[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] OpenVPN and iptables

  • Subject: Re: [Openvpn-users] OpenVPN and iptables
  • From: Alexandros Papadopoulos <apapadop@xxxxxxxxxxxxxx>
  • Date: Thu, 15 Nov 2007 08:49:30 +0200

On Thursday 15 November 2007 01:12, Britain Crooker wrote:
> We have Subversion running on the same server that has OpenVPN on it.  I
> would like to come up with some way to say "only allow clients to connect
> to Subversion if they are connected via the VPN".

This doesn't have much to do with the VPN per se.

For TCP connections:
/sbin/iptables -A INPUT -t filter -i tun0 -p tcp -s --sport 
1024 -d --dport 3690 -j ACCEPT

Same for UDP:
/sbin/iptables -A INPUT -t filter -i tun0 -p udp -s --sport 
1024 -d --dport 3690 -j ACCEPT

With these rules only will be able to connect through the 
tun0 device to the SVN ports.
OpenVPN mailing lists