3
0
I am using a VPN provider that uses OpenVPN. I don´t wont any other traffic leave my computer so I have set up my iptables like this:
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
### Inbound rules
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
### Outbound rules
iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
iptables -A OUTPUT -p udp -m udp --dport 1194 -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
I am just permitting OpenVPN traffic and DNS lookup (for the OpenVPN connection). The connection goes just fine.
The probem occurs when I try to visit http sites. The connection times out. But https works!
If I do iptables -P OUTPUT ACCEPT everything works just perfect!
I have checked with Wireshark when using both iptables -P OUTPUT DROP and iptables -P OUTPUT ACCEPT but I cannot see anything that differs, except that when using DROP, http sites cannot be fetched.
What can be the issue?
Rox
Posted 2014-12-27T09:26:53.523
Reputation: 295
Thankyou! I didn´t think about the tun and tap interfaces. I am now permitting traffic through tun and it now works! – Rox – 2014-12-27T14:32:52.063