Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Deny all packets unless they pass through the OpenVPN connection
- wifi=en1
- vpn=tun0
- block all
- set skip on lo
- pass on $wifi proto udp to [OpenVPN server IP address] port 443
- pass on $vpn
- #
- # com.apple anchor point
- #
- scrub-anchor "com.apple/*"
- nat-anchor "com.apple/*"
- rdr-anchor "com.apple/*"as
- dummynet-anchor "com.apple/*"
- anchor "com.apple/*"
- load anchor "com.apple" from "/etc/pf.anchors/com.apple"
- #
- # Allow connection via Viscosity only
- #
- wifi=en1 #change this to en0 on MacBook Airs and other Macs without ethernet ports
- vpn=tun0
- vpn2=tap0
- block all
- set skip on lo # allow local traffic
- pass on p2p0 #allow AirDrop
- pass on p2p1 #allow AirDrop
- pass on p2p2 #allow AirDrop
- pass quick proto tcp to any port 631 #allow AirPrint
- pass on $wifi proto udp # allow only UDP packets over unprotected Wi-Fi
- pass on $vpn # allow everything else through the VPN (tun interface)
- pass on $vpn2 # allow everything else through the VPN (tap interface)
- lan=en0
- wifi=en1
- vpn=tun0
- block all
- set skip on lo
- pass on $lan proto { udp,tcp } to 8.8.8.8
- pass on $lan proto tcp to vpn.btguard.com port 1194
- pass on $vpn
- $ killswitch -i
- Interface MAC address IP
- en1 bc:57:36:d1:82:ba 192.168.1.7
- ppp0 10.10.1.3
- public IP address: 93.117.82.123
- # --------------------------------------------------------------
- # Sat, 19 Nov 2016 12:37:24 +0100
- # sudo pfctl -Fa -f ~/.killswitch.pf.conf -e
- # --------------------------------------------------------------
- int_en1 = "en1"
- vpn_ppp0 = "ppp0"
- vpn_ip = "93.117.82.123"
- set block-policy drop
- set ruleset-optimization basic
- set skip on lo0
- block all
- pass on $int_en1 proto udp to 224.0.0.251 port 5353
- pass on $int_en1 proto udp from any port 67 to any port 68
- pass on $int_en1 inet proto icmp all icmp-type 8 code 0
- pass on $int_en1 proto {tcp, udp} from any to $vpn_ip
- pass on $vpn_ppp0 all
- pass on $wifi inet6 proto udp from any to FF02:0000:0000:0000:0000:0000:0000:00FB port 5353
Add Comment
Please, Sign In to add comment