Closed woojoo666 closed 2 years ago
binhex
commented
2 years ago it wasnt removed, as per the commit it was 'moved' to the intermediate image, as i have multiple vpn images it makes sense to have a common code base from which to build, so if you look at arch-int-vpn you will see the 'missing' iptable.sh script.
woojoo666
commented
2 years ago ah I see, I was wondering what "intermediate" meant. I checked out the iptable.sh in arch-int-vpn, and I can see why you moved it, having a common iptable seems much cleaner. Sorry for the misunderstanding, and thanks for the quick reply!
I noticed that in commit https://github.com/binhex/arch-delugevpn/commit/64c05730420ef5280e1e406b9b4ffdc8195e45b5 the iptables configuration was removed. Do we currently have any safeguards against leakage? If I'm reading watchdog.sh correctly we are binding the Deluge listening interface to OpenVPN, but Deluge has had bugs with network binding before. I feel like ideally we should not be relying on Deluge for such critical behavior, and an OS-level firewall would be more secure.