UFW VPN Killswitch doesn´t work, stopps all traffic?

KorkyBuchek

6/17/23, 10:35 AM

So Nordvpn's new update basically messed up the killswitch and I wanted to set up one myself in order to maintain some basic privacy.

I followed this guide mainly: https://adamtheautomator.com/linux-killswitch/ but after it didn't work I tried other things as well.

The OVPN files used are downloaded form NordVPN's site

Here are my firewall rules:

Logging: on (low)
Default: allow (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW IN    Anywhere                  
5901:5910/tcp              ALLOW IN    Anywhere                  
Anywhere on tun0           ALLOW IN    Anywhere                  
1198/udp                   ALLOW IN    Anywhere                  
1194/udp                   ALLOW IN    Anywhere                  
22/tcp (v6)                ALLOW IN    Anywhere (v6)             
5901:5910/tcp (v6)         ALLOW IN    Anywhere (v6)             
Anywhere (v6) on tun0      ALLOW IN    Anywhere (v6)             
1198/udp (v6)              ALLOW IN    Anywhere (v6)             
1194/udp (v6)              ALLOW IN    Anywhere (v6)             

37.120.212.3 1194/udp      ALLOW OUT   Anywhere                  
Anywhere                   ALLOW OUT   Anywhere on tun0          
1198/udp                   ALLOW OUT   Anywhere                  
1194/udp                   ALLOW OUT   Anywhere                  
37.120.212.3               ALLOW OUT   Anywhere on wlp2s0        
37.120.212.3               ALLOW OUT   Anywhere on enp3s0        
Anywhere (v6)              ALLOW OUT   Anywhere (v6) on tun0     
1198/udp (v6)              ALLOW OUT   Anywhere (v6)             
1194/udp (v6)              ALLOW OUT   Anywhere (v6)

Now I have outgoing traffic on so I can connect to the internet and write this obviously.

But as soon as I turn outgoing traffic off I have no internet at all except on Telegram. Browsers don´t work at all.

When I do open up outgoing traffic the VPN connection works ,however it leaks my DNS. And also it doesn´t act as a killswitch...

Also I am on Linux since a few weeks now so I don´t really understand what's going on but I'd definitely appreciate any help I can get.

Thank you in advance

0 + 0

firewall

vpn

internet

privacy

David

6/17/23, 4:18 PM

Sounds like a Nord VPN issue nothing to do with the OS. Ask them. For future reference all questions need to include the version of Ubuntu you are using.

Sebastian

6/17/23, 8:48 PM

You should maybe also show the script you use to set up those rules. And it's not really clear to me what your problem is. What do you mean by "it leaks my DNS"? And how are you determining that it doesn't act as a killswitch? Why is it surprising you that you have no connection if you turn outgoing traffic off (and where and how do you do that)?

KorkyBuchek

6/18/23, 9:07 AM

Hi thanks for your answer. I am running 21.10. For setting up the rules I used this guide: https://adamtheautomator.com/linux-killswitch/ So openVPN did work when I allowed outgoing traffic but it leaked my DNS. I went to a few sites testing DNS leaks and they confirmed it. Also, when all outgoing traffic is allowed, once I turn off the OpenVPN then it still connects and exposes my IP, meaning killswitch doesn´t work. If outgoing traffic is blocked systemctl shows ¨active¨ but nothing loads except Telegram.

Sebastian

6/18/23, 10:00 PM

Maybe you did something wrong following that tutorial. If you allow all outgoing traffic, I would of course expect that it continues to let traffic through once the VPN disconnects. You should only allow traffic through the VPN interface (usually tun0 or similar) and to the VPN server you connect to for a couple of ports. Which ports are needed depends a little bit on the provider, you should find the information in the *.ovpn files.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: UFW VPN Killswitch doesn´t work, stopps all traffic?

TH: UFW VPN Killswitch ใช้งานไม่ได้ หยุดการรับส่งข้อมูลทั้งหมดหรือไม่

RO: UFW VPN Killswitch nu funcționează, oprește tot traficul?

RU: UFW VPN Killswitch не работает, останавливает весь трафик?

VI: UFW VPN Killswitch không hoạt động, dừng tất cả lưu lượng truy cập?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.