I would like to restrict access from the VPN subnet 10.8.0.0/24 to NVR IP only. I have tried to "compile" some of the examples from the other threads but this is not working as expected - I'm able to access NVR and e.g. browse the shared folders on my NAS:
Can anyone help me with the correct iptables command syntax/order please?
Thank you.
Code:
openvpn-event script
#!/bin/sh
if [ "$1" = "tun21" ] || [ "$1" = "tun22" ]
then
logger -t openvpn-event "Apply additional firewall rules for NVR"
iptables -I FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -I FORWARD -s 10.8.0.0/24 -d NVRIP -p tcp --dport 554 -j ACCEPT
iptables -I FORWARD -s 10.8.0.0/24 -d NVRIP-p udp --dport 554 -j ACCEPT
iptables -I FORWARD -s 10.8.0.0/24 -d NVRIP -p udp --dport 8000 -j ACCEPT
iptables -I FORWARD -s 10.8.0.0/24 -d NVRIP-p tcp --dport 8000 -j ACCEPT
iptables -I FORWARD -s 10.8.0.0/24 -j DROP
fi
Can anyone help me with the correct iptables command syntax/order please?
Thank you.