I would like to report a bug in the latest Little Snitch.
OS: Mac OS X 10.8.5
Little Snitch: 3.2 nightly (4044)
OpenVPN: Viscosity 1.4.5 (1151)
The whole network traffic is routed through a OpenVPN Server and I use Little Snitch to prevent IP Leaks.
I created 2 Profiles:
- 1) Profile - "PUnsecured":
- I disabled nearly all Connections to the internet. Only the connection to the OpenVPN Server is allowed. As soon as the connection is established the profile "PSecured" is activated automatically.
2) Profile -"PSecured"
- This profile is activated as soon as the OpenVPN connection is established. Everything is allowed.
This configuration works really fine. As soon as the VPN connection is closed the Profile "PUnsecured" is activated and applications SHOULD NOT be able to access the internet.
But I saw that a very very very very short time after the VPN connection is closed the normal network had access to the internet.
Proof of Concept
- 1) I connected to the VPN and "PSecured" was successfully activated.
- 2) Then I visited my own website and refreshed it many many many times. During this process I disabled the VPN connection and the Profile "PUnsecured" was activated successfully.
I looked into the access logs of my webserver and expected to only see the IP of my VPN but their was one request which was made from my local network
-> IP LEAK
I hope that you can fix this (do a faster profile switch).
Another BUG: Little Snitch does double-count the Bandwidth when using VPN Clients.
Would be awesome if you could fix this! And also please reply to this thread.
I have retested it and everything worked fine - Is this just coincidence or have I done something wrong at the POC (not a bug)?