Have read the forums posts on this subject but wanted to ask anyway… has anyone created a killswitch based on iptables installed into the plugins under OpenWrt?
Is that what under Global Options/Block non-VPN traffic is considered? A version of a killswitch?
In my opinion an killswitch will be an active process monitoring the connection and killing traffic as soon as there is an problem. From my point of view the „monitoring“ part is missing here.
—-
And, more important: A killswitch would support split tunneling. „Block non-VPN traffic“ does not.
So would a ping routine to a known host that kills the client interface on timeout qualify? If so I don’t see much of a difference in using WG’s persistent keepalive directive, provided the VPN provider doesn’t do some sort of throttling of such packets, of course.
It’s an interesting question given WG is a stateless protocol.
(Meh; I disagree on split-tunnelling but I can see how it has its uses.)