Re: Redirect traffic to openvpn (client)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Just a note.. You create a network namespace for vpn with an arbitrary
network and run openvpn inside it. Then you can use a veth pair to
allow traffic from whatever other boxes on your lan you want to go
through the vpn. This also stops the traffic from going anywhere if
openvpn disconnects.

On Tue, Sep 29, 2020 at 10:52 AM Alberto <alberto@xxxxxxxxxxx> wrote:
>
> Hi everybody:
>
> I have a Linux debian with twice ifaces:
>
> - eth0: 192.168.1.1 (WAN)
>
> - eth1: 192.168.2.1 (LAN)
>
> as Home Router and GW of my Home LAN (192.168.2.0/24).
>
> From time to time, I up an tun0 iface as openvpn client in this Home Router.
>
> I up this openvpn connection with "--route-nopull" parameter, because I
> don't want redirect traffic of all my LAN devices through this VPN, but
> only a few.
>
> I set the following rules with IPTABLES to permit traffic from VPN:
>
> - iptables -A INPUT -i tun+ -j ACCEPT
> - iptables -A OUTPUT -o tun+ -j ACCEPT
> - iptables -A FORWARD -i eth0 -o tun+ -j ACCEPT
> - iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE
>
>
> Ok, how can I do to make this redirect to specific hosts?
>
>
> Thanks,
>
> Regards,
>
>
>
>
>



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux