Skip to content

Commit

Permalink
Merge pull request dperson#249 from doug-w/master
Browse files Browse the repository at this point in the history 
Do not forward VPN ports from the tunnel only to the tunnel
  • Loading branch information
David Personette authored Apr 12, 2020
2 parents fa29c2a + 01e543c commit 5fad6c5
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions openvpn.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -197,10 +197,10 @@ vpnportforward() { local port="$1" protocol="${2:-tcp}"
2>/dev/null
ip6tables -A FORWARD -p $protocol -m $protocol --dport $port -j ACCEPT \
2>/dev/null
iptables -t nat -A OUTPUT -p $protocol --dport $port -j DNAT \
iptables -t nat -A OUTPUT -i tun0 -p $protocol --dport $port -j DNAT \
--to-destination 127.0.0.11:$port
iptables -A INPUT -p $protocol -m $protocol --dport $port -j ACCEPT
iptables -A FORWARD -p $protocol -m $protocol --dport $port -j ACCEPT
iptables -A FORWARD -i tun0 -p $protocol -m $protocol --dport $port -j ACCEPT
echo "Setup forwarded port: $port $protocol"
}

Expand Down

0 comments on commit 5fad6c5

Please sign in to comment.