Add a kill switch to TB?

525 views
Skip to first unread message

davecc0000

unread,
Aug 24, 2015, 3:46:50 PM8/24/15
to tunnelbli...@googlegroups.com
 
TB is very comprehensive and helpful utility replacing the ISP's app and far exceeding its capabilities.
 
Except for a kill switch.
 
Because of this one limitation I must leave TB at the side of the road.
 
Will the developers please add a KS? It would then truly make TB the premiere connection tool.
 
Regards, 
Dave
 
OS X 10.9.5


On Aug 23, 2015, at 8:22 AM, Jonathan K. Bullard wrote:

Tell me exactly what you want a "kill switch" to do and it will be considered. (Any suggestions as to how to do it would also be appreciated.)

A kill switch, when enabled by the user (check box or such in the app's Preferences), will disable all internet access for the computer if the VPN connection fails. Thus avoiding IP exposure in such a situation.

To reestablish internet access either reconnect to the VPN server or uncheck KS in Preferences (and do w/o VPN).

How to implement? Dunno. That's a programmer-ish thing, not my expertise... 

Example of implementation of a KS:

PIA VPN utility

Thanks, 
Dave

Kee Hinckley

unread,
Aug 24, 2015, 5:36:16 PM8/24/15
to tunnelblick-discuss

On 24 Aug 2015, at 15:46, davecc0000 wrote:

A kill switch, when enabled by the user (check box or such in the app’s
Preferences), will disable all internet access for the computer if the VPN
connection fails. Thus avoiding IP exposure in such a situation.

That would be useful. I was recently connecting from my iPhone using the OpenVPN app and it has no such option (and probably can’t, without jailbreaking). When you’re sitting in a cafe in a country run by a military dictatorship, it’s a little disturbing to quietly lose the VPN and discover that what you thought was a secure connection no longer is. I suspect on my laptop I could probably rig up an Tunnelblick/Little Snitch configuration that would lock out all but the Tunnelblick connection, but something built-in would be nice in that situation.

Tunnelblick developer

unread,
Dec 7, 2017, 10:22:56 PM12/7/17
to tunnelbli...@googlegroups.com
A "kill switch" is available in Tunnelblick 3.7.5beta04 which you can update to (on the "Preferences" panel: put a check in "Check for updates to beta versions", then click the "Check Now" button) or download from the Tunnelblick Downloads page.

mlev...@gmail.com

unread,
Dec 9, 2017, 1:56:42 PM12/9/17
to tunnelblick-discuss

What am I missing, I've downloaded what I think is the right version but I don't see this in the Preferences panel:

Tunnelblick developer

unread,
Dec 9, 2017, 2:11:58 PM12/9/17
to tunnelbli...@googlegroups.com
This feature is controlled separately for each configuration, so it isn't on "Preferences". It is available in Tunnelblick 3.7.5beta04 and above.

In the "Configurations" panel, click on the "Settings" tab on the right side. You'll see two drop-down menus: "On expected disconnect" and "On unexpected disconnect". These control what happens after a disconnection. You can set them to:
  • "Do nothing" (the default),
  • "Reset the Primary Interface", which can sometimes fix problems if your configuration leaves the network in a bad state (usually because of a misconfiguration), or
  • "Disable Network Access".
The "Kill Switch" is the "Disable Network Access" setting.

Notes:
  1. As with most settings, you can change this setting on multiple configurations at one time by selecting the configurations in the list on the left side of the panel before changing the setting.

  2. When network access has been disabled, an additional menu item "Re-enable network access" will be available on the main Tunnelblick menu.

Tunnelblick developer

unread,
Jan 27, 2018, 12:18:41 PM1/27/18
to tunnelblick-discuss
This is more fully documented at Tunnelblick's Kill Switch.
Reply all
Reply to author
Forward
0 new messages