IPtables

OpenVPN server config

server_nic=$(ip route list | grep default | grep -E  'dev (\w+)' -o | awk '{print $2}')
apt-get -qy install iptables-persistent
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
iptables -A INPUT -i $server_nic -m state --state NEW -p $openvpn_proto --dport $openvpn_port -j ACCEPT
iptables -A INPUT -i tun+ -j ACCEPT
iptables -A FORWARD -i tun+ -j ACCEPT
iptables -A FORWARD -i tun+ -o $server_nic -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i $server_nic -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o $server_nic -j MASQUERADE
iptables -A OUTPUT -o tun+ -j ACCEPT
sed -i 's|#net.ipv4.ip_forward=1|net.ipv4.ip_forward=1|' /etc/sysctl.conf
echo 1 > /proc/sys/net/ipv4/ip_forward