Re: Alternate route for port 80
Hi,
If you don't want to use only 80. port that you can change default
routing from vpn gw to ethX or wlanX interface's gateway.
route delete default gw
route add default gw 192.168.x.1
so you can use the vpn connection only for vpn networks.
On Sun, 2012-07-08 at 20:37 +0300, Onur Aslan wrote:
> Hi.
>
> I want to use my VPN for outgoing port 80 connections in my Debian router.
>
> My current route table:
>
> # ip route
> default dev ppp0 scope link
> 95.9.x.x dev ppp0 proto kernel scope link src 95.9.x.x
> 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.1
> 192.168.2.0/24 dev wlan0 proto kernel scope link src 192.168.2.1
> 192.168.4.0/24 dev tap0 proto kernel scope link src 192.168.4.2
>
>
> tap0 is my virtual VPN device created by openvpn. When I use something like
> that all my traffic going through by vpn so vpn is working fine:
>
> # ip route
> default via 192.168.4.1 dev tap0
> 95.9.x.x dev ppp0 proto kernel scope link src 95.9.x.x
> 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.1
> 192.168.2.0/24 dev wlan0 proto kernel scope link src 192.168.2.1
> 192.168.4.0/24 dev tap0 proto kernel scope link src 192.168.4.2
> 199.180.x.x dev ppp0 scope link
>
>
> 199.180.x.x and 192.168.4.1 is IP address of my VPN server.
>
> Now, I want to use an alternate route for only port 80 outgoing
> traffic. I create a table and set default gateway for this table with:
>
>
> # echo 10 alter >> /etc/iproute2/rt_tables
> # ip route add default via 192.168.4.1 table alter
>
>
> And I create a fwmark and mark OUTPUT requests with:
>
> # ip rule add fwmark 0x10 table alter
> # iptables -t mangle -A OUTPUT -p tcp --dport 80 -j MARK \
> --set-mark 0x10
>
>
> In my theory this should work, but it's not working. When I use that I am
> not able to connect any website. What I am missing here? What should I add
> to my alternate routing table to make it work?
>
> Thanks.
>
>
Reply to: