Results 1 to 6 of 6

Thread: iptables vpn rules

  1. #1
    Member
    Join Date
    Jun 2009
    Posts
    37
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Default iptables vpn rules

    Hello there ,

    I have a problem with iptables rules , so i try to make a firewall but still blocking my vpn connection or when i'm connected in a vpn i have a deconnection this is my rules :

    #!/bin/sh

    # FLUSH TABLES
    iptables -t filter -F

    # Flush personal tables
    iptables -t filter -X



    #dont break connection connected
    iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
    iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

    # OKr loopback
    iptables -t filter -A INPUT -i lo -j ACCEPT
    iptables -t filter -A OUTPUT -o lo -j ACCEPT

    # ICMP (Ping)
    iptables -t filter -A INPUT -p icmp -j ACCEPT
    iptables -t filter -A OUTPUT -p icmp -j ACCEPT

    # ---

    # SSH In
    iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT

    # SSH Out
    iptables -t filter -A OUTPUT -p tcp --dport 22 -j ACCEPT


    # DNS In/Out
    iptables -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT
    iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT
    iptables -t filter -A INPUT -p tcp --dport 53 -j ACCEPT
    iptables -t filter -A INPUT -p udp --dport 53 -j ACCEPT

    # NTP Out
    iptables -t filter -A OUTPUT -p udp --dport 123 -j ACCEPT

    # HTTP + HTTPS Out
    iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
    iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT

    # HTTP + HTTPS In
    iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
    iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
    iptables -t filter -A INPUT -p tcp --dport 8443 -j ACCEPT


    #VPN

    iptables -A INPUT -p TCP --dport 1723 -j ACCEPT
    iptables -A OUTPUT -p TCP --dport 1723 -j ACCEPT
    iptables -A INPUT -p UDP --dport 1723 -j ACCEPT
    iptables -A OUTPUT -p UDP --dport 1723 -j ACCEPT



    #skype
    iptables -A INPUT -p TCP --dport 23399 -j ACCEPT
    But still blocked.

    Any help ?

    Regards .

  2. #2
    Member meta's Avatar
    Join Date
    Mar 2010
    Posts
    62
    Thanks
    19
    Thanked 5 Times in 4 Posts
    Rep Power
    5

    Default

    Is it PPTP based vpn? Your script is so wrong... you are not dropping traffic for any chain at start or end but still opening and closing all ports which is a bad design.

  3. #3
    Member
    Join Date
    Jun 2009
    Posts
    37
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Default

    Quote Originally Posted by meta View Post
    Is it PPTP based vpn? Your script is so wrong... you are not dropping traffic for any chain at start or end but still opening and closing all ports which is a bad design.
    Yes is PPTP BASED.

    Where is wrong in my script ?

  4. #4
    Member meta's Avatar
    Join Date
    Mar 2010
    Posts
    62
    Thanks
    19
    Thanked 5 Times in 4 Posts
    Rep Power
    5

    Default

    Are you using CentoS or Debian?

  5. #5
    Member
    Join Date
    Jun 2009
    Posts
    37
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Default

    I have Ubuntu

  6. #6
    Member
    Join Date
    Jun 2009
    Posts
    37
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Default

    Up please !

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. how to make iptable rules?
    By saroj in forum Networking, Firewalls and Security
    Replies: 9
    Last Post: 31st August 2011, 10:51 PM
  2. lighttpd redirect rules!
    By maxtox in forum Web servers
    Replies: 9
    Last Post: 16th July 2010, 11:33 PM
  3. iptables rules blocking ftp
    By hammooda in forum Linux software
    Replies: 7
    Last Post: 23rd September 2006, 04:24 PM
  4. iptables rules for three ethernet
    By brijeshchougule in forum Linux software
    Replies: 2
    Last Post: 16th June 2005, 02:42 PM
  5. Forum rules
    By vivek in forum Feedback & Site News
    Replies: 0
    Last Post: 1st February 2005, 11:04 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •