[Olsr-users] OLSRd2 and iptables
Nemesis
(spam-protected)
Mon May 9 20:37:14 CEST 2016
Hi everyone,
we have an olsrd2 node running only vpn links and exposed to the
internet. We need to protect it a bit more with iptables rules.
What ports do we need to keep open on what chains in order to keep
olsrd2 running? The current configuration we have causes OLSRd2 to stop
working.
Current rules:
---------------------------------------------
iptables --flush
iptables --delete-chain
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -p tcp ! --syn -m state --state NEW -s 0.0.0.0/0 -j DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# other omitted accepted ports like 80, 443, ecc
# OLSRd2
iptables -A INPUT -p udp --dport 269 -j ACCEPT
iptables -I OUTPUT 1 -m state --state RELATED,ESTABLISHED -j ACCEPT
---------------------------------------------
Maybe missing something on the forward chain? Or another port?
Federico
More information about the Olsr-users
mailing list