Killswitch on L2TP VPN client

[SheikhSheikha]

I am wondering if there is a way to have a killswitch when my L2TP VPN client disconnects. (I know with OpenVPN it is something simple but OpenVPN is blocked in my region). Your input or a solution is most welcome and appreciated.

 

[Martineau]

I am wondering if there is a way to have a killswitch when my L2TP VPN client disconnects. (I know with OpenVPN it is something simple but OpenVPN is blocked in my region). Your input or a solution is most welcome and appreciated.

Does this work ?

iptables -I FORWARD -i br0 -s $(nvram get lan_ipaddr)/24 ! -o ppp+ -j DROP

 

[SheikhSheikha]

Does this work ?

iptables -I FORWARD -i br0 -s $(nvram get lan_ipaddr)/24 ! -o ppp+ -j DROP

Thank you but unfortunately not :-D

 

[Martineau]

Thank you but unfortunately not :-D

Why not?

Is the rule interface/ subnet incorrect ?

 

[SheikhSheikha]

I hope this gives more insight:
The Asus router is behind an ISP router that I further do not touch with ip addres 192.168.1.1
The Asus router has ip 192.168.2.1

LAN:
IP Pool staring at 192.168.2.1 end ending at 192.168.2.254
Default Gateway 192.168.2.1
WAN:
IP: 192.168.1.100
Subnet 255.255.255.0
Default Gateway 192.168.1.1
DNS over TLS to google 8.8.8.8 en 8.8.4.4

In the log at startup the following is visible once the L2TP client is connected to the VPN ip address:
The L2TP goes to local address =ip address 10.222.0.7
with remote ip address 10.222.0.1
Primary & secondary DNS 10.222.0.1
Subsequently it tells the nameserver is 127.0.1.1#53