Configuring Shorewall to work with Protonvpn
by 3rensho from LinuxQuestions.org on (#57DHK)
I have started using ProtonVPN and it seems to work well. I also had Shorewall firewall running but had to shut that down as it blocked my vpn network connections. I want to configure Shorewall to play nice with the VPN traffic. I've been reading the writings of Tom Eastep but frankly nothing in his examples seems to address my case - perhaps it does but my understanding of Shorewall configuration/IPTABLES is frankly zilch. I'm running Slackware64-current. I've got the protonvpn_cli program installed and configured and it connects fine (sans Shorewall). So basically what I am asking is for someone knowledgeable in this black art to let me know exactly what I need to do to make Shorewall play nice. Add zone(s), rules, interfaces, etc. My box has one network card, eth0. When connected to the vpn the output of ifconfig -a looks like this -
Code:docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:86:48:9b:ff txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.205 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::fa32:e4ff:fe9c:c3c4 prefixlen 64 scopeid 0x20<link>
ether f8:32:e4:9c:c3:c4 txqueuelen 1000 (Ethernet)
RX packets 1142209 bytes 1148228681 (1.0 GiB)
RX errors 0 dropped 416 overruns 0 frame 0
TX packets 1158089 bytes 676996490 (645.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 29931 bytes 5746282 (5.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 29931 bytes 5746282 (5.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
proton0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.50.0.8 netmask 255.255.0.0 destination 10.50.0.8
inet6 fe80::dea2:8029:11fa:56dc prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 416690 bytes 137135086 (130.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 755402 bytes 531582753 (506.9 MiB)
TX errors 0 dropped 7 overruns 0 carrier 0 collisions 0and when I am disconnected from Protonvpn is looks like this -
Code:
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:86:48:9b:ff txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.205 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::fa32:e4ff:fe9c:c3c4 prefixlen 64 scopeid 0x20<link>
ether f8:32:e4:9c:c3:c4 txqueuelen 1000 (Ethernet)
RX packets 1184068 bytes 1157576915 (1.0 GiB)
RX errors 0 dropped 469 overruns 0 frame 0
TX packets 1237336 bytes 724171145 (690.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 30936 bytes 5929205 (5.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 30936 bytes 5929205 (5.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0If more info is required please let me know. Thank you in advance to any help/pointers/solutions.
Code:docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:86:48:9b:ff txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.205 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::fa32:e4ff:fe9c:c3c4 prefixlen 64 scopeid 0x20<link>
ether f8:32:e4:9c:c3:c4 txqueuelen 1000 (Ethernet)
RX packets 1142209 bytes 1148228681 (1.0 GiB)
RX errors 0 dropped 416 overruns 0 frame 0
TX packets 1158089 bytes 676996490 (645.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 29931 bytes 5746282 (5.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 29931 bytes 5746282 (5.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
proton0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.50.0.8 netmask 255.255.0.0 destination 10.50.0.8
inet6 fe80::dea2:8029:11fa:56dc prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 416690 bytes 137135086 (130.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 755402 bytes 531582753 (506.9 MiB)
TX errors 0 dropped 7 overruns 0 carrier 0 collisions 0and when I am disconnected from Protonvpn is looks like this -
Code:
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:86:48:9b:ff txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.205 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::fa32:e4ff:fe9c:c3c4 prefixlen 64 scopeid 0x20<link>
ether f8:32:e4:9c:c3:c4 txqueuelen 1000 (Ethernet)
RX packets 1184068 bytes 1157576915 (1.0 GiB)
RX errors 0 dropped 469 overruns 0 frame 0
TX packets 1237336 bytes 724171145 (690.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 30936 bytes 5929205 (5.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 30936 bytes 5929205 (5.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0If more info is required please let me know. Thank you in advance to any help/pointers/solutions.