Joel's openvn ldap firewall script

Scripts with setup, destroy, and modify routing tables and firewall rulesets for client connections.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
User avatar
krzee
Forum Team
Posts: 728
Joined: Fri Aug 29, 2008 5:42 pm

Joel's openvn ldap firewall script

Post by krzee » Fri May 21, 2010 4:09 am

from: http://planetjoel.com/viewarticle/638/O ... membership
Go to his site for the download.

Posted by Joel (joelh-website at planetjoel dot com) on Friday, 14th of May, 2010 - 08:19:21 AM

I'm releasing two small perl scripts I wrote which provide the client-connect and client-disconnect scripts for OpenVPN such that you can dynamically create IPtables firewall rules based on LDAP group memberships. You push out routes to all your internal networks to the user then using IPtables only allow traffic to specific destinations and ports. This allows you to give out customized and limited VPN access, or VPN access based on roles.

Rules are looked up in an LDAP database using the common name of the certificate as the unqiueMember to a groupOfUniqeMembers. Details of how to install it are in the zip.

Currently it only supports TCP protocol. It could easily be extended to support other protocols.

fonya
OpenVpn Newbie
Posts: 2
Joined: Fri Aug 02, 2013 11:27 am

Re: Joel's openvn ldap firewall script

Post by fonya » Sun May 14, 2017 8:41 pm

Thank you! I need exactly this scripts!

Post Reply