[Shorewall-users] unable to filter or log vpn traffic

Tom Eastep teastep at shorewall.net
Tue Mar 15 10:21:59 PST 2005


Paolo wrote:

> So this VPN create a direct connection from one of my internal machine
> to external server completely bypass my firewall, seem i can do nothing
> to control traffic.

With ADMINISABSENTMINDED=Yes, once you have allowed the VPN connection
to be established then the only things that you can do to stop traffic
through that VPN are:

a) Use the 'cutter' utility to sever the VPN connection (or unload the
ip_conntrack kernel module).
b) Set BLACKLISTNEWONLY=No in shorewall.conf and blacklist the remote
gateway.

With ADMINISABSENTMINDED=No, stopping Shorewall will probably stop VPN
traffic since you normally don't have your external interfaces enabled
in your /etc/shorewall/routestopped file.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key


More information about the Shorewall-users mailing list