OpenVPN was crashing (connection time-outs around 8pm) a couple times.  Can’t risk it.

 

Followed these instructions to disable connectivity if openVPN drops:

https://www.raspberrypi.org/forums/viewtopic.php?t=223589

Final IPTables rules:

Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- 192.168.1.0/24 anywhere
ACCEPT udp -- anywhere anywhere udp spt:domain
ACCEPT udp -- anywhere anywhere udp spt:1198
ACCEPT all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere 192.168.1.0/24
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:1198
ACCEPT all -- anywhere anywhere

 

 

Built a script to restart openvpn if not running -run it hourly

https://www.raspberrypi.org/forums/viewtopic.php?t=33890

#!/bin/bash
for i in openvpn ; do
if [[ $( pidof "$i" | wc -l ) -eq 0 ]] ; then
        echo $( date +%Y-%m-%d\ %H:%M:%S ) "$i has crashed! Process Restarted" >> /var/log/crashlog
        logger "$i" has crashed! Process Restarted.
        /etc/init.d/"$i" start
fi
done

#if [[ $( pidof smbd | wc -l ) -eq 0 || $( pidof nmbd | wc -l ) -eq 0 ]]; then
        #/etc/init.d/samba restart
        #echo $( date +%Y-%m-%d\ %H:%M:%S ) "Samba has crashed! Process Restarted"
        #logger Samba has crashed! Process Restarted.
#fi
exit