tyler.durden/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole.git synced 2025-09-05 17:28:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Updated OpenVPN server: Firewall configuration (using iptables) (markdown)

DL6ER 2018-01-16 16:25:25 +01:00
parent 3e58d664be
commit f05b835191
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
OpenVPN-server:-Firewall-configuration-(using-iptables).md

@ -74,13 +74,14 @@ If your server is reachable via IPv6, you'll need to run the same commands but u
ip6tables -A INPUT -i tun0 -p tcp --destination-port 53 -j ACCEPT
ip6tables -A INPUT -i tun0 -p udp --destination-port 53 -j ACCEPT
ip6tables -A INPUT -i tun0 -p tcp --destination-port 80 -j ACCEPT
ip6tables -A INPUT -i tun0 -p udp --destination-port 80 -j ACCEPT
ip6tables -A INPUT -p tcp --destination-port 22 -j ACCEPT
ip6tables -A INPUT -p tcp --destination-port 1194 -j ACCEPT
ip6tables -A INPUT -p udp --destination-port 1194 -j ACCEPT
ip6tables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
ip6tables -I INPUT -i lo -j ACCEPT
ip6tables -A INPUT -p tcp --dport 443 -j REJECT
ip6tables -A INPUT -p udp --dport 80 -j REJECT -- reject-with icmp-port-unreachable
ip6tables -A INPUT -p tcp --dport 443 -j REJECT --reject-with tcp-reset
ip6tables -A INPUT -p udp --dport 443 -j REJECT -- reject-with icmp-port-unreachable
ip6tables -P INPUT DROP
```
View the rules you just created