Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- sudo iptables --flush
- sudo iptables --delete-chain
- sudo iptables -t nat -F
- sudo iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE
- sudo iptables -A INPUT -i enp1s0 -p tcp --dport 22 -j ACCEPT
- sudo iptables -A INPUT -i lo -m comment --comment "loopback" -j ACCEPT
- sudo iptables -A OUTPUT -o lo -m comment --comment "loopback" -j ACCEPT
- sudo iptables -I INPUT -i enp1s0 -m comment --comment "In from LAN" -j ACCEPT
- sudo iptables -I OUTPUT -o tun+ -m comment --comment "Out to VPN" -j ACCEPT
- sudo iptables -A OUTPUT -o enp1s0 -p udp --dport 443 -m comment --comment "openvpn" -j ACCEPT
- sudo iptables -A OUTPUT -o enp1s0 -p udp --dport 123 -m comment --comment "ntp" -j ACCEPT
- sudo iptables -A OUTPUT -p UDP --dport 67:68 -m comment --comment "dhcp" -j ACCEPT
- sudo iptables -A OUTPUT -o enp1s0 -p udp --dport 53 -m comment --comment "dns" -j ACCEPT
- sudo iptables -A FORWARD -i tun+ -o enp1s0 -m state --state RELATED,ESTABLISHED -j ACCEPT
- sudo iptables -A FORWARD -i enp1s0 -o tun+ -m comment --comment "LAN out to VPN" -j ACCEPT
- sudo iptables -P FORWARD DROP
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
