You have a a physical network interface named eth*. Some of the following rules might be redundant if you have already chains.Īssumptions: you are in a 192.168.0.0/16 network and your router is a DHCP server. You can find out the address simply looking at the line "remote" of your air.ovpn configuration file. In this example, it is assumed that your network interface is eth+ (change it as appropriate for example, you might have wlan0 for a WiFi connection).Ī.b.c.d is the entry-IP address of the Air server you connect to. Mac noobproof install#iptables is already included in all official Ubuntu distros and most Linux distros, anyway if you don't have it just install it with aptitude.Īdding the following simple rules will prevent leaks in case of VPN disconnection. You can use iptables, a very powerful packet filtering and NAT program (probably one of the most powerful, if not the most powerful of all). Solution with Coodo is really straightforward.Īre you maye aware of any Linux (ubuntu) solution, which can be used as Comodo on Windows?ĭefault gufw can not be configured that way, I haven't been able to find a proper simple solution.ĮDITED ON 24 Nov 12: added important note for some Linux users, see bottom of message If there was a conflict, the message should not have been "syntax error", but something different.Īnyway, "block out any"? The rule is "block out all". We're glad to know that you have managed to have a working and secure setup. Pass out quick inet from 10.0.0.0/8 to any flags S/SA keep state Pass out quick inet from 127.0.0.1 to any flags S/SA keep state The new rules in the pf.conf file are represented by IceFloor in the frontend “Manage PF rules” panel in this way:īlock drop out inet from 192.168.0.0/16 to any Thanks a lot.Īs to the error message caused by the insertion of the rule “block out any” in the pf.conf file: Could is be due to a conflict with the standard setting of IceFloor which allows access to LAN? Excellent support! I’m a complete vpn-novice and now I even have a firewall.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |