Home / server / Questions / 317756
In Process
Toqeer
Asked: 2011-01-21 02:19:59 +0800 CST

openvpn client sending spams

  • 772

I have OpenVPN configured on a Centos server and client can connect via OpenVPN client from their Windows box on port 1194. Clients get the gateway 10.0.8.1.

The problem is clients' boxes have viruses on their system and they are sending spam via my OpenVPN server; I just want to block port 25 for my clients.

I added the following rule in my iptables, which allows all traffic and drops port 25.

iptables -t nat -A PREROUTING  -p tcp --dport 25 -j DROP
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

eth0 is the interface of the OpenVPN server.

But still it is sending spam.

Can anybody suggest how can I block the emails from my OpenVPN client machines?

openvpn

2 Answers

  1. You need to block the source port not the destination port lie so. $VPN is the interface that the VPN server is routing its traffic on.

    iptables -A FORWARD -p tcp -i $VPN  --sport 25  -j DROP
    • 0

  2. Try to filter using the FORWARD table:

    iptables -A FORWARD -s 10.8.0.0/24 -p tcp --dport 25 -j DROP

    Also, if you are running SMTP on your server, you may need to block access to it:

    iptables -A INPUT -s 10.8.0.0/24 -p tcp --dport 25 -j DROP

    Assuming OpenVPN is using the default 10.8.0.0/24 IP address range, of course.

    • 0