Force Specific Client iptables

Scripts with setup, destroy, and modify routing tables and firewall rulesets for client connections.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
daNutz
OpenVpn Newbie
Posts: 1
Joined: Mon Apr 03, 2023 1:07 pm

Force Specific Client iptables

Post by daNutz » Mon Apr 03, 2023 1:15 pm

Hello and apologies if this has been covered elsewhere, but i couldn't find it.

I wish to enforce all clients connecting in too only be able to access the network on certain protocols/ports.

Here are the rules i wish to enforce:

Iptables -A FORWARD -p udp -m multiport --dports 6073,2300:2400,47624 -s 10.21.60.0/24 -d 10.21.60.0/24 -j ACCEPT
Iptables -A FORWARD -p tcp -m multiport --dports 6073,2300:2400,47624 -s 10.21.60.0/24 -d 10.21.60.0/24 -j ACCEPT
Iptables -A FORWARD -p udp -m multiport --sports 6073,2300:2400,47624 -s 10.21.60.0/24 -d 10.21.60.0/24 -j ACCEPT
Iptables -A FORWARD -p tcp -m multiport --sports 6073,2300:2400,47624 -s 10.21.60.0/24 -d 10.21.60.0/24 -j ACCEPT
Iptables -A FORWARD -p icmp -s 10.21.60.0/24 -d 10.21.60.0/24 -j ACCEPT
Iptables -A FORWARD -j 10.21.60.0/24 -d 10.21.60.0/24 -j DROP

How do i implement this?

I've seen this example firewall file but i have no idea where to place it.

Post Reply