- Messages
- 13
- Upvote score
- 8
The official Oeck app includes killswitch functionality, which is great, however the app won't run on everything.
I use Oeck on an odroid c1+ running linux for downloading and wanted the same function when using a downloaded .ovpn file.
An easy way is to run a script as root that sets up custom iptables rules before connecting the VPN:
The custom rules will be lost on reboot, which is what I want, as I use other VPNs on this machine. They can be made permanent of course.
One further thing I did need to do on this particular machine was to disable IPV6 in order to get Oeck to connect. I did that by adding:
I use Oeck on an odroid c1+ running linux for downloading and wanted the same function when using a downloaded .ovpn file.
An easy way is to run a script as root that sets up custom iptables rules before connecting the VPN:
This one is hardcoded for my local LAN (192.168.0.x), network interface (eth0) and the Oeck torrent region. Note that you'll lose LAN connectivity to the device if your local LAN and network are not explicitly allowed. The INPUT rules are really overkill, as it's only outgoing traffic that needs to be forced over the tun interface for security, but meh. If the VPN connection is lost, no traffic can pass to or from the un-VPN'd internet.
The custom rules will be lost on reboot, which is what I want, as I use other VPNs on this machine. They can be made permanent of course.
One further thing I did need to do on this particular machine was to disable IPV6 in order to get Oeck to connect. I did that by adding:
to /etc/sysctl.conf and running sysctl -p as root.
