I own a VPS (CentOS 6.5). I have installed OpenVPN on this server. Everything works fine, I can connect and surf, etc. Let's say my IP of the server is: 1.2.3.4
. When I connect to my VPS my IP is 1.2.3.4
.
I have also installed OpenERP (on the same VPS) which is running on port 8069.
What I am trying to achieve is to block all traffic on port 8069 except the VPN traffic. So, I have to connect to my VPS with OpenVPN to access http://1.2.3.4:8069
.
I tried several iptables tutorials on the net, but none of them are working.
For example:
iptables -A INPUT -p tcp -s 1.2.3.4 --dport 8069 -j ACCEPT
or
iptables -A INPUT -p tcp -s 10.8.0.0/24 --dport 8069 -j ACCEPT
or
iptables -I INPUT \! --src 10.8.0.0/24 -m tcp -p tcp --dport 8069 -j DROP
or
iptables -I INPUT \! --src 1.2.3.4 -m tcp -p tcp --dport 8069 -j DROP
These are examples. I have tried even more rules. All tutorials I followed block all traffic on port 8069, even if I connect to my VPS with OpenVPN I can't access http://1.2.3.4:8069
.
Does anyone have an idea how to block all traffic on port 8069 except my VPN connection? How do I achieve this?
My server.conf is:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"
user nobody
group nobody
keepalive 5 30
cipher AES-256-CBC
comp-lzo
persist-key
persist-tun
verb 5
My client conf is:
dev tun
client
proto udp
remote 1.2.3.4
port 1194
resolv-retry infinite
nobind
redirect-gateway def1
persist-key
persist-tun
ca ca.crt
cert nika-pc.crt
key nika-pc.key
cipher AES-256-CBC
comp-lzo
ns-cert-type server
verb 5
Thanks in advance.
Edit:
Output: iptables -L -n -v
Output: iptables -L -n -v | head