Posted: Sun Aug 20, 2017 19:20 Post subject: SOLVED! Kill switch for all traffic except source port
Good evening,
I have an OpenVPN client running on my router. I've got a number of iptables rules to provide a kill switch, e.g:
Code:
iptables -I FORWARD -s 192.168.1.112/28 -o $(nvram get wan_iface) -j DROP
Will the following rule drop all packets forwarded from 192.168.1.100 EXCEPT those with a source port of 32400? Or will it do something else? Basically, for this particular client, I want the all traffic to be dropped if the VPN goes down unless the origin is port 32400.
Code:
iptables -I FORWARD -s 192.168.1.100 --sport ! 32400 -o $(nvram get wan_iface) -j DROP
Thanks!
Last edited by tectonic on Mon Aug 21, 2017 14:20; edited 2 times in total
All other traffic from that IP address goes through the VPN. If the VPN goes down, I want to kill that traffic, but I still want packets with source port 32400 to continue to route through my ISP.