Revision history [back]
 | 1 | initial version | posted 2020-04-24 12:30:09 +0200  |
Lack of 'vpn always on' feature is a security vulnerability
There is no VPN-always-on option in Sailfish OS. This has been featured with the Android ROM for many years.
This is a major security vulnerability for anyone using or relying on Sailfish's VPN feature. Since my internet connection regularly drops, this causes my traffic to regularly leak out into my host network, unencrypted.
I logged this issue as a bug on 23/10/19 on https://jolla.zendesk.com. I am submitting this as a feature request because this seems to be my only option but this should really be logged as a security vulnerability.
For the meanwhile, please can someone suggest some iptables rules that will patch this vulnerability such as:
sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
sudo iptables -A FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o tun0 -j ACCEPT
Thank you for all your hard work Sailfish!
| | 2 | No.2 Revision |
Lack of 'vpn always on' feature is a security vulnerability
There is no VPN-always-on option in Sailfish OS. This has been featured with the Android ROM for many years.
This is a major security vulnerability for anyone using or relying on Sailfish's VPN feature. Since my internet connection regularly drops, this causes my traffic to regularly leak out into my host network, unencrypted.
I logged this issue as a bug on 23/10/19 on https://jolla.zendesk.com. I am submitting this as a feature request because this seems to be my only option but this should really be logged as a security vulnerability.
For the meanwhile, please can someone suggest some iptables rules that will patch this vulnerability such as:
sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
sudo iptables -A FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o tun0 -j ACCEPT
Thank you for all your hard work Sailfish!
| | 3 | No.3 Revision |
Lack of 'vpn always on' feature is a security vulnerability
There is no VPN-always-on option in Sailfish OS. This has been featured with the Android ROM for many years.
This is a major security vulnerability for anyone using or relying on Sailfish's VPN feature. Since my internet connection regularly drops, this causes my traffic to regularly leak out into my host network, unencrypted.
I logged this issue as a bug on 23/10/19 on https://jolla.zendesk.com. I am submitting this as a feature request because this seems to be my only option but this should really be logged as a security vulnerability.
For the meanwhile, please can someone suggest some iptables rules that will patch this vulnerability such as:
sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
sudo iptables -A FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o tun0 -j ACCEPT
Thank you for all your hard work Sailfish!