You are not logged in.
Ok, so it turns out when the wiki talks about setting up iptables, just making sure it's turned off isn't the same. I just added the nat masquerade command from the OpenVPN page of the wiki, and it worked fine. I'll be honest, I generally don't like just entering random commands I don't understand, but if it works, why not? I guess this is a lesson to all newbies: skipping large chunks of the wiki is a bad idea.
iptables was the next on my list of things to tackle in trying to up the security of my machine, and I guess that's where I have to go next.
Sorry for wasting everyone's time.
Last edited by dtjohnst (2017-08-16 21:02:00)
Offline
What about *forwarding* on the relevant interfaces? View with:
find /proc -name forwarding | xargs grep .
(There is a dot at the end of the command.)
Offline
What about *forwarding* on the relevant interfaces? View with:
find /proc -name forwarding | xargs grep .
(There is a dot at the end of the command.)
Thanks for you help. For what it's worth, it was on for all ipv4 interfaces and off for all ipv6 ones.
# find /proc -name forwarding | xargs grep . [17:02:16]┘
/proc/sys/net/ipv4/conf/all/forwarding:1
/proc/sys/net/ipv4/conf/default/forwarding:1
/proc/sys/net/ipv4/conf/eth0/forwarding:1
/proc/sys/net/ipv4/conf/lo/forwarding:1
/proc/sys/net/ipv4/conf/tun0/forwarding:1
/proc/sys/net/ipv6/conf/all/forwarding:0
/proc/sys/net/ipv6/conf/default/forwarding:0
/proc/sys/net/ipv6/conf/eth0/forwarding:0
/proc/sys/net/ipv6/conf/lo/forwarding:0
/proc/sys/net/ipv6/conf/tun0/forwarding:0
Having said that, before you replied I went ahead and enabled iptables and added the single line from the OpenVPN wiki page, and everything started working as expected. Lesson learned.
Offline