High level of protection
Cryptographic algorithm resistant to date is used for encryption AES-256-GCM
Bypass of the blockings
Full access to YouTube content, Unblocking of FaceBook, VKontakte and other social networks.
Large number of countries!
When connecting, you will be assigned an IP-address of the server you have chosen!

Telegram

Subscribe to our Telegram channel and get all important service news as quickly and conveniently as possible!

Read More...

Twitter

Fresh feed of news via Twitter!

Worldwide IT and security news via our Twitter by MultiVPN...

Read More...

Blog MultiVPN

Official MultiVPN Blog. Top news of MultiVPN service, updates, files and rest urgent important information!

Read More...

OpenVPN Traffic Leak Blocker on Linux

Open a terminal. First of all, you must obtain superuser rights:

Using Ubuntu Linux as an example:


  [email protected]:~$ sudo bash
  [sudo] password for user:
  [email protected]:/home/user# id
  uid=0(root) gid=0(root) groups=0(root)
  [email protected]:/home/user#

For example, Fedora Linux:


  [[email protected] ~]$ su
  Password:
  [[email protected] user]# id
  uid=0(root) gid=0(root) groups=0(root)
  [[email protected] user]#

Download scripts using your browser:
https://multivpn.su/files/vpnfirewall
https://multivpn.su/files/deactivate_vpn_firewall
and save them in the "Downloads" (wget, curl, etc. will not work, due to Anti-DDoS tools on the service website):


  [email protected]:/home/user# cd Downloads/
  [email protected]:/home/user/Downloads# ls -la
  total 20
  drwxr-xr-x 2 user user 4096 May 26 02:09 .
  drwxr-xr-x 17 user user 4096 May 26 02:08 ..
  -rw-rw-r-- 1 user user 210 May 26 02:09 deactivate_vpn_firewall
  -rw-rw-r-- 1 user user 6370 May 26 02:08 vpnfirewall
  [email protected]:/home/user/Downloads#

Change the owner of the scripts to "root", enable their execution and transfer to /usr/bin:


  [email protected]:/home/user/Downloads# chown root:root vpnfirewall
  [email protected]:/home/user/Downloads# chown root:root deactivate_vpn_firewall
  [email protected]:/home/user/Downloads# chmod 0755 vpnfirewall
  [email protected]:/home/user/Downloads# chmod 0755 deactivate_vpn_firewall
  [email protected]:/home/user/Downloads# mv vpnfirewall /usr/bin/
  [email protected]:/home/user/Downloads# mv deactivate_vpn_firewall /usr/bin/

Now, you can activate the traffic leak blocking script with the "vpnfirewall" command. Run the command with superuser privileges:


  [email protected]:/home/user/Downloads# vpnfirewall
  OK: Loading VPN firewall...
  OK: The firewall should not show any messages,
  OK: besides output beginning with prefix OK:...
  OK: VPN firewall loaded.
  [email protected]:/home/user/Downloads#

After applying the new iptables rules set by the script, connections will be allowed only to VPN servers of the MultiVPN service. All other connections will be blocked:


  [email protected]:/home/user/Downloads# ping 1.1.1.1
  PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
  From 10.0.2.15 icmp_seq=1 Packet filtered
  ping: sendmsg: Operation not permitted
  ^C
  --- 1.1.1.1 ping statistics ---
  1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
  [email protected]:/home/user/Downloads# wget https://1.1.1.1
  --2020-05-26 02:19:20-- https://1.1.1.1/
  Connecting to 1.1.1.1:443... failed: No route to host.
  [email protected]:/home/user/Downloads#

Now, you can connect to the VPN server. In the event of a disconnection, switching between servers, etc. the script will block traffic leaks.

If you need to allow Internet connections again without using a VPN, run the "deactivate_vpn_firewall" command with superuser privileges:


  [email protected]:/home/user/Downloads# deactivate_vpn_firewall
  + iptables -F
  + iptables -X
  + iptables -t nat -F
  + iptables -t nat -X
  + iptables -t mangle -F
  + iptables -t mangle -X
  + iptables -P INPUT ACCEPT
  + iptables -P OUTPUT ACCEPT
  + iptables -P FORWARD ACCEPT
  + exit 0
  [email protected]:/home/user/Downloads#

Deactivating traffic leakage blocking was successful. Internet access restored:


  [email protected]:/home/user/Downloads# ping 1.1.1.1
  PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
  64 bytes from 1.1.1.1: icmp_seq=1 ttl=63 time=61.3 ms
  ^C
  --- 1.1.1.1 ping statistics ---
  1 packets transmitted, 1 received, 0% packet loss, time 0ms
  rtt min/avg/max/mdev = 61.307/61.307/61.307/0.000 ms
  [email protected]:/home/user/Downloads#

Add the script to autorun if you want to block traffic without a VPN connection, immediately after loading the operating system.

For Ubuntu Linux, you need to run the following commands with superuser privileges:


  [email protected]:/home/user/Downloads# cd /etc/init.d/
  [email protected]:/etc/init.d# wget https://raw.githubusercontent.com/piratelinux/VPN-Firewall/master/etc/init.d/vpnfirewall
  --2020-05-26 02:25:07-- https://raw.githubusercontent.com/piratelinux/VPN-Firewall/master/etc/init.d/vpnfirewall
  Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 151.101.244.133
  Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|151.101.244.133|:443... connected.
  HTTP request sent, awaiting response... 200 OK
  Length: 2699 (2,6K) [text/plain]
  Saving to: ‘vpnfirewall’
  vpnfirewall 100%[=====================>] 2,64K --.-KB/s in 0,01s
  2020-05-26 02:25:09 (226 KB/s) - ‘vpnfirewall’ saved [2699/2699]
  [email protected]:/etc/init.d# chmod 0755 vpnfirewall
  [email protected]:/etc/init.d# update-rc.d vpnfirewall defaults
  [email protected]:/etc/init.d#

For Fedora Linux, add vpnfirewall to the crontab scheduler with the command:


  echo '@reboot root /usr/bin/vpnfirewall' >> /etc/crontab

Now, after loading the operating system, blocking traffic leaks will be applied automatically.

The proposed scripts have been successfully tested on operating systems: Debian 10, Ubuntu 20, and Fedora 32.

Based on materials from the GitHub project: https://github.com/piratelinux/VPN-Firewall


Linux instructions