[BUG?] Profile switch - IP Leak

General discussions about Little Snitch
Post Reply
WebDesZ
Posts: 3
Joined: Sat Oct 05, 2013 11:36 pm
Contact:

[BUG?] Profile switch - IP Leak

Post by WebDesZ » Sun Oct 06, 2013 12:19 am

Hello,

I would like to report a bug in the latest Little Snitch.

My System
OS: Mac OS X 10.8.5
Little Snitch: 3.2 nightly (4044)
OpenVPN: Viscosity 1.4.5 (1151)


Configuration
The whole network traffic is routed through a OpenVPN Server and I use Little Snitch to prevent IP Leaks.
I created 2 Profiles:

    1) Profile - "PUnsecured":
      I disabled nearly all Connections to the internet. Only the connection to the OpenVPN Server is allowed. As soon as the connection is established the profile "PSecured" is activated automatically.

      Image

    2) Profile -"PSecured"
      This profile is activated as soon as the OpenVPN connection is established. Everything is allowed.

This configuration works really fine. As soon as the VPN connection is closed the Profile "PUnsecured" is activated and applications SHOULD NOT be able to access the internet.
But I saw that a very very very very short time after the VPN connection is closed the normal network had access to the internet.

Proof of Concept
      1) I connected to the VPN and "PSecured" was successfully activated.
      2) Then I visited my own website and refreshed it many many many times. During this process I disabled the VPN connection and the Profile "PUnsecured" was activated successfully.
So far so good, but their is the following problem:

I looked into the access logs of my webserver and expected to only see the IP of my VPN but their was one request which was made from my local network
-> IP LEAK

I hope that you can fix this (do a faster profile switch).

Another BUG: Little Snitch does double-count the Bandwidth when using VPN Clients.

Would be awesome if you could fix this! And also please reply to this thread.


UPDATE
I have retested it and everything worked fine - Is this just coincidence or have I done something wrong at the POC (not a bug)?

ferologics
Posts: 3
Joined: Sat Jul 23, 2016 11:34 pm

Re: [BUG?] Profile switch - IP Leak

Post by ferologics » Sat Jul 23, 2016 11:51 pm

Hey, could re-upload the image of your set up? Appreciated 8)

IDon'tExist
Posts: 2
Joined: Fri Jun 23, 2017 4:33 pm

Re: [BUG?] Profile switch - IP Leak

Post by IDon'tExist » Fri Jun 23, 2017 4:50 pm

I'm curious if any fix was ever made for this? A reply from the devs would be appreciated.

The fix should be easy as LS should just block all traffic BEFORE it switches profiles.

Post Reply