Setting Up a LAN With Multiple Gateway/interface With Iptables and Route Policy Under Awesome Linux[2/2]

Creative Commons License
Setting Up a LAN With Multiple Gateway/interface With Iptables and Route Policy Under Awesome Linux by sunus Lee is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

The Script of ArchLinux in solution Two

(setArch.sh) download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
#!/bin/bash

if [ `whoami` != 'root' ]
then
    echo "need root!"
    exit 1
fi

# Change this to your interface name, could it be eth* or p*p*.
IFACE="wlp4s0"
# Change this to your route addr.
ROUTE="192.168.1.1"
# Change this to your vpn **Server addr**
VPNHOST="221.239.126.9"
VPNADDR=`ifconfig ppp0|grep -P -o '(?<=inet )[0-9.]*'`
VPNROUTE=`ifconfig ppp0|grep -P -o '(?<=destination )[0-9.]*'`
echo "VPN-ADDR:"$VPNADDR
cmd="ip route add $VPNHOST via $ROUTE dev $IFACE"
echo $cmd
$cmd
cmd="route add default gw $VPNROUTE"
echo $cmd
$cmd
cmd="route del default gw $ROUTE"
echo $cmd
$cmd
# The net is the route's subnet. be careful.
route add -net 192.168.1.0/24 gw 192.168.1.1
echo -e 'nameserver 8.8.8.8\nsearch 8.8.4.4' > /etc/resolv.conf

The Script of Route in final solution

  • see the Working iptables rules at here:
    • https://gist.github.com/sunuslee/5179422
    • you probobly need to modify this file a little bit, or just create your own with iptables-save > filename
    • make sure you have PPP0-IP in that file. because this script will replace PPP0-IP with the real PPP0-IP address.
    • you need to put the file working-iptables-rules along with setroute.sh, in the same directory.
    • if you are interested, those lines contain |sunus-a/b/c/d| are the Log, demonstration of how the packets went through all the way from one end to another.
    • this may have bugs, most likely.
Setting the route (setroute.sh) download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
#!/bin/sh


SUNUS_IP='192.168.1.169'
VPN_ROUTE=`ifconfig ppp0|grep -o 'P-t-P:[0-9.]*'|tr -d 'P-t-P:'`
VPN_IP=`ifconfig ppp0|grep -o 'addr:[0-9.]*'|tr -d 'addr:'`
TMP_RULES_FILE='/tmp/TRF'
ROUTE_TABLE='sunusroute'
if [ "$VPN_ROUTE" = "" -o "$VPN_IP" = "" ]
then
  echo -e "\n*********\n"
  echo "No VPN-Connection"
  echo "Make sure your xl2tp is working"
  echo -e "\n*********\n"
  exit 1
fi

sed "s/PPP0-IP/$VPN_IP/" working-iptables-rule > $TMP_RULES_FILE
echo -e "\n*********\n"
echo "VPN-ROUTE:"$VPN_ROUTE
echo "VPN-ADDR:"$VPN_IP

ip route add default via $VPN_ROUTE dev ppp0 table $ROUTE_TABLE
ip rule add from $SUNUS_IP table $ROUTE_TABLE
ip route flush cache

echo "setting ip rules and route-policy successfully"
echo -e "\n*********\n"

echo -e "\n*********\n"
iptables-restore < $TMP_RULES_FILE
echo "setting iptables successfully"
echo -e "\n*********\n"

echo -e "\n*********\n"
echo "NOW SUNUS CAN USING THE VPN CONNECTING!"
echo -e "\n*********\n"

Comments