Hi, I'm trying to setup a VPN to work because sometimes I connect to crappy ISP and their connection sucks, so I want to protect my traffic and ensure a better quality in service so I can work faster; it'll only be used by me. The server also sends email, http and other services. Last time I tried, it worked except that it blocked the email sending, and other connections from the server to the internet. It didn't block http or IMAP or POP, but did block courier which caused the server to become unstable because it had a lot of connections to the internet to make and it almost explode of unfinished tasks until I reset the iptables rules and reboot. These are the rules I set:
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o enp6s0 -j MASQUERADE
iptables -t nat -A POSTROUTING -j SNAT --to-source 10.8.0.48
My main ip is at enp620. The device I want it to connect to is enp6s0:0. I use a tun network named tun0.
Here are some questions:
Is it valid if I set it to enp6s0:0 instead of enp6s0? Does the rule differ 0 to 0:0?
Can someone please explain these rules better to me?
Can someone suggest a better rule set that doesn't break connectivity from the server to the internet?
Thanks a lot for the help in advance.
[link] [comments]