Clean up all firewall rules echo "Clearing all iptables rules" iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -t nat -F iptables -t mangle -F iptables -F iptables -X echo "Clearing all ip6tables rules" ip6tables -P INPUT ACCEPT ip6tables -P FORWARD ACCEPT ip6tables -P OUTPUT ACCEPT ip6tables -t nat -F ip6tables -t mangle -F ip6tables -F ip6tables -X Client access-control & isolation on VPN using iptables DROP all FORWARD traffic by default (chain policy) iptables -P FORWARD DROP ACCEPT bidirectional traffic between a given pair of hosts iptables -A FORWARD -i tun0 -s 10.80.0.2 -d 10.80.0.4 -j ACCEPT iptables -A FORWARD -i tun0 -s 10.80.0.4 -d 10.80.0.2 -j ACCEPT # Example with CIDR notation iptables -A FORWARD -i tun0 -s 10.80.0.0/16 -d 10.80.0.4 -j ACCEPT To make the rules persistent and loaded on-boot yum install iptables-services service iptables save
