in Linux

How to prevent leaks from VPN

I used following commands to prevent -almost- any outgoing internet connection from my Linux computer when VPN connection is not active. It is simple and it works.

Reset ufw rules to default
# ufw --force reset 

Drop all incoming traffic
# ufw default deny incoming 

Drop all outgoing traffic
# ufw default deny outgoing 

Let firewall allow outbound VPN traffic
# ufw allow out on tun0 

Let firewall allow VPN connection to be established
Change IP, port and protocol values as per your VPN server config
Example: ufw allow out to port 9999 proto udp
# ufw allow out to $serverIP port $port proto $proto 

Run firewall and make it start automatically during startup
# ufw enable


Leave a Reply


  • How to keep VPN connection alive automatically on debian – Ertuğrul Harman

    […] short period of time. IPTABLES may be used to prevent this. I will talk about that in another post. Here is my post about how to do this simply and […]