Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


OpenVPN and CSF firewall for blocking UDP ports
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

OpenVPN and CSF firewall for blocking UDP ports

ahmiqahmiq Member
edited September 2014 in Help

Greetings,

I use CSF firewall on my server and it works quite well. I installed @nyr 's script of OpenVPN in debian and everything works perfectly. The problem is that , if i want to download a torrent etc from my server via console with e-g Aria2c , it doesnt work , as csf is blocking the udp ports( i have only enabled few ports) , but if i connect via the openvpn , I can download the via Torrents.
Is there a way to block those? or some way to block torrent traffic

running the openvpn on tcp port.

Any help would be appreciated.

Comments

  • linuxthefishlinuxthefish Member
    edited September 2014

    Its almost impossible to block torrent downloading, just rate limit each client. Bittorrent works over TCP also.

  • @linuxthefish but why does CSF rules doesnt apply the OpenVPN? i have only 3-5 ports opened on my udp and few ports on tcp. From the server itself when i run aria2c it cannot download torrents until i turn off CSF , but on openvpn it can. I thought all the traffic routes through the eth0

  • @ahmiq said:
    linuxthefish but why does CSF rules doesnt apply the OpenVPN? i have only 3-5 ports opened on my udp and few ports on tcp. From the server itself when i run aria2c it cannot download torrents until i turn off CSF , but on openvpn it can. I thought all the traffic routes through the eth0

    Check for something like "ETH_DEVICE_SKIP = tun0" in csf config file, I'm not a big fan of CSF though sorry.

  • @Linuxthefish can you please suggest an alternative?

  • @ahmiq said:
    Linuxthefish can you please suggest an alternative?

    IPtables!

  • nadznadz Member
    edited December 2014
    removed.
Sign In or Register to comment.