Dear developers.
Are there any plans to implement the possibillity to create firewall rules for openvpn subnets? Actually all vpn connections are able to do anything in the remotenetwork The only solution is to put own iptables rule in the /etc/sysconfig/firewall.local
I already tried to play with the OVPNFORWARD Chain but had no luck.
It would be great if one can say: Hey, VPN1 is only allowed to connect to my internal servers 192.168.0.2 and 192.168.0.3 via RDP (3389) ans that via gui
I already developed addons for ipcop, but ipfire seems complete different...
Greetings Al
Hey Alex,
On Sat, 2012-10-13 at 14:39 +0200, Alexander Marx wrote:
Dear developers.
Are there any plans to implement the possibillity to create firewall rules for openvpn subnets? Actually all vpn connections are able to do anything in the remotenetwork The only solution is to put own iptables rule in the /etc/sysconfig/firewall.local
No, there are currently no plans to do that.
/etc/sysconfig/firewall.local is a mighty way to do these rules, although it is not very nice to type them. Agreed.
I already tried to play with the OVPNFORWARD Chain but had no luck.
You should use CUSTOMFORWARD/CUSTOMINPUT for those rules.
It would be great if one can say: Hey, VPN1 is only allowed to connect to my internal servers 192.168.0.2 and 192.168.0.3 via RDP (3389) ans that via gui
You can use the outgoing firewall to limit some sorts of traffic, but you cannot block incoming packets with it.
I already developed addons for ipcop, but ipfire seems complete different...
No, the web UI is pretty much the same (crap). The firewall scripts do not differ too much, either.
Greetings Al _______________________________________________ Development mailing list Development@lists.ipfire.org http://lists.ipfire.org/mailman/listinfo/development
-
Alexander Marx -
Michael Tremer