Issue
Out-of-the-box, CSF + OpenVPN don't work together. Well, not with further configuration.
Let's say your OpenVPN conf is working, but you just can't get out on the internet through your VPN box.
Seems we need some masquerade and maybe other things..
Configuration
Here is my conf :
eth0 : external nic
10.8.0.0/24 : my tunnel network
Solution
Don't forget to enable packet forwarding :
echo 1 > /proc/sys/net/ipv4/ip_forward
Edit your sysctl file to make your change permanent.
Then create the following file in your csf folder :
vi /etc/csf/csfpost.sh
Enter the following :
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
Relaunch csf :
csf -r
Enjoy. De nada.