Hi, All. Here's my routing script: #!/bin/bash ip route flush table 300 iptables -t mangle -A OUTPUT -m owner --uid-owner vpnroute -d 127.0.0.1 -j RETURN iptables -t mangle -A OUTPUT -m owner --uid-owner vpnroute -d 192.168.0.0/24 -j RETURN iptables -t mangle -A OUTPUT -m owner --uid-owner vpnroute -j MARK --set-mark 100 iptables -t nat -A POSTROUTING -m owner --uid-owner vpnroute -o tun0 -j MASQUERADE ip rule add fwmark 100 table 300 ip route add default dev tun0 table 300 ip route flush cache It routes traffic based on --uid-owner filter. However i've done some tcpdump-ing and seen that some packets are going not thru the tun0 device as it is expected(it could be probably because OpenVPN restarts some times). I need to ensure that each packet besides DNS requests goes thru tun0 device. Thinking about adding a rule that will drop all traffic lost by OpenVPN. Any ideas how that should look like? Thank you, Serg -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
