Route-up script for OpenVPN
The snippet can be accessed without any authentication.
Authored by
Jérôme Charaoui
Edited
route-up.sh 995 B
#!/bin/sh
# This script removes the default routes added by OpenVPN
# so that the VPN tunnel may be accessed only by applications
# which are bound to the VPN interface, such as a BitTorrent client.
# Checks to see if there is an IP routing table named 'vpn', create if missing
if [ $(cat /etc/iproute2/rt_tables | grep vpn | wc -l) -eq 0 ]; then
echo "100 vpn" >> /etc/iproute2/rt_tables
fi
# Remove any previous routes in the 'vpn' routing table
/bin/ip rule | sed -n 's/.*\(from[ \t]*[0-9\.]*\).*vpn/\1/p' | while read RULE
do
/bin/ip rule del ${RULE}
done
# Delete the default route setup when the OpenVPN tunnel was established
/bin/ip route del 128.0.0.0/1 via ${route_vpn_gateway}
/bin/ip route del 0.0.0.0/1 via ${route_vpn_gateway}
# Add routes to the vpn routing table
/bin/ip rule add from ${ifconfig_local} lookup vpn
# Add the route to direct all traffic using the the vpn routing table to the tunX interface
/bin/ip route add default dev ${dev} table vpn
exit 0
Please register or sign in to comment