Ip(6)tables rules for optimal openvpn Server?
Posted: Sun May 09, 2021 8:48 am
Hello,
I want to set up an openvpn server in the near future, based on the following script (see line 966 and below of the script):
https://github.com/angristan/openvpn-in ... install.sh
Unfortunately the ip(6)tables are a bit lax here and the server would thus be insufficiently protected (wide open).
Now I wanted to ask you how to secure this more and how here could look an optimal ip(6)tables that I could use.
I want to set the default policy from input to drop and additionally allow only ssh port in the inbox (in addition to the port for openvpn).
Since I am not very experienced with iptables (have always used ufw), I wanted to ask you if someone could be helpful in creating iptables and ip6tables and possibly provide me with their working configuration.
Ps. I want to run openvpn with ipv4 and ipv6 so I need iptables and ip6tables rules.
Thank you in advance.
I want to set up an openvpn server in the near future, based on the following script (see line 966 and below of the script):
https://github.com/angristan/openvpn-in ... install.sh
Unfortunately the ip(6)tables are a bit lax here and the server would thus be insufficiently protected (wide open).
Now I wanted to ask you how to secure this more and how here could look an optimal ip(6)tables that I could use.
I want to set the default policy from input to drop and additionally allow only ssh port in the inbox (in addition to the port for openvpn).
Since I am not very experienced with iptables (have always used ufw), I wanted to ask you if someone could be helpful in creating iptables and ip6tables and possibly provide me with their working configuration.
Ps. I want to run openvpn with ipv4 and ipv6 so I need iptables and ip6tables rules.
Thank you in advance.