Pi-hole/pi-hole
Pi-hole/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole.git synced 2025-05-10 09:54:18 +02:00
Code Issues Projects Releases Packages Wiki Activity

Updated OpenVPN server: Firewall configuration (using iptables) (markdown)

DL6ER 2018-01-16 16:25:25 +01:00
parent 3e58d664be
commit f05b835191
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
OpenVPN-server:-Firewall-configuration-(using-iptables).md

@ -74,13 +74,14 @@ If your server is reachable via IPv6, you'll need to run the same commands but u
ip6tables -A INPUT -i tun0 -p tcp --destination-port 53 -j ACCEPT ip6tables -A INPUT -i tun0 -p tcp --destination-port 53 -j ACCEPT
ip6tables -A INPUT -i tun0 -p udp --destination-port 53 -j ACCEPT ip6tables -A INPUT -i tun0 -p udp --destination-port 53 -j ACCEPT
ip6tables -A INPUT -i tun0 -p tcp --destination-port 80 -j ACCEPT ip6tables -A INPUT -i tun0 -p tcp --destination-port 80 -j ACCEPT
ip6tables -A INPUT -i tun0 -p udp --destination-port 80 -j ACCEPT
ip6tables -A INPUT -p tcp --destination-port 22 -j ACCEPT ip6tables -A INPUT -p tcp --destination-port 22 -j ACCEPT
ip6tables -A INPUT -p tcp --destination-port 1194 -j ACCEPT ip6tables -A INPUT -p tcp --destination-port 1194 -j ACCEPT
ip6tables -A INPUT -p udp --destination-port 1194 -j ACCEPT ip6tables -A INPUT -p udp --destination-port 1194 -j ACCEPT
ip6tables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT ip6tables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
ip6tables -I INPUT -i lo -j ACCEPT ip6tables -I INPUT -i lo -j ACCEPT
ip6tables -A INPUT -p tcp --dport 443 -j REJECT ip6tables -A INPUT -p udp --dport 80 -j REJECT -- reject-with icmp-port-unreachable
ip6tables -A INPUT -p tcp --dport 443 -j REJECT --reject-with tcp-reset
ip6tables -A INPUT -p udp --dport 443 -j REJECT -- reject-with icmp-port-unreachable
ip6tables -P INPUT DROP ip6tables -P INPUT DROP
``` ```
View the rules you just created View the rules you just created