Jump to content
Not connected, Your IP: 52.15.223.239
Undead6746

ANSWERED Network Lock/Lockdown Mode at all times

Recommended Posts

I am using Eddie on Linux. When my PC starts, there is no network lock, and I am able to access the internet normally. I would like this to not be the case. Is this intended behavior? Anything I can do about it? I would like my network to be completely blocked until I start Eddie, similar to the behavior that the Lockdown Mode on Mullvad VPN works.

Share this post


Link to post
58 minutes ago, Undead6746 said:

I am using Eddie on Linux. When my PC starts, there is no network lock, and I am able to access the internet normally. I would like this to not be the case. Is this intended behavior? Anything I can do about it? I would like my network to be completely blocked until I start Eddie, similar to the behavior that the Lockdown Mode on Mullvad VPN works.


Hello!

Please set permanent firewall rules that block every packet out (set the OUTPUT policy to DROP). Remember (important) to add ACCEPT rules for the following destinations: 255.255.255.255 (DHCPv4), ff02::1:2 (DHCPv6), 127.0.0.1 (localhost) and to your local network. When Network Lock is engaged, this total block will be lifted and only AirVPN servers will be reachable. When Network Lock is disengaged the previous block all rules will be restored.
 
Kind regards
 

Share this post


Link to post
2 hours ago, Staff said:

Hello!

Please set permanent firewall rules that block every packet out (set the OUTPUT policy to DROP). Remember (important) to add ACCEPT rules for the following destinations: 255.255.255.255 (DHCPv4), ff02::1:2 (DHCPv6), 127.0.0.1 (localhost) and to your local network. When Network Lock is engaged, this total block will be lifted and only AirVPN servers will be reachable. When Network Lock is disengaged the previous block all rules will be restored.
 
Kind regards
 
Turning on Network Lock does not lift the blocks with Eddie unable to connect to a server. I am using UFW. I've rejected all outgoing connections and explicitly allowed those you've mentioned.

Share this post


Link to post
11 hours ago, Undead6746 said:

Turning on Network Lock does not lift the blocks with Eddie unable to connect to a server. I am using UFW. I've rejected all outgoing connections and explicitly allowed those you've mentioned.



Hello!

UFW is an iptables wrapper which adds its own chains. To complicate the matter even more, UFW does not work with nftables, but probably your system is based on nftables (unless it is a very old distribution). Therefore translations iptables<->nftables are continuously needed and we have seen that some bug affects them. You should consider to drop UFW and use directly the nft userspace tool to set rules, or iptables-nft if you prefer the iptables syntax. In this last case, force Eddie to use iptables too (if Eddie finds nft in your system, it will use it) in the "Preferences" > "Network Lock" window.

Kind regards
 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...