Menu
What's new
By:
Filters Better Search

Modifying OpenVPN firewall/iptables rule?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Chris H

Chris H

New Around Here
I've noticed that a handful of IPs seem to be repeatedly trying to connect to my (asuswrt-merlin powered) router's OpenVPN server. I'm not too worried about it since I'm using key + password authentication, but I set up a simple ipset integration in "firewall-start" to block them anyway.

Unfortunately it looks like the iptables rule that's created for openvpn purposes is taking precedence; it's number 1 in the INPUT chain, right above my blacklist match:

Code: 
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:1194
2    DROP       all  --  0.0.0.0/0            0.0.0.0/0            match-set jchblacklistnet src

Can someone recommend the best way to move this rule so that my blacklist takes precedence? Always removing rule #1 in my user script seems fragile, as does any kind of grepping the output of iptables, but that's the closest I've seen in searching other threads here.
 
This was discussed here. Particularly note "EDIT 3".

An alternate solution is to change OpenVPN to use a non-standard port.
 
You must log in or register to reply here.

Similar threads

N
Skynet SkyNet/Firewall blocking all ping requests, including outbound
Replies
6
Views
926
nearlyheadlessarvie
N
F
Understanding IPTABLES - asus ROG ax6000
Replies
17
Views
873
ColinTaylor
C
octopus
  • Locked
Solved Can you connect to Wireguard server from wan side?
Replies
17
Views
2K
octopus
octopus
A
Policy-based port routing to bypass NordVPN client
Replies
10
Views
2K
Don->
D
W
Restricting access to OpenVPN server via iptables
Replies
2
Views
2K
wrtuser
W
Similar threads
Thread starter Title Forum Replies Date
PR3MIUM WireGuard removing OpenVPN on ASUS Routers ? Asuswrt-Merlin 2
T [Help] Problems setting up OpenVPN Asuswrt-Merlin 7
N dedicated router for OpenVPN Asuswrt-Merlin 4
N Solved OpenVPN Server split tunnell config Asuswrt-Merlin 5
C Connection to router by ip fails while remote over OpenVPN Asuswrt-Merlin 17
S OpenVPN LAN access + one external IP Asuswrt-Merlin 3
J VPN director Multiple OpenVPN clients Asuswrt-Merlin 7
G OpenVPN Server log, is this in error ? Asuswrt-Merlin 7
H Extremely low speed on ac86u with openvpn client Asuswrt-Merlin 7
H Can no longer get OpenVPN Server to work Asuswrt-Merlin 4

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 962 (members: 32, guests: 930)
Top