On Fri, 2017-12-08 at 00:44 +0200, Mika Leppänen wrote:
I am using a VPN provider with NetworkManager. I am trying to make a "killswitch" script that runs "/sbin/iptables -A OUTPUT -m owner --uid-owner mtl ! -o tun0 -j DROP" when VPN connection is made and "iptables -F; iptables -X; iptables -Z" when I disconnect the VPN. My username is mtl. Is this possible any way with NetworkManager?
Hi, Yes, write a dispatcher script, put it to /etc/NetworkManager/dispatcher.d. In the script, figure out what's happening by the command line argument and the environment variables. See `man NetworkManager` for documentation. Ensure you got it enabled via `systemctl enable NetworkManager- dispatcher.service` (should be by default). If you enable debug logging of NetworkManager, the dispatcher service will log in details the environment variables and the called scripts. You might need to restart the dispatcher service for the change of the logging level to take effect. best, Thomas
Attachment:
signature.asc
Description: This is a digitally signed message part