tinc - controlling communication between nodes
Guillermo Bisheimer
gbisheimer at bys-control.com.ar
Mon Feb 13 12:26:53 CET 2017
Hi Yazeed,
You have to add this to tinc.conf
TunnelServer = yes
Otherwise tinc will manage package routing internally. Then you can manage
forwarding rules using IPTABLES as usual.
Hope it helps.
El lun., 13 feb. 2017 a las 8:11, Yazeed Fataar (<yazeedfataar at gmail.com>)
escribió:
Hi
I have a simple hub and spoke topology where all my nodes connect to a
central node. Below is tinc.conf for main node
*tinc.conf*
Name = main
Interface = tun0
Forwarding = kernel
and the remote nodes have same with ConnectTo = main.
I have tried to apply a basic iptable policy on the main node but the
traffic still seems to passthough and the nodes can communicate with each
other. How do I apply policy between the two remote nodes on the main hub
node? I would like in future to only allow a selected ports to be allowed
between the nodes but for now I want iptables to manage policy between
nodes.
*Main node IPTABLES rule*
iptables -A FORWARD -s <site1-ip> -d <site2-ip> -j DROP
iptables -A FORWARD -s <site2-ip> -d <site1-ip> -j DROP
default DENY
Regards
Yazeed
<yazeedfataar at hotmail.com>
_______________________________________________
tinc mailing list
tinc at tinc-vpn.org
https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
--
*Ing. Guillermo Bisheimer*
*B&S Sistemas de Control y Equipamientos*
Av. de los Constituyentes 1172
(E3116CIX) Crespo, Entre Ríos
Tel/Fax: (0343) 407-8990 (Nuevo número)
Cel: (0343) 154679052
WEB: www.bys-control.com.ar
e-mail: gbisheimer at bys-control.com.ar
skype: guillermo.bisheimer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20170213/cbb3e48c/attachment.html>
More information about the tinc
mailing list