set rules for OpenVPN in iptables
Postby trieu1929 » 2014/07/01 07:17:30
Firewall (FW): three leg (eth0: 172.16.1.101; eth1:192.168.99.99 (LAN), eth2:10.0.0.1 (DMZ)) and I installed openvpn in FW by tunnel mode, already ok : tun0:192.168.10.0/24. If I use shorewall+squid proxy firewall is ok, At beside can connect to FW, LAN, DMZ using my company services.
Now, I want to use iptables rules + squid proxy. What do I set rules for openvpn?
And I have set rules below but not connect to server firewall installed openvpn:
net.ipv4.ip_forward = 1
Code: Select all
iptables -A INPUT -i eth0 -m state --state NEW -p udp --dport 1194 -j ACCEPT
iptables -A INPUT -i tun+ -j ACCEPT
iptables -A FORWARD -i tun+ -j ACCEPT
iptables -A FORWARD -i tun+ -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE
iptables -A OUTPUT -o tun+ -j ACCEPT
Help me set rules for openVPN! Thanks very much!
|