Blocking all internet access except through VPN

[mjr161]

I have a situation here where I need to only allow any internet access through a PPTP VPN connection, and if the VPN is not connected or becomes disconnected... the computer will not be able to grab the local internet access through ethernet or wifi and reconnect using my isp.

I have downloaded Wateroof and applied the following rules...

ipv4
add 01000 allow ip from any to any via ppp0
add 01100 allow ip from any to [IP of VPN host]
add 01200 deny ip from any to not me
add 65535 allow ip from any to any

ipv6
add 01000 allow ipv6 from any to any via ppp0
add 01100 deny ipv6 from any to any
add 65535 allow ipv6 from any to any

With these rules, my block works well. The computer seems like it is only accessible to the internet through the VPN and loses connection and cannot reconnect if the VPN is disconnected.

Here's my one issue though...

These rules seem to cutoff my ability see any machine on my local network, and to access other computer's screen share/files or even share my printer. What do I need to do to adjust these rules so I regain local network functions (screen share, file sharing, print sharing) while still blocking all internet access through all devices except through my VPN.

 

[mjr161]

anyone?