[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [CONTRIBUTE] [DONATE]

I modified the Whonix-External.xml - Is this OK?

Hello,

This is the default Whonix-External.xml

<network>
  <name>Whonix-External</name>
  <forward mode='nat'/>
  <bridge name='virbr1' stp='on' delay='0'/>
  <ip address='10.0.2.2' netmask='255.255.255.0'/>
</network>

Would this be an acceptable modification to ensure all traffic passes through tun0 and won’t leak if it the VPN disconnects?

<network>
  <name>Whonix-External</name>
  <forward dev='tun0' mode='nat'>
    <interface dev='tun0'/>
  </forward>
  <bridge name='virbr1' stp='on' delay='0'/>
  <ip address='10.0.2.2' netmask='255.255.255.0'>
  </ip>
</network>

Interesting use case! Try simulating this situation by terminating the VPN connection randomly and see if the GW can still communicate with the outside world. If you want to avoid leaving network fingerprints while testing then try running a VPN server listening on the localhost and assign it tun0 instead. Wireshark may be of use.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]