infra
/
docker-openvpn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5 Commits
1 Branch
0 Tags
92 KiB
Tag: Branch: Tree: e18117d932
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e18117d932'
${ noResults }
docker-openvpn/bin/add-openvpn-ipv4-dns-rules

29 lines
1.1 KiB
Raw Normal View History Unescape

Moving on git
4 years ago
#Set default policy of chain
iptables -P FORWARD DROP
#iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o 172.25.0.0/24 -j MASQUERADE
# Allow traffic initiated from VPN to access LAN
#iptables -I FORWARD -i tun0 -o $NIC -s 10.8.0.0/24 -d 172.25.0.0/24 -m conntrack --ctstate NEW -j ACCEPT
# Allow established traffic to pass back and forth
#iptables -I FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -d $DNS1/32 -o $NIC -j MASQUERADE
#iptables -A INPUT -i tun0 -j ACCEPT
#iptables -A FORWARD -i $NIC -o tun0 -j ACCEPT
#iptables -A FORWARD -i tun0 -o $NIC -j ACCEPT
#iptables -A INPUT -i $NIC -p $PROTOCOL --dport $PORT -j ACCEPT
#iptables -A FORWARD -i tun0 -o $NIC -s 10.8.0.0/24 -d 172.25.0.0/24 -j ACCEPT
#iptables -A FORWARD -i $NIC -o tun0 -s $DNS1/32 -d 10.8.0.0/24 -j ACCEPT
#iptables -P FORWARD DROP
#allow traffic to route from VPN subnet to specific host in subnet
iptables -A FORWARD -i tun0 -s 10.8.0.0/24 -d $DNS1/32 -j ACCEPT
#allow traffic from host in server subnet back to VPN subnet
iptables -A FORWARD -o tun0 -s $DNS1/32 -d 10.8.0.0/24 -j ACCEPT