[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Filter on tap device

  • Subject: Re: [Openvpn-users] Filter on tap device
  • From: Marco Fretz <mailinglist@xxxxxxx>
  • Date: Fri, 21 Dec 2007 14:19:07 +0100


but this is only in TUN mode isnt it? i cant find anything like 
client-to-client in TAP mode. but for my needs i have to use TAP instead 
of TUN


Jan Just Keijser wrote:
> hi Marco,
> as long as you don't have the server directive
>  client-to-client
> in your server config file then clients should not be allowed to 
> connect to each other.
> HTH,
> Marco wrote:
>> hello
>> ive got an openvpn server running with TAP. i want to block traffic 
>> from client A to client B. client A and client B are both connected 
>> over the same openvpn server process (same server tap device)
>> is this possible? can i block such traffic with iptables on the tap0 
>> interface on the openvpn server?
>> i think that want be possible cause TAP is like Layer2 and the 
>> packets may be forwarded inside the opevpn process and not over the 
>> tap0 device

Openvpn-users mailing list