VPN Kill switch for one specific host

[evangelion69]

Hello

I`m looking for solution of my problem. I have enabled open vpn client with Policy Rules in Redirect Internet Traffic. My rules are only Destination IPs because i don't`wont to redirect all traffic from one of my computers. When VPN is down, I want to stop internet connection to this host at all. Something like:

#WAN_IF=`nvram get wan_iface`
#iptables -I FORWARD -i br0 -s 192.168.1.13 -o $WAN_IF -j REJECT --reject-with icmp-host-prohibited
#iptables -I FORWARD -i br0 -s 192.168.1.13 -p tcp -o $WAN_IF -j REJECT --reject-with tcp-reset
#iptables -I FORWARD -i br0 -s 192.168.1.13 -p udp -o $WAN_IF -j REJECT --reject-with udp-reset

#iptables -I FORWARD -i br0 -s 192.168.1.13 -o `nvram get wan_iface` -j DROP

How to do it in Asus WRT?

 

[Martineau]

I have enabled open vpn client with Policy Rules in Redirect Internet Traffic. When VPN is down, I want to stop internet connection to this host at all. Something like:

iptables -I FORWARD -i br0 -s 192.168.1.13 -o `nvram get wan_iface` -j DROP

If the GUI option isn't appropriate

then unless you are using a PPoE WAN interface, change

iptables -I FORWARD -i br0 -s 192.168.1.13 -o `nvram get wan_iface` -j DROP

to

iptables -I FORWARD -i br0 -s 192.168.1.13 -o $(nvram get wan0_ifname) -j DROP