks for the comment, is there a way to work around this?
0
Reply
Score:0
avatar Server
st flag
Krejko

I was able to find the IP address(es) associated with a address by using a DNS checker tool: https://dnschecker.org/

I then picked one of the listed IP addresses and updated my OpenVPN conf and added this to be allowed by UFW. Unlike the hostname provided to dnschecker, the IP address was accepted by UFW.

With these changes made, I was able to test that without the VPN enabled, there is no external network traffic allowed, but with the VPN I am able to reach the internet.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.