Ubuntu

Stopping my network traffic when my VPN connection disconnects

Asked by Not Telling

I use a VPN service for my internet. I am hoping to make it so when my connection to my VPN service drops out, my computer does not allow anymore network traffic in or out until it is connected to my VPN service again. In Windows 10 Home I was able to do this using the Windows Firewall. I was wondering if anybody knows if it can be done in Ubuntu's firewall 'ufw'?

I have read in the manual for it something that looks like something I may be able to use to do it. The manual indicates (to type this into Terminal):

 By default, ufw will apply rules to all available interfaces. To limit
       this, specify DIRECTION on INTERFACE, where DIRECTION is one of in or
       out (interface aliases are not supported).

I am confused because when I look at the connection information from the network icon in the top right hand corner of Ubuntu's desktop, there is no Interface for my VPN connection. Windows 10 Home treats VPN connections virtually as an interface, but it looks to me as though Ubuntu considers only physical interfaces as true.

Can someone please help me with setting this up?

Thanks

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Solved by:
Not Telling
Solved:
Last query:
Last reply:
Revision history for this message
actionparsnip (andrew-woodhead666) said : 		#1

Set the default gateway as the IP of the VPN. Then it will only work if the VPN is up.

Revision history for this message
Not Telling (c4529218) said : 		#2

Thanks for that.

Is there any other way to do it? I use multiple VPN's so constantly having to change the IP address would be a hassle.

Revision history for this message
actionparsnip (andrew-woodhead666) said : 		#3

That's one solution I pulled out of my assignment really quick. Isn't the VPN interface always tun0? You could tell all traffic to go down tun0. If it doesn't exist then you get no connection.

If you need to use a VPN for Web access, isn't this always in place by default anyway?

Revision history for this message
Not Telling (c4529218) said : 		#4

No, the VPN interface isn't always 'tun0'. Mine is 'ppp0'.

It is not in place by default in Ubuntu 16.04 LTS.

I have found the solution to my problem and I give credit for it to larsss from the Ubuntu IRC chat room as he showed me an article that describes how it can be done.

What I did was open Terminal by clicking the Ubuntu logo at the top left hand side of the desktop screen.
I enabled Ubuntu's 'ufw' firewall by running the command in the terminal 'sudo ufw enable'.
I set the firewall to block incoming connections running the command 'sudo ufw default deny incoming'.
I set the firewall to block outgoing connections running the command 'sudo ufw default deny outgoing'.
I set the firewall to allow outgoing connections for the network adapter my VPN uses running the command 'sudo ufw allow out on ppp0 from any to any'.
I reloaded the firewall for the new settings to take effect running the command 'sudo ufw reload'.