Pi-hole/pi-hole
Pi-hole/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole.git synced 2025-05-01 05:24:25 +02:00
Code Issues Projects Releases Packages Wiki Activity

Updated Pi hole OpenVPN server (markdown)

DL6ER 2017-01-08 14:42:29 +01:00
parent 78b1697f29
commit e94f4af5d4
1 changed files with 10 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

12
Pi-hole---OpenVPN-server.md

@ -109,12 +109,16 @@ Then you can add an explicit rule that allows access from within the VPN
```
sudo iptables -A INPUT -i tun0 -p tcp --destination-port 53 -j ACCEPT
sudo iptables -A INPUT -i tun0 -p tcp --destination-port 80 -j ACCEPT
sudo iptables -A INPUT -i tun0 -p udp --destination-port 53 -j ACCEPT
sudo iptables -A INPUT -i tun0 -p udp --destination-port 80 -j ACCEPT
```
And another one that prevents access from everywhere else
```
sudo iptables -A INPUT -p tcp --destination-port 53 -j DROP
sudo iptables -A INPUT -p tcp --destination-port 80 -j DROP
sudo iptables -A INPUT -p udp --destination-port 53 -j DROP
sudo iptables -A INPUT -p udp --destination-port 80 -j DROP
```
Your configuration should look like
@ -125,8 +129,12 @@ num target prot opt source destination
2 ACCEPT udp -- anywhere anywhere udp dpt:domain
<b>3 ACCEPT tcp -- anywhere anywhere tcp dpt:domain
4 ACCEPT tcp -- anywhere anywhere tcp dpt:http
5 DROP tcp -- anywhere anywhere tcp dpt:domain
6 DROP tcp -- anywhere anywhere tcp dpt:http</b>
5 ACCEPT udp -- anywhere anywhere tcp dpt:domain
6 ACCEPT udp -- anywhere anywhere tcp dpt:http
7 DROP tcp -- anywhere anywhere tcp dpt:domain
8 DROP tcp -- anywhere anywhere tcp dpt:http
9 DROP udp -- anywhere anywhere tcp dpt:domain
10 DROP udp -- anywhere anywhere tcp dpt:http</b>
Chain FORWARD (policy ACCEPT)
num target prot opt source destination