On 3/18/2020 10:05 AM, Witold Tosta wrote:
> W dniu 2020.03.18 o 17:49, Matt Darfeuille pisze:
>>
>> It would be good if you could try it and if it works for you and
>> report back if you have issue(s).
>>
>>
> The solution suggested by Bob regarding the tls-auth OpenVPN option
> fully solves the problem of security of authorization of incoming
> connections. I have just tested it. There is no point in using
> additional restrictions on incoming OpenVPN connections from Shorewall
> firewall.
> Thank you all for such quick answers.
> 
> Witold
> 
>> Note that Tom is retired from the Shorewall project.
>>
> Sorry, I did't know this. Anyway greetings to Tom :-)
> 

Thanks, Withold. I still hang around the project and I am doing one more
release, primarily to verify the new tools that Matt has created for the
project. At this point, I don't see the tunnels file going away. But you
can always just ignore that file and craft your own rules in the rules file.

-Tom
-- 
Tom Eastep        \ Q: What do you get when you cross a mobster
Shoreline,         \    with an international standard?
Washington, USA     \ A: Someone who makes you an offer you
http://shorewall.org \    can't understand
                      \________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to