Hello, I have a VPN connection to my mail server, and would like to enforce that mails can be fetched only over the VPN connection. As a first step, I've changed my mailclient to use the server's VPN IP 10.7.0.1. For additional security, I'd like to enforce that connections to this IP _must_ be routed through the tun0 device, or if this device isn't available, be blocked. (See [1] for usecase.) Is there a way (ideally using SuSEfirewall or another way that is available "out of the box") to enforce that traffic to 10.7.0.1 must go to the tun0 device - or be blocked if there's no tun0 device? Regards, Christian Boltz [1] In theory I could be in a conference network with broken internet access (so no VPN connection), but a machine there could have 10.7.0.1 - I'd like to avoid that this machine can "earn" my password ;-) --
And don't be afraid of Henne, he's a nice guy :-) Pffft Lies, all lies! I'm the meanest son of a gun you know. Admit it! 8-) [> Vincent Untz and Henne Vogelsang in opensuse-project]
-- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org