Did you know LQ has a Linux Hardware Compatibility List?
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 05-22-2009, 04:16 AM   #1
LQ Newbie
Registered: Feb 2009
Posts: 11

Rep: Reputation: 0
creating Iptables for tun0 device

Hi all,

I need to create a iptable which suits the following.

1. The IP packets fron the tun device has to be routed to the outer world using eth0.
2.the incomming packets inteneded for the TUN device has to be routed to the tun0 device.

Thanks in advance
johnnie alan J
Old 05-23-2009, 03:24 PM   #2
Registered: Feb 2008
Location: Texas
Distribution: Fedora, RHEL, CentOS
Posts: 488

Rep: Reputation: 78
I do something like this when I need to route from client tun0 through server tun0 out server eth0 and back again. If server eth0 is static IP use '-j SNAT'

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
Old 05-24-2009, 11:04 PM   #3
LQ Newbie
Registered: Feb 2009
Posts: 11

Original Poster
Rep: Reputation: 0
Thanks for your reply.

echo 1 > /proc/sys/net/ipv4/ip_forward
This line will enable the ip forwarding.

iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
The above statements are to enable post routing through the eth0 device. I tried these commands ,but unfortunately the routing is not happening. The Ip packet which i send is reaching tun0 device but not been routed to eth0.

The third one is not clear. Actually I need only IP packet from <particular IP> has to be routed to tun0 device.

IP addresses

I am sending an IP packet to the local server in the same LAN. The source IP of the packet which I send is and dest IP is

Do I need to change the source IP to

Here I am writing the IP packet to /dev/net/tun using the FD.

I am assuming that the eth0 device will add the ethernet header to the IP packet and send it across the LAN.

Can you show me the sample code which you used for opening the tun device and its ioctrl.

Thanks in advance,
johnnie alan J

Last edited by johnniealan; 05-25-2009 at 01:29 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables/TC: how to make masqueraded traffic go through an openVPN tun0? theVOID Linux - Networking 3 04-25-2008 03:34 AM
device mapper / multipath creating extra device, won't let me talk to the one i want chakkerz Linux - Server 1 03-16-2008 05:52 PM
Creating A New Device Node/Not A Valid Block Device indienick Debian 4 07-13-2007 02:07 PM
difference between tun0 and tun1 birjodh Linux - Networking 5 06-22-2007 05:04 PM
Need tun0 for fedora5. Help!! allkit Linux - Networking 1 03-27-2007 04:14 PM

All times are GMT -5. The time now is 04:14 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration