So I have openVPN AS installed with default DROP for INPUT OUTPUT and FORWARD.
I explicity allow what needs to be entered for each. However, I can't connect to the VPN Server using the openVPN Connect software nor access https://IP_ADDRESS.
I can log in to the web address via https://IP_ADDRESS:943/admin
So I changed the default OUTPUT to ACCEPT and everything works. However, I want to control what goes out.
What can I add to the iptables 'OUTPUT' chain to allow my connections explicitly?
Right now I have
....
-A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
-A OUTPUT -o eth0 -p tcp --sport 943 -m state --state ESTABLISHED -j ACCEPT
-A OUTPUT -o eth0 -p upd --sport 1194 -m state --state ESTABLISHED -j ACCEPT
....
iptables - OUTPUT DROP not allowed?
-
unplugme71
- OpenVpn Newbie
- Posts: 1
- Joined: Mon Sep 26, 2011 8:39 pm