Hello all.
I am trying to setup a sort of kill switch for my OpenWRT router.
I have very little understanding of Linux and OpenWRT but I am learning.
I have setup my router pretty much like NordVPN tutorial told me.
My problem is the script that is provided for setting up iptable rules to reject all traffic when VPN goes down.
#!/bin/sh
if [ "$ACTION" = ifup ] && (ip a s tun0 up) && (iptables -C forwarding_rule -j REJECT); then
iptables -D forwarding_rule -j REJECT
fi
if [ "$ACTION" = ifdown ] && (! ip a s tun0 up) && (! iptables -C forwarding_rule -j REJECT); then
iptables -I forwarding_rule -j REJECT
fi
The rule for blocking applies fine but it will never delete it once the VPN connection is restored. I have narrowed it down to the
(ip a s tun0 up)
If I remove this part of the script it restores forwarding rules fine.
Can anybody tell me what is going wrong with this script?
EDIT: I should have mentioned that this is a file called 99-prevent-leaks in etc/hotplug.d/iface
(Last edited by Waza on 16 Mar 2017, 17:32)