LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   IPTABLES + vpn passthrough issue (http://www.linuxquestions.org/questions/linux-networking-3/iptables-vpn-passthrough-issue-708937/)

GGlinux 03-03-2009 05:53 PM

IPTABLES + vpn passthrough issue
 
Hi All,

I have been able to get multiple VPN connections through coova by writing the following in up.sh file

ipt -t raw -I PREROUTING -j NOTRACK -i $DHCPIF
ipt -t raw -I OUTPUT -j NOTRACK -o $DHCPIF
ipt -I FORWARD -j ACCEPT -i tun0 -p gre
ipt -I FORWARD -j ACCEPT -i tun0 -p tcp --dport 1723
ipt -I PREROUTING -t raw -j NOTRACK -i $DHCPIF
ipt -I OUTPUT -t raw -j NOTRACK -o $DHCPIF

I have an active IP address on eth1, 10.200.100.129/24. Now its all working but I need to allow SMTP, NTP and SNMP traffic to get out via eth1, but I can not because up.sh also has this:

ipt -A FORWARD -j DROP -i $DHCPIF
ipt -A FORWARD -j DROP -o $DHCPIF

Now if I remove the above two lines, or make any modifications, VPN traffic no longer works.

Is there anyone that can help me?


All times are GMT -5. The time now is 12:30 AM.