Re: Can't SSH after enabling dietpi-vpn killswitch
Posted: Mon May 31, 2021 9:15 pm
Hello,trendy wrote: ↑Mon May 31, 2021 12:22 pm @MichaIng I think the current killswitch is lacking ssh for remote administration.
-A INPUT -s 192.168.0.0/16 -m conntrack --ctstate NEW -p tcp --dport 22 -j ACCEPT
-A INPUT -s 172.16.0.0/12 -m conntrack --ctstate NEW -p tcp --dport 22 -j ACCEPT
-A INPUT -s 10.0.0.0/8 -m conntrack --ctstate NEW -p tcp --dport 22 -j ACCEPT
before the last line with
Thanks for this idea, but after making the change to that killswitch.rules file it does not save if I ever turn off the killswitch option in dietpi-vpn. I made the edit, reconnected vpn, but when I try to turn off the killswitch that rules file disappears when I check via ls command. When I re-enable the killswitch it appears a fresh, unmodified killswitch.rules is created.
Thank you @MichaIng for marking this as an potential improvement in github. I hope it can possibly be an option for SSH within local network only. For now I'm using Up and Down scripts to stop and start the specific software I want under VPN.