firewalling / netfilter / iptables / tcpdump on the vpn
Guus Sliepen
guus at tinc-vpn.org
Mon May 8 16:42:31 CEST 2006
On Mon, May 08, 2006 at 09:11:34AM -0400, xavier wrote:
> I tried tinc, i'm very happy with it ;
> however, i have difficulties firewalling on the vpn itself ;
> here is my situation and what i'm experiencing:
>
> hosta ----|
> vpn server
> hostb ----|
[...]
> i can't see the traffic between host a and b,
> even if technically it's going through the vpn server (i can see the
> encrypted traffic on eth0 of the vpn server)
>
> it's a problem when you want to rescrict access from the vpn server, between 2 vpn hosts.
>
> any solution ?
You can try to add the following two lines to route_ipv4_unicast() in
src/route.c right above the line "via = ...":
send_packet(myself, packet);
return;
You can also do the same in route_ipv6_unicast() if you also use IPv6 on
the VPN.
If this works without problems for you, I can make an option that
enables that behaviour.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at sliepen.eu.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20060508/ca4e270d/attachment.pgp
More information about the tinc
mailing list