omar 0 Report post Posted August 6, 2015 forget about software kill switches, as you can't trust them in firewall, in ddwrt, put this line iptables -I FORWARD -s 192.168.0.0/16 -o $(nvram get wan_iface) -j DROP this will include from 192.168.0.0 to 192.168.255.255 no single machine with those internal IPs will be access the net, if VPN is not up. this is the real deal, tried and tested, works like a charm ——————— i - insert FORWARD - for packets being forwarded through the router s - source o - defining interface physical name $(nvram get wan_iface) - gets the wan interface name j - jumps to drop - packets are dropped Quote Share this post Link to post Share on other sites
Annonymous 0 Report post Posted August 6, 2015 what firewall ? on pc or router ? Edit : Nvm nvram is command for cisco routers. Quote Share this post Link to post Share on other sites
omar 0 Report post Posted August 7, 2015 within the DDWRT router, where you load firewall script this is real stuff http://www.zedt.eu/storage/2012/ddwrt-firewall-script.png Quote Share this post Link to post Share on other sites
