Jump to content
Not connected, Your IP: 34.204.196.206
fribeiro123

How to block all traffic with DD-WRT if VPN connection fails

Recommended Posts

Hello,

This post is to everyone that have openvpn configured in a dd-wrt router and wants to block all connections through the ISP if the VPN connection fails, avoiding leaking our real ISP IP.

I setup the connection to AIRVPN servers using the tutorial in https://airvpn.org/ddwrt and then insert following line to the firewall rules: "iptables -I FORWARD -i br0 -o vlan2 -j DROP"
- br0 is the bridge with my lan ports & wireless
- vlan2 is my WAN port connected to the modem ISP

So if there is any connection starting from my lan or wifi to the wan port the firewall of the router blocks the connection.

My firewall rules are like this:
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I FORWARD -i br0 -o vlan2 -j DROP
iptables -I INPUT -i tun0 -j REJECT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

 

[sTAFF EDIT] In case you apply Policy Based Routing, please see here as well:

http://www.dd-wrt.com/phpBB2/viewtopic.php?p=777788

Check the interface names and make sure to enter the correct names (in your firmware the tun interface might be tun1 or tun0, etc.).

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...