[Bglug] IP Tables Question

LP LinuxPusher at protonmail.ch
Sun May 6 09:39:04 EDT 2018


Shortened my search found the answer
Looks like openVPN has Kill Switch when it loses secure connection.
Well it may help others too.

Sent from [ProtonMail](https://protonmail.ch), encrypted email based in Switzerland.

Sent with [ProtonMail](https://protonmail.com) Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On May 6, 2018 9:31 AM, LP <LinuxPusher at protonmail.ch> wrote:

> Hi all,
> My DD-WRT Router Firewall Command has Changed.
> I did not make any changes.
> pfsense sent me a warning so I checked the router settings.
> Could pfsense have made changes to my router ??, without the user name and password which are both very long and complicated and stored in my wallet only. (No)
> I tried to edit the command back to what I installed, it will Not let me change it even after deleting the command.
> Here is the original first then changed commands.
>
> dev tun0
>
> # allow only outbound connections to the VPN (no inbound)
>
> iptables -I INPUT -i tun0 -j ACCEPT
>
> iptables -I INPUT -i tun0 -m state –state NEW -j DROP
>
> iptables -I FORWARD -i tun0 -m state –state NEW -j DROP
>
> iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE
>
> FOUND CHANGED TO !!!
>
> dev tun0
> # allow only outbound connections to the VPN (no inbound)
> iptables -I INPUT -i tun0 -j ACCEPT
> iptables -I INPUT -i tun0 -m
>
> state
>
> &#-106;state
>
> NEW -j DROP
> iptables -I FORWARD -i tun0 -m
>
> state
>
> &#-106;state
>
> NEW -j DROP
> iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE
>
> Question: is the new command something to compromise my security???
> Thank you
> Chris.
> Sent from [ProtonMail](https://protonmail.ch), encrypted email based in Switzerland.
>
> Sent with [ProtonMail](https://protonmail.com) Secure Email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bglug.ca/pipermail/group_bglug.ca/attachments/20180506/53d01835/attachment.html>


More information about the Group mailing list