VPN Explanation and Privacy Concerns
What My VPN Does
- Allow your device(s) to connect to my services.
- Allow my services to connect to your device(s).
What My VPN Doesn't
- Allow other users of the VPN to see or interact with your device(s).
- Route any internet-bound traffic.
ZeroTier
I utilize software called ZeroTier to create my VPN. ZeroTier provides several advantages over more traditional VPN software and, most importantly, is arguably the easiest for you to set up on your device. All you have to do is install the program, enter my network ID, and done. No scary menus, no fifty-step setup process. Just a few clicks/taps and you're done.
ZeroTier, like most other VPN solutions, encrypts all traffic in transit. This means that even if you are on an insecure network, all traffic going to my services will be encrypted.
While ZeroTier has the capability to route all of your internet traffic through the VPN, my network is not set up to do this since I have no interest in seeing your internet-bound traffic or having it go through my IP address. My VPN only routes traffic going to my services. Your internet-bound traffic is untouched.
Firewall
My VPN has a fairly strict firewall configuration. The actual, raw firewall configuration can be found on the wiki, but a summarized version is provided below. For any given piece of data sent on the VPN, its details are matched with the rules below in order from top to bottom. The moment a successful match is made, the rule is processed and no further rules are considered. For example, if a piece of data is web traffic and its headed to my wiki then it will be allowed. If it's web traffic but its trying to go to another client on the network then it will be dropped.
| Rule |
Protocol |
From |
To |
| Allow |
ARP |
Everyone |
Everyone |
| Allow |
Anything |
My Servers |
Everyone |
| Allow |
ICMP |
Everyone |
My Servers |
| Allow |
Various Ports |
Everyone |
My Various Servers |
| Drop |
Anything |
Everyone |
Everyone |
No Comments