Config question.
Ivo Timmermans
zarq at spark.icicle.yi.org
Thu Apr 5 12:28:36 CEST 2001
stnick wrote:
> Can anyone tell me what the absolute minimally permissive ipchains rule
> would be to allow tinc to operate correctly between two hosts. If we
> were to presume each tinc host had a default-deny policy, what ipchains
> command(s) would allow tinc to do its thing?
If you are not doing any NAT, this should be enough:
ipchains -A input -j ACCEPT -d <yourip> 665 -p udp
ipchains -A output -j ACCEPT -d <theirip> 665 -p udp
ipchains -A input -j ACCEPT -d <yourip> 665 -b -p tcp
ipchains -A output -j ACCEPT -d <theirip> 665 -b -p tcp
Repeat any rules with <theirip> for each host <yourip> needs to be
able to have a connection with.
Note that these rules are fairly permissive also, you could only allow
incoming access to known hosts.
Ivo
--
Floating point exception
-
Tinc: Discussion list about the tinc VPN daemon
Archive: http://mail.nl.linux.org/lists/
Tinc site: http://ftp.nl.linux.org/pub/linux/tinc/
More information about the Tinc
mailing list