A good VPN can protect your privacy when browsing the web… but only as long as it's running. When you suddenly lose your VPN connection your traffic will be rerouted through your default connection, leaving you vulnerable and compromising your anonymity. If you're on a Mac or BSD system you already have a program installed that can filter your network traffic to prevent this situation “pf”. This tool generates a pf config that only allows outgoing network traffic to the IPs of your VPN provider. If the connection is disrupted no network packets will leave your computer, guaranteeing your anonymity.
I am personally using NordVPN because of their huge number of servers and no logs policy. I created a preset for NordVPN that automatically fetches the IPs of all of their servers. If you are looking for a good VPN provider I can highly recommend NordVPN and if you use my reflink http://nordvpn.com/?ref=1020261 to sign up you even get some credits that you can use to renew your subscription.
To use your new config copy it to
/etc/pf.conf or any other location and start pf with
pfctl -f /etc/pf.conf -e.
-e flag enables pf, you can disable it with
To view the current status of pf run
pfctl -s info.
This tool just tries to further increase your online privacy, please be aware that there is no such thing as 100% anonymity.