IPTABLES + vpn passthrough issue
Hi All,
I have been able to get multiple VPN connections through coova by writing the following in up.sh file
ipt -t raw -I PREROUTING -j NOTRACK -i $DHCPIF
ipt -t raw -I OUTPUT -j NOTRACK -o $DHCPIF
ipt -I FORWARD -j ACCEPT -i tun0 -p gre
ipt -I FORWARD -j ACCEPT -i tun0 -p tcp --dport 1723
ipt -I PREROUTING -t raw -j NOTRACK -i $DHCPIF
ipt -I OUTPUT -t raw -j NOTRACK -o $DHCPIF
I have an active IP address on eth1, 10.200.100.129/24. Now its all working but I need to allow SMTP, NTP and SNMP traffic to get out via eth1, but I can not because up.sh also has this:
ipt -A FORWARD -j DROP -i $DHCPIF
ipt -A FORWARD -j DROP -o $DHCPIF
Now if I remove the above two lines, or make any modifications, VPN traffic no longer works.
Is there anyone that can help me?
|