|
|
You should Iptables like this iptables -I INPUT -i tun+ -m multiport -t tcp --dports 20, 21 -j ACCEPT iptables -I INPUT -i tap+ -m multiport -t tcp --dports 20, 21 -j ACCEPT iptables -I INPUT -i tun+ -j DROP iptables -I INPUT -i tap+ -j DROP I'm not pretty sure about -m multiport sintax Le Jeudi 05 Mai 2005 17:42, Charles Duffy a ÃcritÂ: > On Fri, 06 May 2005 00:20:30 +0200, Claudia Scotti wrote: > > I'd like to use OpenVPN for ftp-ing between Fedora core 3 and Windows XP > > Home edition, but when I activate the ftp service in fedora core 3, the > > ftp server becomes, of course, accessible also from outside the VPN. How > > can I make ftp possible only for VPN users, blocking the extra-VPN > > traffic? > > The same ways you'd make any service accessible only via a limited set of > interfaces: OS-level firewall rules, or by telling the daemon to bind only > to the specific interface. > > For the former, read the documentation on iptables (or your favorite > frontend to the same). For the latter, read the documentation to your FTP > server. > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: NEC IT Guy Games. > Get your fingers limbered up and give it your best shot. 4 great events, 4 > opportunities to win big! Highest score wins.NEC IT Guy Games. Play to > win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20 > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx > https://lists.sourceforge.net/lists/listinfo/openvpn-users ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |