vasco/FSI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hmm3

Browse Source
This commit is contained in:
Vasco
2026-04-21 23:06:47 +01:00
parent 445c99b10e
commit 21a4fb5d08
5 changed files with 38 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
VM_VPN_GATEWAY.sh
View File

@@ -25,11 +25,11 @@ ifconfig $if_dentro $ip_dentro netmask 255.255.255.0
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
sysctl -p /etc/sysctl.conf
iptables -A INPUT -p udp --dport 1194 -j ACCEPT # :O
iptables -A FORWARD -i $mega_tunel -o $if_dentro -j ACCEPT # :P
iptables -A FORWARD -i $if_dentro -o $mega_tunel -j ACCEPT # ;)
iptables -A FORWARD -i $mega_tunel -o $if_fora -j ACCEPT # faltava isto ?
iptables -A FORWARD -i $if_fora -m state --state ESTABLISHED,RELATED -j ACCEPT # faltava isto ?
iptables -I INPUT 1 -p udp --dport 1194 -j ACCEPT # :O
iptables -I FORWARD 1 -i $mega_tunel -o $if_dentro -j ACCEPT # :P
iptables -I FORWARD 1 -i $if_dentro -o $mega_tunel -j ACCEPT # ;)
iptables -I FORWARD 1 -i $mega_tunel -o $if_fora -j ACCEPT # faltava isto ?
iptables -I FORWARD 1 -i $if_fora -m state --state ESTABLISHED,RELATED -j ACCEPT # faltava isto ?
iptables -t nat -A POSTROUTING -s $ip_mega_tunel -o $if_fora -j MASQUERADE # :D
iptables-save > /etc/sysconfig/iptables # :3
@@ -41,5 +41,6 @@ cp ca/vpn.key $vpn_dir
cp ca/vpn.crt $vpn_dir
cp ca/dh2048.pem $vpn_dir
cp conf/vpn.conf $vpn_dir
cp conf/ocsp-verify.sh $vpn_dir
cp conf/totp /etc/pam.d/
systemctl enable --now openvpn-server@vpn.service