A
A
Andrey Evdokimov2021-06-24 16:21:24
openvpn
Andrey Evdokimov, 2021-06-24 16:21:24

How to allow NAT only when OpenVPN is connected on Ubuntu Server?

Good evening.
Task: route client traffic from the internal network through OpenVPN.

Right now I'm using the following rules:

sudo iptables -A FORWARD -o tun0 -i eth0 -s 192.168.1.0/24 -m conntrack --ctstate NEW -j ACCEPT
sudo iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A POSTROUTING -o tun0 -t nat -j MASQUERADE


Faced with the fact that in the absence of a vpn connection, traffic starts to go through the usual one. Can you please tell me how to disable it?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
P
pcdesign, 2021-06-24
@Uncle_Stranger

iptables --policy FORWARD DROP

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question