-
Notifications
You must be signed in to change notification settings - Fork 335
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature request] nftables hook/config for mullvad vpn linux app? #6638
Comments
Hi. Just in case it wasn't clear from the advanced split tunneling guide, the nftables ruleset you write only needs to be applied once, and can be left in place whether connected or not. It shouldn't be more work than writing a script that we call for you after connecting. Could you elaborate on why the solution doesn't work for you? It's also unclear how a custom ruleset applied after connecting would be cleaned up of afterwards. How does your current setup handle that? |
Hi. I currently have an nftables script that I source inside my nftables startup script ( I have the following table (This table is being sourced in
And when I list the ruleset using
But I cannot ssh into my servers anymore. But when I source the nftables manually using Or if I don't do that or use Either I have configured my nftables script badly, or mullvad cannot respect a pre-configured nftables script after connecting. I'm not well versed in the configuration of nftables, but according to the guide on Mullvad's website everything should work. |
Hello again, sorry for the late reply. I tested your You say that when you source the firewall rules after connecting it works as expected, which is peculiar. It's a bit far fetched, but maybe it could be an issue with |
I have checked if others have suggested this already
Feature description
Currently the advanced split tunneling feature in Mullvad requires writing a custom nftables ruleset that should be manually applied.
It will be very helpful if mullvad can provide a post connection nftables hook, that calls the splittunneling script provided by the user.
Alternative solutions
I am run, and then connect to mullvad. Using a cronjob I check if it's connected, and if so, apply the splittunneling nft ruleset that I have written.
This can be done much cleaner.
Type of feature
Operating System
The text was updated successfully, but these errors were encountered: