I have a VPN connection to my mail server, and would like to enforce
that mails can be fetched only over the VPN connection.
As a first step, I've changed my mailclient to use the server's VPN IP
For additional security, I'd like to enforce that connections to this IP
_must_ be routed through the tun0 device, or if this device isn't
available, be blocked. (See  for usecase.)
Is there a way (ideally using SuSEfirewall or another way that is
available "out of the box") to enforce that traffic to 10.7.0.1 must go
to the tun0 device - or be blocked if there's no tun0 device?
 In theory I could be in a conference network with broken internet
access (so no VPN connection), but a machine there could have
10.7.0.1 - I'd like to avoid that this machine can "earn" my
> And don't be afraid of Henne, he's a nice guy :-)
Pffft Lies, all lies! I'm the meanest son of a gun you know.
Admit it! 8-)
[> Vincent Untz and Henne Vogelsang in opensuse-project]
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-security+owner(a)opensuse.org