Skip to content

feat(killswitch): implement Windows firewall kill switch#9

Merged
wallydz-bot[bot] merged 3 commits intovpnht-rewritefrom
audit/production-readiness-20260221
Feb 21, 2026
Merged

feat(killswitch): implement Windows firewall kill switch#9
wallydz-bot[bot] merged 3 commits intovpnht-rewritefrom
audit/production-readiness-20260221

Conversation

@wallydz-bot
Copy link

@wallydz-bot wallydz-bot bot commented Feb 21, 2026

Summary

  • Implement Windows firewall kill switch using netsh advfirewall and PowerShell
  • Block all outbound traffic except WireGuard interface
  • No password prompt (assumes elevated process)

Changes

  • setup_wfp(): Creates firewall block rule via netsh
  • teardown_wfp(): Removes rules on disable
  • WireGuard interface detection via PowerShell
  • Interface-specific allow via New-NetFirewallRule -InterfaceAlias
  • DHCP/DNS allow rules for essential connectivity
  • Drop trait for automatic cleanup
  • Unit tests for interface name sanitization

netsh Syntax

netsh advfirewall firewall add rule name="VPNht Kill Switch Block" dir=out action=block remoteip=any
netsh advfirewall firewall delete rule name="VPNht Kill Switch Block"

wallydz-bot[bot] added 3 commits February 21, 2026 20:33
docs: add DECISIONS SECURITY_REVIEW TEST_PLAN\n\nPhase 8 deliverables…
7e0d849 
…. Baseline verified. Swarm consolidated.
fix(security): prevent command injection in macOS run_privileged_command
0aa7cda 
The previous implementation used format!() to build shell scripts,
allowing potential command injection if cmd or args contained special
characters like quotes, backticks, or semicolons.

Fix by implementing proper shell escaping using single-quote escaping,
which safely handles all special characters including embedded quotes.

Before (vulnerable):
  do shell script "cmd args" with administrator privileges

After (safe):
  do shell script 'cmd' 'arg1' 'arg2' with administrator privileges

Also improved Command builder to use .arg() instead of .args() with
mutable Vec references for cleaner code.
feat(killswitch): implement Windows firewall kill switch using netsh …
c0e42aa 
…advfirewall

- Add setup_wfp() for Windows: blocks all outbound traffic via netsh
- Add netsh advfirewall firewall add rule for block/allow rules
- Use PowerShell New-NetFirewallRule for WireGuard interface filtering
- Allow DHCP/DNS for essential connectivity
- Implement teardown_wfp() for cleanup on disable
- Add Drop impl to ensure cleanup on struct destruction
- Add unit tests for interface name sanitization
- Remove password requirement (assumes elevated process)

netsh syntax:
- Block: netsh advfirewall firewall add rule name="VPNht Kill Switch Block" dir=out action=block remoteip=any enable=yes profile=any
- Delete: netsh advfirewall firewall delete rule name="VPNht Kill Switch Block"

Fixes Windows kill switch implementation
@wallydz-bot wallydz-bot bot merged commit d8c0a35 into vpnht-rewrite Feb 21, 2026
6 of 9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants