Firewall setup for high security for OpenVPN client
Rolf Nielsen
rnmtw70 at yandex.com
Thu Jun 30 14:26:44 UTC 2016
Hello everyone,
I've been using OpenVPN for some time, and now I'm looking to strengthen
the security a bit more.
I have disabled WebRTC in Firefox, and I'm using the VPN service's DNS
servers, rather than the ones of my ISP, and now it's time for the firewall.
I will of course need to communicate with the VPN server, and I'm
assuming that goes on the physical interface. Inbound, outbound or both?
TCP, UDP or both?
I get my IP from my ISP through DHCP. Need I open anything up for that?
Inbound, outbound or both? I'm guessing ports 67 and possibly 68, UDP.
Anything other than that on the physical interface?
Apart from any servers I may be running, what should I open up on the
tun interface?
And last, but not least, what should I absolutely close?
In case it matters here, I'm currently using ipfw. Since most people
tend to recommend pf, I believe I will move to that one, but I'll do
that later. Since I'm used to ipfw, it's more likely that I understand
what I'm doing, and once I understand that, I'll consider learning how
to do it in pf instead.
--
Vänligen / Sincerely,
Rolf Nielsen
More information about the freebsd-questions
mailing list