[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Block traffic over certain ports?


  • Subject: Re: [Openvpn-users] Block traffic over certain ports?
  • From: Cirroc <cirroc@xxxxxxxxx>
  • Date: Fri, 16 Nov 2007 17:57:24 -0500

Fair enough, the problem is that those statements didn't work ;)
Traffic still go through on those ports ;(
Ross Cameron wrote:
> On Nov 17, 2007 12:09 AM, Cirroc <cirroc@xxxxxxxxx> wrote:
>   
>> [root@vpn openvpn-2.0.9]# iptables -t filter -A FORWARD -i tun0 -p tcp --destination-port 22 -j DROP
>> [root@vpn openvpn-2.0.9]# iptables -t filter -A FORWARD -i tun0 -p tcp --destination-port 3389 -j DROP
>> [root@vpn openvpn-2.0.9]# iptables -t filter -A INPUT -i tun0 -p tcp --destination-port 22 -j DROP
>> [root@vpn openvpn-2.0.9]# iptables -t filter -A INPUT -i tun0 -p tcp --destination-port 3389 -j DROP
>>     
>
>
> All that could be re-written as:
> iptables -t filter -A FORWARD -i tun0 -p tcp -m multiport -dports
> 22,3389 -j DROP
> iptables -t filter -A INPUT -i tun0 -p tcp -m multiport -dports 22,3389 -j DROP
>
> Just make sure you're IPtables had the multiport module.
>   

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users