Filter traffic between l2tp clients.


#1

Hello!

I’ve configured L2TP/IPsec server based on VyOS.
When client connects - new l2tp* interface is created. I’ve wrote some scripts at /etc/ppp/ip-up.d and /etc/ppp/ip-down.d for adding new interface to firewall zone and delete from zone. But, I want to filter traffic between l2tp-clients.
How can I achive this?


#2

Is the only way to use “iptables -A FORWARD -i $PPP_IFACE -o $PPP_IFACE -j DROP” at /etc/ppp/ip-up.d/ ?
Does anyone know a better way? VyOS-way?:slight_smile: