Skip to content
Snippets Groups Projects

Route-up script for OpenVPN

  • Clone with SSH
  • Clone with HTTPS
  • Embed
  • Share
    The snippet can be accessed without any authentication.
    Authored by Jérôme Charaoui
    Edited
    route-up.sh 995 B
    #!/bin/sh
    
    # This script removes the default routes added by OpenVPN
    # so that the VPN tunnel may be accessed only by applications
    # which are bound to the VPN interface, such as a BitTorrent client.
    
    # Checks to see if there is an IP routing table named 'vpn', create if missing
    if [ $(cat /etc/iproute2/rt_tables | grep vpn | wc -l) -eq 0 ]; then
        echo "100     vpn" >> /etc/iproute2/rt_tables
    fi
    
    # Remove any previous routes in the 'vpn' routing table
    /bin/ip rule | sed -n 's/.*\(from[ \t]*[0-9\.]*\).*vpn/\1/p' | while read RULE
    do
        /bin/ip rule del ${RULE}
    done
    
    # Delete the default route setup when the OpenVPN tunnel was established
    /bin/ip route del 128.0.0.0/1 via ${route_vpn_gateway}
    /bin/ip route del 0.0.0.0/1 via ${route_vpn_gateway}
    
    # Add routes to the vpn routing table
    /bin/ip rule add from ${ifconfig_local} lookup vpn
    
    # Add the route to direct all traffic using the the vpn routing table to the tunX interface
    /bin/ip route add default dev ${dev} table vpn
    
    exit 0
    0% Loading or .
    You are about to add 0 people to the discussion. Proceed with caution.
    Please register or to comment