Ban non-VPN or all networking

geek

Member

Reaction score: 6
Messages: 53

Hello.

Is there a way to force some applications to only use a VPN interface for networking, or ban all networking from them completely? Could this be done with jails? I want to use VPN "anonymously" so that my real IP, DNS requests and other such stuff are not leaked.
 

Handy92

Active Member

Reaction score: 13
Messages: 145

Firefox Yes, but another aplication You must change in text file manually - i think. Also Firewall can block any non-VPN connection and unlock traffic for VPN IP, but at thi$ moment i have no idea how to redirect all traffic via VPN. :p
 

Preetpal

Active Member

Reaction score: 31
Messages: 117

Just block all traffic in/out of your machine using a firewall like PF (https://www.freebsd.org/doc/handbook/firewalls-pf.html). Then only allow traffic through the VPN.

Sample for /etc/pf.conf

Code:
loopback_device = "lo0"
network_devices = "{ em0 wlan0 }"
tcp_pass = "{ 80 443 }"

# table containing all IP addresses assigned to the firewall
table <firewall> const { self }

# do not filter on the loopback device
set skip on lo0

scrub in all
antispoof for $network_devices

block all

# Whitelist VPN traffic out of machine below.

Note that you have to start and enable PF to for outbound/inbound traffic to be blocked.
 
Top