I have been using a SSH tunnel (Please see this post for the instructions, http://swapoff.blogspot.com/2018/03/how-to-create-ssh-tunnel-and-use-it-for.html) for web browsing via Firefox.
I used it to forward DNS queries well. So I thought I'm pretty much safe until I read about WebRTC feature in web browsers.
WebRTC allows P2P communication for real time communication in web browsers. WebRTC can be used to get your true IP address via STUN requests with browsers, even when you are using a VPN or SSH tunnel.
You can check whether WebRTC is enabled using several methods, but checking it via a web application is easier than any other methods. e.g.: https://browserleaks.com/webrtc
To disable WebRTC in firefox, set media.peerconnection.enabled to false via about:config
