search

jotyGill / openpyn-nordvpn

Easily connect to and switch between, OpenVPN servers hosted by NordVPN on Linux (+patch leakes)
GNU General Public License v3.0
628 stars 114 forks source link

Allow to allow UDP ports #267

Closed k0ssk closed 4 years ago

k0ssk commented 4 years ago

Needed if the server acts as a DNS server

k0ssk commented 4 years ago

Oh, I saw there is --allow-config-json in test branch, never mind.

ethaniel commented 4 years ago

Dear @k0ssk, couldn't find your contacts, so I'm writing to you here. Thank you for the amazing branch, it WORKS. However, I'd like to add that you need to add to your website the following line in the manual: sudo iptables -A POSTROUTING -t nat -o tun0 -j MASQUERADE

(otherwise the raspberry doesn't work as a gateway)

ethaniel commented 4 years ago

And maybe need to add a note regarding iptables-persistent, so the rule above will be saved on reboot.

k0ssk commented 4 years ago

Hi @ethaniel thank you very much for the feedback!

I've updated my allow_udp branch adding --masquerade option, if supplied openpyn is going to create MASQUERADE rule in iptables.

I thought about mentioning iptables-persistent in the blog post but in this case you have two utils managing iptables. And this is exactly why I forgot to automate adding the MASQUERADE rule - I've just created it earlier and persisted using iptables-persistent so everything worked for me. I've flushed all rules and 'openpyn' configures vanilla system properly for me now.

I've updated the blog post as well. Thanks again for the feedback.