[CentOS] OpenVPN server and firewalld

Fri Dec 29 16:41:17 UTC 2017
Alain Péan <alain.pean at c2n.upsaclay.fr>

Le 29/12/2017 à 10:32, Kenneth Porter a écrit :
> How do I insert the iptables rule below using firewalld?
>
> I'm moving up from CentOS 6 to 7 on an office gateway and I'm trying 
> to get OpenVPN working to allow home workers to access PCs at the 
> office. I've got it all working but only by manually inserting an 
> ACCEPT rule in the FORWARD iptables chain:
>
> iptables -I FORWARD 3 -i tun+ -j ACCEPT
>
> This rule was extracted from my iptables firewall under CentOS6. The 3 
> puts it after the accepts for established connections and loopback 
> connections, but before any firewalld sub-chains. With this I can 
> connect to an internal Windows 10 system with Remote Desktop.
>
> How can I inject this rule using firewalld, either as a direct rule or 
> as some more firewalld-approved kind of rule? 

You can see perhaps this link, to add opnvpn service to firewalld :

https://unix.stackexchange.com/questions/149144/configuring-openvpn-to-use-firewalld-instead-of-iptables-on-centos-7

Alain

-- 
Administrateur Système/Réseau
C2N (ex LPN) Centre de Nanosciences et Nanotechnologies (UMR 9001)
Site de Marcoussis, Data IV, route de Nozay - 91460 Marcoussis
Tel : 01-69-63-61-34