|
||||||||
Hello, I have done some more work on seeing if I can create a version of m0n0wall that allows full filtering of VPN traffic. Not intended to be used in production, I have created a version that instead of applying rules on each interface applies them to all interfaces instead. This concept is similar to that used in some commercial firewalls where you simply define source and destination addresses in rules. The image I have produced is a proof of concept that I have only tested in a development environment with IPSEC VPNs. I don't know how well it will cope with other configurations or if I have missed anything that might make it insecure. In addition, you need to start to with the default configuration as the ruleset is slightly different in the config.xml - using an existing configuration may produce odd results. Although hosted on a slow link, the image is available here: http://www.klshaw.co.uk/m0n0wall/ Regards, Kris. |