Wyatt Gill

Thanks for bringing this up @MartinHotmann. It is important to me that my image does what it advertises at the very least. :) To try to narrow down possible causes,...

> ...traced it back to the killswitch setup procedure, which resolves remotes ony by one, before dropping traffic through the insecure eth0 interface. > > In my case the list...

I just tested latest with this Compose file and everything works as expected ``` services: vpn: image: ghcr.io/wfg/openvpn-client:latest container_name: ovpn-test cap_add: - NET_ADMIN devices: - /dev/net/tun:/dev/net/tun environment: - SUBNETS=192.168.10.0/24 volumes:...

Unrelated, but given that sysctl, you're using ipv6. Does this image work well with that?

@MartinHotmann I have something for you to test if you're willing. 1. Build the [rewrite](https://github.com/wfg/docker-openvpn-client/tree/rewrite) branch using the `build` directory as the context. ``` docker build -t ovpn-test https://github.com/wfg/docker-openvpn-client.git#rewrite:build ```...

@MartinHotmann were you able to test?

To troubleshoot, I would see if it works with the kill switch disabled. If that doesn't fix it, try fiddling with the `SUBNETS` variable. My first guess there would be...

Hmm... Those chains look fine to me. I would expect this line: ``` 2 456 ACCEPT all -- * * 192.168.0.0/21 0.0.0.0/0 ``` would be enough to allow the traffic...

@danielsoheil How can I reproduce this?

No, I want to see the issue for myself. How can I do that? > On Apr 18, 2022, at 6:17 AM, Daniel ***@***.***> wrote: > >  > @danielsoheil...