VPN Kill switch on KODI libreelec

  • Hello,

    Is there a way to implement /activate a vpn kill switch in LibreELEC, to prevent being exposed when my VPN connection is down?

    Thanks in advance,

    peanut

  • Hello Iridium,

    Why is this question out of scope? LibreELEC is the basis for primarily Kodi. VPN is always advised in combination with Kodi, so I don't understand why my question about a VPN kill switch is out of scope for this forum. Can you elaborate on that?

    Kind regards,

    peanut

  • VPN might be advised for illegal content (which is not endorsed here), other than that there's really no reason to use it. There's no inherent VPN functionality in LibreELEC either other than third party addons, so I concur this is out of scope for the forum. You can of course ask, but I'd recommend the OpenVPN forum (I suppose that's what you are using) as the chances of finding what you are looking for here is slim.

  • Ah,

    Crystal clear Escalade... Thank you for explaining. I always use a VPN (not particularly for piracy) but for privacy, so hence my question. I already did a search on other fora (including the OpenVPN forum) but I can't find the answer I'm looking for unfortunately. Maybe one of the other forum members (Da Flex) can elaborate on his suggestion of using a Python script with autostart.sh?

    In the mean time I will search on other fora for an answer (if there is one)...

    Kind regards,

    peanut

    • Official Post

    I think it's doable, but I don't use VPN. The basic idea is to write a loop, which permanently checks VPN connectivity. When it's off, the script should switch off the non-VPN connection of LE, and maybe shows a popup (called "toast").

    Assuming you'll place the Python script at /storage/scripts/vpn.py, your /storage/.config/autostart.sh could look like this:

    Bash
    #!/bin/sh
    
    (
        python /storage/scripts/vpn.py
    ) &

    The guys from OpenVPN forum should know how to Python-check VPN connectivity. The part of our forum is to show you how to switch the default connection off/on, and how to display the toast.

  • VPN might be advised for illegal content (which is not endorsed here), other than that there's really no reason to use it.

    I have to disagree. In the US, congress allowed ISPs to sell all user data for profit.

    I have my entire internet connection go through a vpn because I simply don't trust my ISP with my internet traffic data.

    My vpn provider on the other hand claims they keep no data or logs, and their claims have been tested in courts multiple times where they were subpoenaed to hand over data on specific users and the only data they had was that the said user was a paying subscriber, nothing else. Therefore I trust them.

  • You don’t need to write a python script, you can just use systemd to automatically restart it. But If there’s a problem with your provider, then this might not work reliably.

    My addon takes the python script approach, also stopping any media as well. And you can specify how often it checks from some small number of seconds. This approach is a balance between the CPU effort of checking a running task vs playing media. I found that on the Pi this would mess with playing more intensive media (like 10GB+ higher bit rate movies, etc)

    This isn’t a kill switch tho. A kill switch will block regular traffic over anything that’s not the VPN so that if the VPN fails, nothing can flow ever. This block will be removed when the VPN is disconnected. I think the only way to achieve this is by using the openvpn up and down scripts to manipulate the IP table.

    What approach you take really depends on how “protected” you want to be with your VPN and why you’re using it (avoid that rabbit hole on this forum...)

  • I figured it out with the help and search of several other fora. I've got a working VPN kill switch now. Thanks for all the input and suggestions...

    Kind regards,

    peanut