Hello,
my aim is to set Windows Firewall to block all traffic that do not go thru OpenVPN or ShadowSocks.
So i googled and found tutorial which i followed https://support.nvpn.net/Knowledgeb...w-to-prevent-an-ip-leak-with-windows-firewall
Except that i have not set Win. Firewall to block all traffic by default just on "Private" and "Domain" network profile, but also on "public" profile as i have public set as default somehow. So all profiles should have in/out traffic blocked, except my custom rules for openvpn and shadowsocks apps which are allowed.
Second thing i did differently from that tutorial is that i removed all "Allow" kind of rules in both inbound/outbound firewall rules so it is sure indeed everything except openvpn is blocked.
Screenshots are here
After this in Microsoft Edge browser (set to no proxy, autodetect) i can not visit any website (good, but strange, while OpenVPN is running, Firefox set to openvpn works OK).
BUT the bigger issue is this: despite that Win. Firewall should block everything except openvpn and shadowsocks application's traffic, the "tracert 8.8.8.8" command done via command line finishes and i see my real public facing IP in the path (bad, it should be blocked, only openvpn traffic allowed). And when i enable my secondary firewall (Comodo) then traceroute is blocked as i set commodo to block exerything except openvpn.
So this is strange why Windows firewall do no block that traceroute. Any idea please?
my aim is to set Windows Firewall to block all traffic that do not go thru OpenVPN or ShadowSocks.
So i googled and found tutorial which i followed https://support.nvpn.net/Knowledgeb...w-to-prevent-an-ip-leak-with-windows-firewall
Except that i have not set Win. Firewall to block all traffic by default just on "Private" and "Domain" network profile, but also on "public" profile as i have public set as default somehow. So all profiles should have in/out traffic blocked, except my custom rules for openvpn and shadowsocks apps which are allowed.
Second thing i did differently from that tutorial is that i removed all "Allow" kind of rules in both inbound/outbound firewall rules so it is sure indeed everything except openvpn is blocked.
Screenshots are here
After this in Microsoft Edge browser (set to no proxy, autodetect) i can not visit any website (good, but strange, while OpenVPN is running, Firefox set to openvpn works OK).
BUT the bigger issue is this: despite that Win. Firewall should block everything except openvpn and shadowsocks application's traffic, the "tracert 8.8.8.8" command done via command line finishes and i see my real public facing IP in the path (bad, it should be blocked, only openvpn traffic allowed). And when i enable my secondary firewall (Comodo) then traceroute is blocked as i set commodo to block exerything except openvpn.
So this is strange why Windows firewall do no block that traceroute. Any idea please?
Last edited:
