switching from windows 7 to linux and VPN doesnt lock and router doesnt kill

[glitchgod 0]

So simple enough

Old machine was a windows 7 virtual machine that ran to download torrents. No issues and always worked.

Recently I got a Raspberry Pi 3 and want to use the small form and low power to my advantage.

 

Situation:

Router is set a kill switch for my windows 7 (https://charleswilkinson.co.uk/2016/05/14/selective-routing-using-ddwrt-and-openvpn/) and it work amazingly well. Also if i dont have the vpn running nodata from that machine goes out, but if i start the VPN on the machine data will flow smoothly.

Now I want to do this the raspberry pi 3 and wow the hoops you got to go through to get the vpn client on it and to my belief netlock doesnt work and neither does my router acting as a kill switch for that static local IP. 

 

 

The code for the router Firewall

# Prevent 192.168.1.64 from reaching the internet directly (so no connection if VPN down)
iptables -I FORWARD -s 192.168.1.64 -o vlan2 -j DROP
 
# Prevent 192.168.1.64 from connecting to port 443 directly (so no connection if VPN down)

iptables -I FORWARD -s 192.168.1.64 --dport 54984 -o vlan2 -j DROP

The code for the router Custom 

#!/bin/sh
# Some MASQUERADE line that I don't really understand.
iptables -I POSTROUTING -t nat -o tun1 -j MASQUERADE
 
# Set the default route for table 200 as over the VPN
ip route add default dev tun1 table 200
 
# Assign all outgoing connections from 192.168.64 to table 200 (so they go over the VPN)
ip rule add from 192.168.1.64 table 200
 
# Assign all packets marked with 11 to table 200 (so they go over the VPN)
ip rule add fwmark 11 table 200
 
# Flush the cache
ip route flush cache
 
# Mark all tcp packets whos destination port is 5498 4with 11 (so that it will be routed over the VPN)

iptables -t mangle -I PREROUTING --dport 54984 -j MARK --set-mark 11

 

For starting the VPN on my Raspberry Pi3

I use ssh  and edited 

 

nano .config/lxsession/LXDE-pi/autostart 
 

Then added 

 

@lxterminal -e "/home/pi/superscript.sh" 
 

the /home/pi/superscript.sh

#!/bin/sh
pause(){

sudo mono /home/pi/airvpn_linux_mono/AirVPN.exe -cli  -profile=AirVpn.xml -login=aaaaaaaa-password=xxxxxxxxxxx -connect -server=Aldib -mode.port=80 -mode.protocol=udp -netlock

wmctrl -r LXTerminal -b add,below

read -n1 -rsp $'Press any key to close the terminal...\n'
}

pause

 

A terminal starts and does what looks good so i test it with https://airvpn.org/ and it says im behind a vpn. So i start the qbittorrent and launch it from actual application menu and it starts downloading a public domain video. 

I go to setting then advance and mark tun0 the network interface.

 

But if i close the terminal running the VPN the torrent continues to download and AirVPN also on their website not only still works (Router kill switch dont work) but it says not behind a VPN

 

 

What am I doing wrong for the internet to work when no VPN is running?

Is this to complex for no Eddie-VPN gui?

 

[OpenSourcerer 1442]

But if i close the terminal running the VPN the torrent continues to download and AirVPN also on their website not only still works (Router kill switch dont work) but it says not behind a VPN

 

Try prepending nohup to the command line.

@lxterminal -e "nohup /home/pi/superscript.sh"

[jlavigne 0]

Is the OpenVPN client available for your Pi? It seems like it would be more effective than running a mono-ized app. If it is, I can give you the configuration that I use for the VPN connection, and your firewall rules should pretty much stay the same.