Please help me with my VPN killswitch and/or share your rules. Thanks allot!

Hi. Please take a look at this short video:

You probably have experience with VPN and VPN killswitches. What do you do with svchost.exe? I try to block every process and put them in the VPN rule, but that don’t work. I don’t know why! p2p client just hangs when i try to use vpn rule, and same with other applications. And if i put them in the ALLOWED rule (the programs work) but if the VPN goes down, the traffic just goes on like normal, and it’s not a working killswitch.

It should work putting all in the vpn rule, but it’s not working. I might do something wrong, but am not sure to what actually…
Do you put svchost.exe in the VPN rule or do you allow it? What kind of working VPN killswitches are you guys running? Do you put Comodo in Custom ruleset like in the video or do you use other techniques in killswitches?

I would be glad if you could help me set up a working VPN killswitch. I also got the notifications on very high, but not sure if that has anything to do with this. Probably not…
I can ALLOW the OpenVPN to connect to the internet as a rule, but that should be it. If i allow other programs and the VPN goes down, they just put out packets from my original IP. I want all to go through the VPN rule and the mac adress of the TAP adapter, and just cut all of the packets if the VPN goes down.

Please do help. Thanks for your experience and knowledge when it comes to this firewall, etc. Appreciated. What am i doing wrong? I don’t like firewalls as much right now, even if i still like comodo.

Bump. Are there people with knowledge in here or mostly new users like myself? Does anyone have answers to my questions? Thanks

I’ve not used any killswitch rules or VPNs but some things to double check…Are you sure you have “Do not show popup alerts” in the firewall settings disabled and that the firewall is in custom mode? What happens if you add the MAC address of your network card into the blocked zone and leave your TAP MAC address in the allowed zone? Also I wonder if you are behind a router. Also I’m not toally familiar with SCVHOST but what if you create a firewall rule to allow IP in/out from the MAC address of the TAP connection and block IP in/out for the MAC address of the network adapter.

Be aware these rules might prevent Windows from getting or renewing the dynamically assigned IP address from your ISP when the lease expires.

EDIT: this tutorial is for another VPn service. It doesn’t mention anything about SVCHOST so just use it as a guide and make sure the rules are in the right order.

Thanks for the answer dude!
I tried disabling the “Do not show popup alerts” and set it to allowed, but that did not help. Also… If the VPN goes down they are allowed. So i need the popups.
I’m not sure what happens if i block the mac address in my network card either… I should try a global rule. But the link you posted is on the same track as what i am trying to do. I just can’t get it to work…
Thinking about trying another firewall later on. Not sure.
Qbittorrent just don’t work in the VPN zone either. Need to allow it, which i don’t want to do. If the computer gets in sleep mode and i start it and log in, the VPN is down, and qbittorrent is open for all to see… I just want a working killswitch.

Does you or anyone know if there are any GUI for windows firewall? Like hips, etc? Because i know that kill switch will work if i uninstall Comodo. Thanks
edit: Also, i’m sure Comodo is in Custom mode.

Why not try a third party killswitch and see if that works?

If you BLOCK the MAC address of your physical NIC you will cut yourself off from the network.

But the link you posted is on the same track as what i am trying to do. I just can't get it to work...

I’ve seen one thing in that link that may cause a hiccup - the rule order and the direction for each rule is critical.

In section 3.c (creating the ruleset), it describes how to create the 3 required rules (#1, #2 and #3).

  1. Creating the first rule places #1 at the top of the list.
  2. Creating the second rule places #2 at the top of the list, pushing #1 down to second.
  3. Creating the third rule places #3 at the top of the list, pushing #2 down to second and #1 down to third.[/li][/list]

The first screenshot in section 3.c shows an action of ALLOW, whereas the text instructions for the first rule to be created are for a BLOCK rule.

If you have used this screenshot to create the first rule (as opposed to using the text instructions), you will end up with 3 ALLOW rules, where you are supposed to end up with 2 ALLOW rules above a BLOCK rule.

Hope this helps,
Ewen :slight_smile: