On Mon, 23 Oct 2017 21:03:30 +0200 Pol Hallen <de...@fuckaround.org> wrote:
> Hello all :-) > > maybe I've a simple question... > > I've an openvpn server 10.0.0.1/24 and a connected client (gateway): > I use vpn to make backup. > > On this client I've samba and clients in same lan can connect to it. > > The problem: these clients can see also all netbios across vpn > (10.0.0.1/24) > > what I should blocks using iptables? > Everything. Only allow through what you want to allow. Alternatively, use a different method than VPN for backups. When you say 'backup', are you simply synchronising SMB shares, or are you making a backup file and copying it across the VPN? If the latter, then SSH or another secure file transfer protocol can do the job without linking the networks together fully as a VPN does. -- Joe