Undead6746 0 Posted ... I am using Eddie on Linux. When my PC starts, there is no network lock, and I am able to access the internet normally. I would like this to not be the case. Is this intended behavior? Anything I can do about it? I would like my network to be completely blocked until I start Eddie, similar to the behavior that the Lockdown Mode on Mullvad VPN works. Quote Share this post Link to post
Staff 10017 Posted ... 58 minutes ago, Undead6746 said: I am using Eddie on Linux. When my PC starts, there is no network lock, and I am able to access the internet normally. I would like this to not be the case. Is this intended behavior? Anything I can do about it? I would like my network to be completely blocked until I start Eddie, similar to the behavior that the Lockdown Mode on Mullvad VPN works. Hello! Please set permanent firewall rules that block every packet out (set the OUTPUT policy to DROP). Remember (important) to add ACCEPT rules for the following destinations: 255.255.255.255 (DHCPv4), ff02::1:2 (DHCPv6), 127.0.0.1 (localhost) and to your local network. When Network Lock is engaged, this total block will be lifted and only AirVPN servers will be reachable. When Network Lock is disengaged the previous block all rules will be restored. Kind regards Quote Share this post Link to post
Undead6746 0 Posted ... 2 hours ago, Staff said: Hello! Please set permanent firewall rules that block every packet out (set the OUTPUT policy to DROP). Remember (important) to add ACCEPT rules for the following destinations: 255.255.255.255 (DHCPv4), ff02::1:2 (DHCPv6), 127.0.0.1 (localhost) and to your local network. When Network Lock is engaged, this total block will be lifted and only AirVPN servers will be reachable. When Network Lock is disengaged the previous block all rules will be restored. Kind regards Turning on Network Lock does not lift the blocks with Eddie unable to connect to a server. I am using UFW. I've rejected all outgoing connections and explicitly allowed those you've mentioned. Quote Share this post Link to post
Staff 10017 Posted ... 11 hours ago, Undead6746 said: Turning on Network Lock does not lift the blocks with Eddie unable to connect to a server. I am using UFW. I've rejected all outgoing connections and explicitly allowed those you've mentioned. Hello! UFW is an iptables wrapper which adds its own chains. To complicate the matter even more, UFW does not work with nftables, but probably your system is based on nftables (unless it is a very old distribution). Therefore translations iptables<->nftables are continuously needed and we have seen that some bug affects them. You should consider to drop UFW and use directly the nft userspace tool to set rules, or iptables-nft if you prefer the iptables syntax. In this last case, force Eddie to use iptables too (if Eddie finds nft in your system, it will use it) in the "Preferences" > "Network Lock" window. Kind regards 1 Undead6746 reacted to this Quote Share this post Link to post