Hi!
I've just installed a OpenVPN-server and it works well.
I'm able to use it as default gateway and do everything via it.
My problem is: I only want traffic on port 80 to go through the VPN.
This is my setup:
Server:
OpenVPN with eth0 (static wan-ip) and tun0 (10.0.1.1)
I've enabled masquerading:
iptables -A PREROUTING -t nat -s 10.0.1.0/24 -o eth0 -j MASQUERADE
And also:
echo 1 > /proc/sys/net/ipv4/ip_forward
With this configuration, I'm able to get all traffic running through it.
Now my client:
eth0 (10.112.12.15, LAN-ip) and tun0 (10.0.1.5, with 10.0.1.6 as the gw).
When doing:
ip route add default via 10.0.1.6 , I get all traffic through the VPN. (As I've written before
I've added 200 TUN /etc/iproute2/rt_tables (and even rt_table, just to be sure that it doesn't have anything to do with naming of files.)
this is the routing/iptables stuff I've done:
iptables -A PREROUTING -t mangle -p tcp --dport 80 -J MARK --set-mark 1
ip route add default via 10.0.1.6 table TUN
ip rule add from all fwmark 1 table TUN
This doesn't work at all. All traffic goes through my LAN (eth0) when I want it through tun0.
I've tried a variety of different things, and the only thing that makes a difference is:
iptables -A OUTPUT -t mangle -p tcp --dport 80 -J MARK --set-mark 1
When using it, HTTP traffic doesn't work at all.
I really have no idea what to do. I've done the exact same thing but on a gateway and it worked flawlessly.
Would really appreciate some help!
Thanks!