omar Posted August 6, 2015 Report Share Posted August 6, 2015 forget about software kill switches, as you can't trust them in firewall, in ddwrt, put this line iptables -I FORWARD -s 192.168.0.0/16 -o $(nvram get wan_iface) -j DROP this will include from 192.168.0.0 to 192.168.255.255 no single machine with those internal IPs will be access the net, if VPN is not up. this is the real deal, tried and tested, works like a charm ——————— i - insert FORWARD - for packets being forwarded through the router s - source o - defining interface physical name $(nvram get wan_iface) - gets the wan interface name j - jumps to drop - packets are dropped Quote Link to comment Share on other sites More sharing options...
Annonymous Posted August 6, 2015 Report Share Posted August 6, 2015 what firewall ? on pc or router ? Edit : Nvm nvram is command for cisco routers. Quote Link to comment Share on other sites More sharing options...
omar Posted August 7, 2015 Author Report Share Posted August 7, 2015 within the DDWRT router, where you load firewall script this is real stuff http://www.zedt.eu/storage/2012/ddwrt-firewall-script.png Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.