using OpenVPN for specific application(s)
Hello everyone,
I am subscribed to unblockvpn.com service and I am using their openvpn but I need to know if I can use this service to be applied to certain application not to the whole internet traffic. Can I? I hope my question is clear. Thank you. |
You might be able to accomplish this with policy-based routing and split tunneling.
|
Thank you osor, I googled "policy-based routing" and got some tutorials but I didn't understand what to do with them and it seems to be dangerous I am afraid that if used them I'll corrupt my current internet connectivity. So if you can help me by guiding me through the right commands to apply I'll be thankful.
If I played with those tutorials can I get back my previous configuration? How? I appreciate your concern. |
Quote:
In terms of specifics steps to take, it isn’t as hard as it sounds. Normally, with openvpn, you use the config option redirect-gateway so that the helper scripts will write the default route to be tun0 (i.e., all traffic routed through the tunnel). Instead, you want selective packets going through. This is roughly what you would do:
|
osor I am truly sorry I could not reply because I faced some issues with my laptop but here what I tried after I connected to the service with commenting out "redirect-gateway" from the file I got from unblockVPN.com:
The Steps I did: Code:
echo "100 openvpn" >> /etc/iproute2/rt_tables file: unblockvpn.ovpn Code:
proto tcp-client Code:
Thu Jul 2 18:12:38 2009 Control Channel MTU parms [ L:1591 D:140 EF:40 EB:0 ET:0 EL:0 ] So please guide me to figure out what I missed. Thank you again. |
please can any one help me?
|
Quote:
Quote:
Quote:
Quote:
Quote:
Code:
#!/bin/sh |
Btw, I did not say so explicitly, but step 3 should not be performed more than once (even after rebooting), since you are writing to a persistent file (namely /etc/iprotue2/rt_tables). Technically, you don’t need to do this, but it makes life easier to talk about the “openvpn” table rather than to “100” table. So make sure (in a text editor) that this file has only one line equating 100 and openvpn.
|
I meant by "no effects" that there are no traffic go through the tunnel, it acts like if I didn't run openvpn.
Quote:
Quote:
Code:
echo "100 openvpn" >> /etc/iproute2/rt_tables I'll show the routing table before and after running openvpn. Before running openvpn: Code:
Kernel IP routing table After running openvpn with commenting out "redirect-gateway": Code:
Kernel IP routing table After running openvpn without commenting out "redirect-gateway": Code:
Kernel IP routing table in the first 2 cases - which are without running openvpn or running it with commenting out "redirect-gateway" - the result of Code:
ip route list match 0/0 Code:
default via 192.168.100.1 dev eth1 Code:
default via 77.78.108.129 dev tap0 Thank you for your kindness and patience. |
can any one help?
|
Quote:
From all I can see, it should be working correctly, unless I am missing something simple. You can always try further experimentation, such as blackholing the openvpn table to make sure that tunnel_me’s traffic actually flows through it, or adding some logging rules to iptables. If you can’t get it to work, you can always try virtualization, though in this case, it seems like overkill. |
All times are GMT -5. The time now is 04:00 PM. |