You are not logged in.
Hello
I'd like to restrict acces to a openvpn connection.
Only the user with uid 1000 should have access.
I put a # in front of the line that causes trouble in the code below.
the trouble is that iptables-restore says:
iptables-restore: line 33 failed
and dmesg says:
ip_tables: owner match: bad hook_mask 0xa/0x18
Does anyone know a way how to fix this?
James
# Generated by iptables-save v1.4.3.1 on Fri Apr 17 18:11:38 2009
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:AdapterCheck - [0:0]
:InputExternal - [0:0]
:InputLocal - [0:0]
:OpenVPN - [0:0]
:OutputExternal - [0:0]
:OutputLocal - [0:0]
-A INPUT -i lo -j InputLocal
-A INPUT -i ! lo -j InputExternal
-A OUTPUT -o lo -j OutputLocal
-A OUTPUT -o ! lo -j OutputExternal
-A AdapterCheck -i tap+ -j RETURN
#-A AdapterCheck -o tap+ -g OpenVPN
-A AdapterCheck -i eth+ -j RETURN
-A AdapterCheck -o eth+ -j RETURN
-A AdapterCheck -j DROP
-A InputExternal -j AdapterCheck
-A InputExternal -m state --state RELATED,ESTABLISHED -j ACCEPT
-A InputExternal -j DROP
-A InputLocal -j ACCEPT
-A InputLocal -j DROP
-A OpenVPN -m owner --uid-owner 1000 -j RETURN
-A OpenVPN -j DROP
-A OutputExternal -j AdapterCheck
-A OutputExternal -j ACCEPT
-A OutputExternal -j DROP
-A OutputLocal -j ACCEPT
-A OutputLocal -j DROP
COMMIT
# Completed on Fri Apr 17 18:11:38 2009
Offline