![]() Iptables -I DOCKER-USER -i vpn -o vpn -j ACCEPT Iptables -I DOCKER-USER -i vpn ! -o tun0 -j REJECT -reject-with icmp-port-unreachable The down.sh script removes the $trusted_ip which was added during setup. Route packets going to docker network to the docker networkīy leaving line 25 commented we only routing traffic from the docker vpn network over the OpenVPN. This is a trick by OpenVPN to get highest priority. Route packets coming from the docker vpn to the vpn table ![]() Route packets to the OpenVPN endpoint over eth0 Resets all the rules coming below by flushing the table Here is the explanation for the rules: LinesĬreates a tables for packets coming from the docker vpn network # Traffic to docker network should go to docker vpn network /bin/ip route add $docker_net dev vpn table vpn # Local traffic should go through eth0 /bin/ip route add $local_net dev eth0 table vpn bin/ip rule | /bin/sed -n 's/.*\(from**\).*vpn/\1/p' | while read RULEĭo /bin/ip rule del $ table vpn # Checks to see if there is an IP routing table named 'vpn', create if missing if then echo "100 vpn" > /etc/iproute2/rt_tablesįi # Remove any previous routes in the 'vpn' routing table
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |