OpenVPN by default is fail-dangerous - if it goes wrong, your traffic goes uncloaked. Is there a way to fix that?
you can use iptables to block direct traffic (but yes, it's slightly annoying to set up)
-
-
I have a VPN between my machines; they block all traffic from/to VPN IPs on non-VPN interfaces
-
on Linux, if you want VPN for everything, you could also move the real interface into a netns with openvpn and connect via veth
- 2 more replies
New conversation -
-
-
How do you do that without breaking VPN traffic? Whitelist one IP/port? Messy :-(
-
Run it as a dedicated openvpn user and use iptables / nftables uid-based filtering.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.