Comments (6)
The hook option is not a bad idea, although it's a bit of an advanced feature and therefore not really suitable for the majority of users.
What I'd prefer is finding a good way to still allow the local network, but it needs to be solid.
I know that this is a problem and needs to be worked out. I think quite a few people would use the Kill Switch to secure a torrent server. And that's not really possible when blocking local traffic.
from linux-cli-community.
I'd like to do that but I see two problems with it.
The current implementation of the Kill Switch forces all traffic over the OpenVPN interface as it practically blocks the other interfaces entirely. What I fear with allowing local addresses is some edge case where it doesn't work correctly and then exposing traffic.
And the problem with adding custom rules is that they need to be stored somewhere, let's say in their own file. Because whatever stands in that file is then executed as root, it would need to be properly sanitized to not allow any command to be run. And that's pretty much impossible.
I'm open for ideas on how to solve this. If someone has something in their mind, please share!
from linux-cli-community.
I see your points. I agree is not easy and this is a sensitive mode of operation so we should be extra careful.
But the current kill switch implementation makes it unusable on any kind of server / headless computer. When I was trying it my ssh session died. Fortunately it was a VM so I could access via virtual console.
Maybe having hooks I could put a script on the connect hook. Might make sense for other use cases. As an advanced feature, so you don't need to worry about running it as root, it's a user responsibility.
from linux-cli-community.
Thank you all for looking into this. I hadn’t realized that the killswitch option was the cause of my issues until I contacted ProtonVPN support. I had assumed the Linux client would have the same behavior as my Mac desktop client, allowing local access while also having killswitch enabled.
@Rafficer i may try out your patch this weekend if I have time
from linux-cli-community.
If one of you has experience with Python, it would also be great if you could review #45 :) Only thing that's holding the merge back is that I wanted to have it reviewed thoroughly.
from linux-cli-community.
I'm not a python expert but it looks good to me.
from linux-cli-community.
Related Issues (20)
- [Enhancement] Support other inits HOT 1
- Vintage is gold - install and usage combined with official release
- [Enhancement] WSL host support?
- Can't use CLI application HOT 9
- Error Getting VPN State [BUG] HOT 2
- [BUG] Many UDP free servers no longer connecting
- [BUG] - Install on Debian 12 (Bookworm) HOT 2
- [BUG] Protonvpn goes out to lunch randomly. HOT 1
- Any updated fork? HOT 2
- Is it possible to specify a static IP address? HOT 1
- [BUG] Crush on GitHub Codespaces
- Cannot connect to US free servers
- [Query] each install needs to be unique?
- [BUG] There was an error connecting to the ProtonVPN API. HOT 16
- `Please install ip.` WTF?[BUG] HOT 3
- [BUG] "protonvpn s" doesn't work anymore HOT 4
- Log Spam & lack of function on Slackware-Current HOT 3
- [Enhancement] Use a Python script to connect and disconnect
- READ.ME: Does NOT support MX Linux 19+ or Archlinux / Manjaro
- Reconnection issues
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from linux-cli-community.