OpenVPN for CSF

My openvpn config was not working with CSF , so i found the below rules to be applied works like a charm. I have both PPTP and OpenVPN working on the same machine

 

 

One comment

  • File: /etc/csf/csfpre.sh:

    iptables -A INPUT -i eth0 -p tcp –dport 1723 -j ACCEPT
    iptables -A INPUT -i eth0 -p gre -j ACCEPT
    iptables -A OUTPUT -p gre -j ACCEPT
    #iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
    #iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
    iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
    iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
    iptables -A FORWARD -m state –state RELATED,ESTABLISHED -j ACCEPT
    iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
    iptables -A FORWARD -j REJECT
    iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
    #ip6tables -t nat -A POSTROUTING -o eth0 -s 2001:bc8:3bea:101::1:4 -j SNAT –to$
    #ip6tables -A FORWARD -m state –state RELATED,ESTABLISHED -j ACCEPT
    #ip6tables -A FORWARD -s 2001:bc8:3bea:102::/64 -i tun0 -o eth0 -j ACCEPT

    File /etc/csf/csfpost.sh
    service pptpd stop
    service pptpd start

Leave a Reply

Your email address will not be published. Required fields are marked *