Implement kill switch for non-vpn traffic

microbug / docker-cryptostorm-client

Cryptostorm OpenVPN client that runs in a Docker container

MIT License

8 stars 1 forks source link

Implement kill switch for non-vpn traffic #2

Closed microbug closed 5 years ago

microbug commented 6 years ago

If the VPN stops working the container should stop, but in case it doesn't a kill switch may be required. The IP address could be retrieved from api.ipify.org before VPN connection, and if it matches the original (or times out connecting) at any point after the container has connected to the VPN then the container should shut down to prevent non-VPN traffic leaks.

microbug commented 5 years ago

Resolved in commit e97b661428f9d112ccdc7e4aff1f604626c99494.

The container will now exit automatically if the IP matches the IP before connecting to the VPN. There is a 30s delay before the checks begin, to allow openvpn to connect.