|
|
|
|
|
|
by stevekemp
1653 days ago
|
|
|
Yeah there are a bunch of tools like this - I'm using Aviatrix at the moment for a bunch of hosts: * Incoming access is allowed to "stuff" when connected to the OpenVPN host. * Outgoing access to services is very heavily restricted. * Outgoing HTTP/HTTPS requires the site to be on an allow-list. By default all outgoing HTTP/HTTPS traffic is denied. (We might add yum-repositories to the allowlist, or permit access to the various "Windows Updates" services, for example. But all other downloads from remote sites would be denied.) |
|
|