search

vpn-kill-switch / killswitch

VPN kill switch for macOS
https://vpn-kill-switch.com
BSD 3-Clause "New" or "Revised" License
162 stars 15 forks source link

Status Check #17

Closed nlee1131 closed 5 years ago

nlee1131 commented 5 years ago

Could a status tracker be added? Currently (correct me if I'm mistaken) none of the option explicitly tell whether the killswitch is active. I'm using version 0.6.0.

Either way thanks for a great piece of software!

nbari commented 5 years ago

What you could do is check and enable (option -e) the current firewall rules by doing something like:

sudo pfctl -esr

Will show something like:

No ALTQ support in kernel
ALTQ related functions disabled
block drop all
pass inet proto udp from any to 224.0.0.0/4 keep state
pass inet proto udp from 224.0.0.0/4 to any keep state
pass inet from any to 255.255.255.255 flags S/SA keep state
pass inet from 255.255.255.255 to any flags S/SA keep state
pass on en1 proto tcp from any port 67:68 to any port 67:68 flags S/SA keep state
pass on en1 proto udp from any port 67:68 to any port 67:68 keep state
pass on en1 inet proto tcp from any to 37.120.137.8 flags S/SA keep state
pass on en1 inet proto udp from any to 37.120.137.8 keep state
pass on ipsec0 all flags S/SA keep state
pfctl: pf already enabled

Notice the last line pfctl: pf already enabled

or re-run: sudo killswitch -e at the end you will see killswitch enabled, for example:

screen shot 2019-01-27 at 22 32 53