linux4noobs

1356 readers

1 users here now

linux4noobs

Noob Friendly, Expert Enabling

Whether you're a seasoned pro or the noobiest of noobs, you've found the right place for Linux support and information. With a dedication to supporting free and open source software, this community aims to ensure Linux fits your needs and works for you. From troubleshooting to tutorials, practical tips, news and more, all aspects of Linux are warmly welcomed. Join a community of like-minded enthusiasts and professionals driving Linux's ongoing evolution.

Seeking Support?

Mention your Linux distro and relevant system details.
Describe what you've tried so far.
Share your solution even if you found it yourself.
Do not delete your post. This allows other people to see possible solutions if they have a similar problem.
Properly format any scripts, code, logs, or error messages.
Be mindful to omit any sensitive information such as usernames, passwords, IP addresses, etc.

Community Rules

Keep discussions respectful and amiable. This community is a space where individuals may freely inquire, exchange thoughts, express viewpoints, and extend help without encountering belittlement. We were all a noob at one point. Differing opinions and ideas is a normal part of discourse, but it must remain civil. Offenders will be warned and/or removed.
Posts must be Linux oriented
Spam or affiliate links will not be tolerated.

founded 1 year ago

MODERATORS

PlutoParty

How can I prevent my PC from connecting to the internet without a VPN connection? (leminal.space)

submitted 6 months ago* (last edited 6 months ago) by [email protected] to c/linux4noobs

12 comments fedilink hide all child comments

I am running EndeavorOS with XFCE 4 and am using Mullvad as my VPN. To be clear I know Mullvad's client has a lockdown and kill switch mode but it seems like after updating it my PC is connecting to the internet without it. I could be mistaken but I don't think it's blocking anything at that point. I would likely have to wait until the next Mullvad update to test this for sure though. If someone can either confirm or deny my suspicions I would greatly appreciate it because I wouldn't have to find another work around.

All that said if that is the case, how can I prevent my PC from connecting to the internet when Mullvad is not running?

Maybe there's a simple option like binding the network manager to mullvad client application? Ideally I'd like to avoid either not using their client and using some thrown-together update script like

#!/bin/bash

xfce4-terminal --command="sudo pacman -Syu";

/opt/Mullvad VPN/mullvad-vpn";

Edit: Maybe it is connecting after the update but not showing the GUI. I came across this post on GitHub

I have a Mullvad desktop app set to launch on start-up. Also "Start minimized" is set to false. At the system start-up I get connected to the VPN, so the Mullvad daemon apparently starts, but no application window launches. I have to launch it manually.

I did not check to see if this was happening after I updated.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

Qubes is the best solution/architecture for this.

You can set something with network name spaces and default routes that reduce possible exposure to direct internet routing, but unless its enforced at some higher level (like through VMs) then there is a risk.

You can use a external vpn device like openwrt as your uplink.

Depending on how much control you have of your network, you can make the default vlan of your computer non-internet routable, and only mullvad can talk to a vlan with direct internet access. (so if something spins up your network stack, it wont route to the internet)

At your router/gateway apply firewall rules such that ONLY the vpn endpoint is routable (either from the whole network, or just that computer, or just that vlan, etc)