hi,

ive got a vps with openvpn running on it, openvpn uses "redirect-gateway def1"

so my connecting clients will forward all their traffic over the server.

i did enable ip forwarding on the box, but i want it to only forward my traffic obviously.


these are the rules i came up with:
Code:
iptables -P FORWARD DROP
iptables -A FORWARD -i tun0 -j ACCEPT
iptables -A FORWARD -o tun0 -j ACCEPT
#log anything that is not tun0 related, not from me
iptables -A FORWARD -j LOG
will they block anything that is not connecting with openvpn?

openvpn uses the tun0 interface to communicate with my clients.