Open djmwj opened 5 years ago
What is the purpose of iptables -A OUTPUT -o "$vpn_device_name" -p icmp -j ACCEPT
? Is it not included in iptables -A OUTPUT -o "$vpn_device_name" -j ACCEPT
?
Good catch, with iptables -A OUTPUT -o "$vpn_device_name" -j ACCEPT
the other is redundant. I will update the pull request. Thanks!
Is this at a point where it could be tested as a beta feature? When tried to clone what I thought was this release using
git clone "https://github.com/djmwj/protonvpn-cli"
It doesn't seem to have the -killswitch option. I'd love to test it as protonvpn is becoming less and less reliable and I need a way to prevent leakage. Even if there are issues that require my manual intervention to get the connection going again that is MUCH better than losing my connection daily and not knowing that it dropped for hours sometimes.
You have to run again sudo protonvpn-cli.sh --init
in the cloned directory, and choose "yes" for killswitch, or you can simply do a sudo touch ~/.protonvpn-cli/.enable_killswitch
.
Then, be sure to use this script, by reinstalling it, or running it in the cloned directory.
Thank you. I thought I had done that but obviously I missed that. I'm thinking I possible didn't uninstall the other version first or something because when I ran init last time I didn't get the killswitch option. Thanks again for pointing me in the correct direction.
Changes: Update iptables to generate correct rules. Use connection logs to correctly handle openvpn random remote capability. Handle custom DNS with killswitch. Correctly restores iptables on exit.
Also has a commented out capability to allow people to enable network manager network status if desired. There may be better ways to do this however so its commented out for this PR.
Reference Feature request : autostart at boot & killswitch #69