PDA

View Full Version : Internet Securing VPN with routing tables, the easier way



Expeto
04-15-2010, 01:35 PM
First of all, the thing about the routing tables is, if you screw them up, you can't get any online help and you can't even come here and curse me for tutorial. So be careful, and if you don't have any background check my
other guide for some basic information about VPN and easier ways (http://filesharingtalk.com/vb3/f-guides-and-tutorials-65/t-vpn-guide-for-n00bs-406755) to stop IP leak, however this way is more effective and strong, and this is easier to install if you have a bit of experience.

If you already know about how to use routing tables, skip to next blue to learn about a nice trick which will make it less painfull and practical.


What are the routing tables
Routing tables are basically the tables which routes your Internet connections, check the wiki page for more info (http://en.wikipedia.org/wiki/Routing_table)

Why my IP leaks
Because sometime VPN disconnects and your torrent applications keeps downloading.
Check this guide for more info about why your IP leaks (http://filesharingtalk.com/vb3/f-guides-and-tutorials-65/t-vpn-guide-for-n00bs-406755)

How to stop IP leak with them
First check your existing routing tables with, type this to cmd;

netstat -R

if you don't know how to access cmd, you shouldn't be playing with your route tables.

The response will be like this,

C:\Documents and Settings\expeto>netstat -R
Route table

===========================================================================
[Technical info here, also your IF number is here]
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 02 a5 7a 7e b5 ...... Intel(R) PRO/100 VM Network Connection -
Packet
Scheduler Miniport
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.8 20
24.67.179.0 255.255.255.0 24.67.179.22 24.67.179.22 1
24.67.179.22 255.255.255.255 127.0.0.1 127.0.0.1 1
24.255.255.255 255.255.255.255 24.67.179.22 24.67.179.22 5
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 224.0.0.0 24.67.179.22 24.67.179.22 5
255.255.255.255 255.255.255.255 24.67.179.22 2 1
Default Gateway: 24.67.179.1
===========================================================================
Persistent Routes:
None


this table is like a cheat sheet of windows to know what to do with which connection.
0.0.0.0 means any IP address so,
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.8 20

means any connection to anywhere redirects to 192.168.0.1(it might be a different IP on your computer, if so use your different gateway IP instead of 192.168.0.1 in rest of this tutorial, which is your router. What we are trying to do is add a new rules to redirect any connection to anywhere to your VPN provider.
Actually every time you start your VPN, windows automatically adds this rule, which you can see by "netstat -R" when your VPN is connected. The problem is when VPN disconnects windows automatically removes this rule and your IP leaks.

What we will do is manually remove this rule which allows you to connect the internet

0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.8 20

But if you do this before connecting your VPN, there be no rule to redirect your connection and you won't be able to connect to VPN. You won't be able to connect the internet neither

So you have to type
route delete 0.0.0.0 192.168.0.1 after connecting VPN. When you do this, you IP wont leak anymore. But when you close VPN you can't connect the internet. Because there no 0.0.0.0 rule to redirect you to right way.

You have to type
route add 0.0.0.0 mask 0.0.0.0 192.168.0.1
to get your connection working again. This will also allow you IP to leak if your torrent application is still working.

But this is way too much work to do every time, there is 3 know solutions for this

A) use a virtual machine(like virtualbox (http://www.virtualbox.org/) )
Which basically creates a new computer in your computer, the new computer works with its own OS and its own routing tables. You remove the tables from your virtual machine and your real machine will be unaffected.
But this is not very practical, a virtual system is pretty bad for your resources

B) you can use a graphical software to edit your routing tables. It will work but it is worst way to do this.

The BEST Way
Some people make a batch script for every stage of this so then click everyone of them in order to get this thing done, I find this not so usefull, maybe its just because I know what a batch script is capable of. Even though they are not as good as linux scripts they can get simple things done.

Its not very hard thing to do, just open a empty text file and type this inside it;


rasphone -d [VPN connection name]
route delete 0.0.0.0 192.168.0.1

you have to replace [VPN connection name] with the name of your VPN connection. Duh!
save it as "connect.txt" than change the name to connect.bat
Now when you click the connect.bat it will connect you to VPN and remove the route.
Also make another txt file called "disconnect.txt"

rasdial [VPN connection name] /disconnect
route add 0.0.0.0 mask 0.0.0.0 192.168.0.1
than rename this as disconnect.bat . Clicking this one will disconnect you from VPN and restore your route tables.

Also alternatively you can use these 2
alternative for connect.bat ;


rasphone -d VPN
echo wscript.sleep 20000 > temp.vbs
start /wait temp.vbs
route delete 0.0.0.0 192.168.0.1
del temp.vbs

alternative for disconnect.bat ;


rasdial VPN /disconnect
echo wscript.sleep 20000 > temp.vbs
start /wait temp.vbs
route add 0.0.0.0 mask 0.0.0.0 192.168.0.1
del temp.vbs

these 2 alternative scripts uses temporary file to make a 20second delay. Both will get the job done but you will see temp.vbs flashing on your desktop for few seconds, this is just the way they work.

IF(Interface)
try adding IF to end of "route add" if it wont work alone, like "route add 0.0.0.0 mask 0.0.0.0 192.168.0.1 IF [number]" [number] may be different at different computers, if you don't know your IF(interface) number, you can learn by netstat -r.

C:\Documents and Settings\expeto>netstat -R
Route table

===========================================================================
your IF number is here
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 02 a5 7a 7e b5 ...... Intel(R) PRO/100 VM Network Connection -
Packet
Scheduler Miniport
In this example its "IF 2"
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.8 20
24.67.179.0 255.255.255.0 24.67.179.22 24.67.179.22 1
24.67.179.22 255.255.255.255 127.0.0.1 127.0.0.1 1
24.255.255.255 255.255.255.255 24.67.179.22 24.67.179.22 5
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 224.0.0.0 24.67.179.22 24.67.179.22 5
255.255.255.255 255.255.255.255 24.67.179.22 2 1
Default Gateway: 24.67.179.1
===========================================================================
Persistent Routes:
None


If your network connected to 0x2 you will use "IF 2", if your network connect to the device at 0x5 you will use "IF 5"

If you cannot find the IF number, trial and error will get the job done.If you type a wrong number you just get and error route table won't be added, so you can try all of the number 1-10 to find the right one. If you don't get an error at a particular number but if your connection still doesn't work, use route delete 0.0.0.0 192.168.0.1 and keep trying other numbers.

This guide is %100 original, which means all of the guide is writen by me, feel free to copy/paste just don't forget to give a bit of credit to me :)

Feel free to give feedback and ask questions

If you already screwed your route tables,
"route -f" to rebuild your route tables while VPN off, restart computer after this.
also "netsh winsock reset" and "IPConfig /renew" are another ways to reset.