Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
X
X
xorvester2015-12-22 23:11:49
linux
xorvester, 2015-12-22 23:11:49

How to prevent information leakage when the connection is lost via OPENVPN?

Actually the subject itself, but I would like to somehow automate this process. I have a remote VDS server that has an OPENVPN server installed, I connect to it from an OPENVPN client on Debian OS. So sometimes the provider goes down for as long as 2 minutes. Is it possible to somehow organize an automatic ban on all traffic when the connection with the OPENVPN server is lost, and after banning all traffic, organize an automatic check of the connection with the server, if there is no connection, then wait until it works and if the server is available, continue working through a secure channel. Is that possible? What is the algorithm of actions? Give me an idea please.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
A
Andrey Burov, 2015-12-22
@BuriK666

Deny all traffic except to the VPN server. iptables to help you.
UPD: disable everything except traffic for the VPN connection and everything that goes through the VPN tunnel.

Report
E
Ergil Osin, 2015-12-23
@Ernillew

# route del default gw
# route add -host IP_YOUR_VPN gw YOUR_GW is
actually a mustache, traffic will not go anywhere, because there is no default, traffic to the VPN server will go through gw, so that you can connect, when raising the VPN, routes will be registered.

Report
R
Ref, 2016-01-06
@KargoZ

If I understand the question correctly))
There is nothing to worry about, as soon as your openvpn turns off, no data is transmitted, packets stop running from you to the server))))) And when the provider falls into a "DOWN", data is not transmitted either)) )))
And if you have access to VDS without openvpn .... Then, in principle, it does not work for you.
about tr:
#!path_to_bash -x
ipvpn="xxx.xxxx.xxx.xxxxxx"
function ping_sh()
{
p=`which ping`;
ping_pong=`$p -q -c 4 $ipvpn > /dev/null; echo $? `;
if
then
echo "VPN accessed
start working";
CALL FUNCTION OR START LINE OPENVPN;
FUNCTION CALL OR BLALALABLAAAA xtables-iptables-arptables-ebtables ETC;
fi
if
then
echo " VPN not accessed;
stop working";
CALL FUNCTION OR STOP LINE OPENVPN;
FUNCTION CALL OR BLALALABLAAAA xtables-iptables-arptables-ebtables ETC;
fi
}
ping_sh;
write script to cron
*/3 * * * * /PathScript

Similar questions
P
papabig2017-09-22 10:34:59
How do site copy scripts work? 2Reply
S
sparr0w12021-06-03 01:25:29
How to fix snap-store startup error? 0Reply
D
Drottarutarnum2021-06-03 09:30:39
What Linux Managers Are There? 2Reply
D
Digsecman2021-06-03 10:40:07
How to transfer 1s to linux? 4Reply
C
coveFox2019-12-19 22:31:06
How to properly set the root directory? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question