On 19/11/2021 13:57, Gert Doering wrote:
Hi,
On Fri, Nov 19, 2021 at 01:52:20PM +, lejeczek via Openvpn-users wrote:
unset client-to-client in the openvpn config, make sure "a given client"
has a known IP address (ifconfig-push in ccd/), then do the filtering
by iptables on the linux
client-to-client bypasses nftables entirely. With it enabled,
client-to-client packets are routed internally to openvpn via the
iroute table without ever being handed off to the kernel for
inspection, firewalling, routing, counting, capturing, mangling, or
anything else.
Without
On 15/11/2021 13:31, Gert Doering wrote:
Hi,
On Sat, Nov 13, 2021 at 09:05:19PM +, lejeczek via Openvpn-users wrote:
On Linux, OpenVPN does not modify the DNS servers itself (unlike Windows).
There's two ways to make it happen
- use Network Manager to run OpenVPN - it will parse
On 13/11/2021 22:21, Gert Doering wrote:
Hi,
On Sat, Nov 13, 2021 at 09:11:03PM +, lejeczek via Openvpn-users wrote:
I wonder if that would be pipe wishes to think it should be
possible - to deny clients to clients and then work with
exception, exclusion where a given client(s) would be
On 19/11/2021 15:08, Joe Patterson wrote:
client-to-client bypasses nftables entirely. With it enabled,
client-to-client packets are routed internally to openvpn via the
iroute table without ever being handed off to the kernel for
inspection, firewalling, routing, counting, capturing,
Hi,
On Fri, Nov 19, 2021 at 02:53:17PM +, lejeczek via Openvpn-users wrote:
> client-to-client works. I did disable it as per your
> suggestion to "unset" and am trying to work it out through
> rules which would allow.
> But similarly enabled 'client-to-client' also seems to
> escape my
