Do linux users need a "kill switch"? in General & Suggestions Posted ... The air client already uses iptables if the option is chosen. It also rewrites or rename/replaces the resolv.conf - dns option depending. There's a rule set posted here that's similar.https://airvpn.org/topic/9139-prevent-leaks-with-linux-iptables/Its not stateful but by simply adding the if not '!' eth+ ! -d it really doesn't need to be. -Unless someone try's to spoof the ip. right, iptable usage to block whatever is certainly not novel. but, looks like zorro is trying to make it easier for people to manage automatically with their script.