Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Re: [suse-security] openvpn & suse firewall
  • From: Graham Smith <gqs@xxxxxxxxxxxxxx>
  • Date: Wed, 9 Mar 2005 18:55:17 +1100
  • Message-id: <200503091855.17249.gqs@xxxxxxxxxxxxxx>
On Wed, 9 Mar 2005 07:40, Antonio Montani Jimenez wrote:
> ok, got a little problem. i (openvpn sevrer) directly
> connected to the internet, but i have a subnet under
> me. in order to get the tunnels workin, i have to run
> the script firewall.sh that comes with openvpn, and i
> have to knowck down the firewall (yast), but i lose
> connection to internet from my internal machines. if i
> activate the firewall (yast) then the tunnel doesnt
> work. anyone knows a sollution to get them both working?
>

Scrap the script and do it in the SuSEfirewall.
You will have to add your details to
FW_SERVICES_EXT_UDP
FW_FORWARD

I have added the following rules in SuSEfirewall2-custom

fw_custom_before_denyall() {
iptables -A INPUT -i tun+ -j ACCEPT
iptables -A FORWARD -i tun+ -j ACCEPT
true
}


--
Regards,

Graham Smith
---------------------------------------------------------

< Previous Next >