Hi,
On Tue, Jan 12, 2016 at 01:41:09PM +0100, David Sommerseth wrote:
> > In the FORWARD chain, the easiest approach - and reasonably secure,
> > unless you distrust your VPN clients - is to permit everything
> > coming in via tun0
> >
> > iptables -I INPUT -i tun0 -j FORWARD
> >
> > (or similar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/16 08:50, Gert Doering wrote:
> Hi,
>
> On Mon, Jan 11, 2016 at 01:06:18PM -0800, Jeff Boyce wrote:
>> Now, I don't want to leave my firewall with a default Accept All
>> setting on the forwarding chain, so I need to identify a rule
>> specif
Hi,
Ok, this getting away from OpenVPN so just this one reply.
> One small remark below:
>
>
>
>> # Set policies
>> $IPTABLES -P INPUT DROP
>> $IPTABLES -P FORWARD DROP
>> $IPTABLES -P OUTPUT ACCEPT
>>
>
>
> Why would you allow unrestricted outgoing traffic?
> I would suggest to set also tha
Hi Jeff,
Jeff Boyce wrote:
> Thanks for the pointers. I am doing some research now reading through
> the iptables man page and reading other examples.
I recommend this howto:
http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO.html
It was written for Linux 2.4, but all the ip
One small remark below:
-Original Message-
From: Bonno Bloksma [mailto:b.blok...@tio.nl]
Sent: dinsdag 12 januari 2016 8:33
To: openvpn-users@lists.sourceforge.net
Subject: Re: [Openvpn-users] Issue getting to LAN behind VPN Server
# Set policies
$IPTABLES -P INPUT DROP
$IPTABLES -P FO