D
Deleted member 27741
Guest
Hi all, this is related to a previous post of mine-
http://www.snbforums.com/threads/ho...en-your-openvpn-server-goes-down-win-7.25733/
I connect to my home openvpn servers a lot (with internet through the tunnel) for encryption and lan access purposes. Therefore I would love a killswitch, openvpn does not have an easy killswitch solution yet that I know of so here is how I made my own killswitch. Theoretically these batch files should also prevent issues with ip address conflicts (same gateway for your internet connection and the vpn 192.168.1.1, for example). If someone can let me know if it works for vpn conflicts that would awesome.
This is my OPENVPN_pre.bat (OPENVPN must be same exact name as your ovpn file). If there is no default route (typically only happens if the second batch has been run) this batch will add the last default route written to defaultgateway.txt by the OPENVPN_up.bat batch file. The REM part can be used to test whether the if statement works (route is added)-
@echo off
@For /f "tokens=3" %%* in (
'route.exe print ^|findstr "\<0.0.0.0\>"'
) Do @Set "defaultgateway=%%*"
set /p filegateway=<c:\somedir\defaultgateway.txt
echo DefaultGateway=%defaultgateway%
echo.
echo FileGateway=%filegateway%
echo If DefaultGateway is empty FileGateway will be added as default route!!!
if "%defaultgateway%" == "" (
route add 0.0.0.0 mask 0.0.0.0 %filegateway%
)
rem echo ****Internet is insecure until openvpn reconnects!!!****
rem echo ****Internet is insecure until openvpn reconnects!!!****
rem echo ****Internet is insecure until openvpn reconnects!!!****
rem echo ****Internet is insecure until openvpn reconnects!!!****
rem if "%defaultgateway%" == "" (
rem pause
rem )
____________This is my OPENVPN_up.bat____________
@For /f "tokens=3" %%* in (
'route.exe print ^|findstr "\<0.0.0.0\>"'
) Do @Set "defaultgateway=%%*"
route delete 0.0.0.0 mask 0.0.0.0 %defaultgateway%
echo %defaultgateway% > c:\somedir\defaultgateway.txt
The OPENVPN_up.bat deletes the default gateway but saves it in defaultgateway.txt for use in reconnecting.
I was not sophisticated enough to make the file with the bat so you must create \somedir\defaultgateway.txt. The bat files go in the same directory as your ovpn file. Of course if there is no default gateway, the OPENVPN_pre.bat will add the last default gateway that was deleted by OPENVPN_up.bat (necessary for dns). This makes internet insecure until openvpn connects (upon connection the default route is deleted by OPENVPN_up.bat to kill internet if the tunnel goes down) and internet flows through the tunnel.
Is there a better way to do this (using this method you have to disconnect and connect to get back on- reconnect does not run OPENVPN_pre.bat)? I am surprised that openvpn does not have this kind of functionality out of the box, am I missing something?
http://www.snbforums.com/threads/ho...en-your-openvpn-server-goes-down-win-7.25733/
I connect to my home openvpn servers a lot (with internet through the tunnel) for encryption and lan access purposes. Therefore I would love a killswitch, openvpn does not have an easy killswitch solution yet that I know of so here is how I made my own killswitch. Theoretically these batch files should also prevent issues with ip address conflicts (same gateway for your internet connection and the vpn 192.168.1.1, for example). If someone can let me know if it works for vpn conflicts that would awesome.
This is my OPENVPN_pre.bat (OPENVPN must be same exact name as your ovpn file). If there is no default route (typically only happens if the second batch has been run) this batch will add the last default route written to defaultgateway.txt by the OPENVPN_up.bat batch file. The REM part can be used to test whether the if statement works (route is added)-
@echo off
@For /f "tokens=3" %%* in (
'route.exe print ^|findstr "\<0.0.0.0\>"'
) Do @Set "defaultgateway=%%*"
set /p filegateway=<c:\somedir\defaultgateway.txt
echo DefaultGateway=%defaultgateway%
echo.
echo FileGateway=%filegateway%
echo If DefaultGateway is empty FileGateway will be added as default route!!!
if "%defaultgateway%" == "" (
route add 0.0.0.0 mask 0.0.0.0 %filegateway%
)
rem echo ****Internet is insecure until openvpn reconnects!!!****
rem echo ****Internet is insecure until openvpn reconnects!!!****
rem echo ****Internet is insecure until openvpn reconnects!!!****
rem echo ****Internet is insecure until openvpn reconnects!!!****
rem if "%defaultgateway%" == "" (
rem pause
rem )
____________This is my OPENVPN_up.bat____________
@For /f "tokens=3" %%* in (
'route.exe print ^|findstr "\<0.0.0.0\>"'
) Do @Set "defaultgateway=%%*"
route delete 0.0.0.0 mask 0.0.0.0 %defaultgateway%
echo %defaultgateway% > c:\somedir\defaultgateway.txt
The OPENVPN_up.bat deletes the default gateway but saves it in defaultgateway.txt for use in reconnecting.
I was not sophisticated enough to make the file with the bat so you must create \somedir\defaultgateway.txt. The bat files go in the same directory as your ovpn file. Of course if there is no default gateway, the OPENVPN_pre.bat will add the last default gateway that was deleted by OPENVPN_up.bat (necessary for dns). This makes internet insecure until openvpn connects (upon connection the default route is deleted by OPENVPN_up.bat to kill internet if the tunnel goes down) and internet flows through the tunnel.
Is there a better way to do this (using this method you have to disconnect and connect to get back on- reconnect does not run OPENVPN_pre.bat)? I am surprised that openvpn does not have this kind of functionality out of the box, am I missing something?
Last edited by a moderator:
