API tools faq
paste
Guest User

Untitled

a guest
Jan 22nd, 2018
297
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.00 KB | None | 0 0
raw download clone embed print report
  1. # Deny all packets unless they pass through the OpenVPN connection
  2. wifi=en1
  3. vpn=tun0
  4.  
  5. block all
  6.  
  7. set skip on lo
  8. pass on $wifi proto udp to [OpenVPN server IP address] port 443
  9. pass on $vpn
  10.  
  11. #
  12. # com.apple anchor point
  13. #
  14. scrub-anchor "com.apple/*"
  15. nat-anchor "com.apple/*"
  16. rdr-anchor "com.apple/*"as
  17. dummynet-anchor "com.apple/*"
  18. anchor "com.apple/*"
  19. load anchor "com.apple" from "/etc/pf.anchors/com.apple"
  20.  
  21. #
  22. # Allow connection via Viscosity only
  23. #
  24. wifi=en1 #change this to en0 on MacBook Airs and other Macs without ethernet ports
  25. vpn=tun0
  26. vpn2=tap0
  27.  
  28. block all
  29.  
  30. set skip on lo # allow local traffic
  31.  
  32. pass on p2p0 #allow AirDrop
  33. pass on p2p1 #allow AirDrop
  34. pass on p2p2 #allow AirDrop
  35. pass quick proto tcp to any port 631 #allow AirPrint
  36.  
  37. pass on $wifi proto udp # allow only UDP packets over unprotected Wi-Fi
  38. pass on $vpn # allow everything else through the VPN (tun interface)
  39. pass on $vpn2 # allow everything else through the VPN (tap interface)
  40.  
  41. lan=en0
  42. wifi=en1
  43. vpn=tun0
  44. block all
  45. set skip on lo
  46. pass on $lan proto { udp,tcp } to 8.8.8.8
  47. pass on $lan proto tcp to vpn.btguard.com port 1194
  48. pass on $vpn
  49.  
  50. $ killswitch -i
  51. Interface MAC address IP
  52. en1 bc:57:36:d1:82:ba 192.168.1.7
  53. ppp0 10.10.1.3
  54.  
  55. public IP address: 93.117.82.123
  56.  
  57. # --------------------------------------------------------------
  58. # Sat, 19 Nov 2016 12:37:24 +0100
  59. # sudo pfctl -Fa -f ~/.killswitch.pf.conf -e
  60. # --------------------------------------------------------------
  61. int_en1 = "en1"
  62. vpn_ppp0 = "ppp0"
  63. vpn_ip = "93.117.82.123"
  64. set block-policy drop
  65. set ruleset-optimization basic
  66. set skip on lo0
  67. block all
  68. pass on $int_en1 proto udp to 224.0.0.251 port 5353
  69. pass on $int_en1 proto udp from any port 67 to any port 68
  70. pass on $int_en1 inet proto icmp all icmp-type 8 code 0
  71. pass on $int_en1 proto {tcp, udp} from any to $vpn_ip
  72. pass on $vpn_ppp0 all
  73.  
  74. pass on $wifi inet6 proto udp from any to FF02:0000:0000:0000:0000:0000:0000:00FB port 5353
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!