[Openswan Users] Iptables recommendation for roadwarrior
Chris Zimmerman
czimmer at wczimmerman.dyndns.org
Fri Aug 15 13:53:23 EDT 2008
So, if a roadwarrior is running a Linux laptop with iptables, what would be
a good recommendation to secure the device from those on the network
(internet or local lan) from using that device as a router (since ip_forward
has to be enabled anyway). The device would not do NAT, so it would be a
straight connection for the tunnel. I've looked at the examples in the book
which assume a known IP for both ends. I could just leave off the local IP
and have the INPUT and OUTPUT chains specify only the remote end (known
IP). Would this be adequate?
I don't want someone setting up a route to use the network interface of the
Linux machine to then hop through the tunnel and onto a secure internal
network.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080815/a026793d/attachment.html
More information about the Users
mailing list