Question about add-openvpn-rules.sh

[d47081]

I found this rule in my /etc/iptables/add-openvpn-rules.sh:

iptables -t nat -I POSTROUTING 1 -s 10.8.0.0/24 -o ens3 -j MASQUERADE
iptables -I INPUT 1 -i tun0 -j ACCEPT
iptables -I FORWARD 1 -i ens3 -o tun0 -j ACCEPT
iptables -I FORWARD 1 -i tun0 -o ens3 -j ACCEPT
iptables -I INPUT 1 -i ens3 -p tcp --dport 1194 -j ACCEPT

But the VPN is physically running on tun1 interface, when the tun0 is taken by 3'th service. Is this okay?

Plus it seems I found here the issue with connection to UDP (as default by installation) because of protocol defined on example above is tcp (even it was not recommended by setup CLI guide). I'm using non-default TCP to make VPN connectable. Or the tcp string in this file was generated by some another script on setup?

• Debian 12 on server side
• Fedora 42 / GNOME on the client side