Skip to content

Instantly share code, notes, and snippets.

@lotherk

lotherk/vpnroute.sh

Created June 20, 2014 10:46
Show Gist options
  • Save lotherk/b9318c619de8eac7931a to your computer and use it in GitHub Desktop.
Save lotherk/b9318c619de8eac7931a to your computer and use it in GitHub Desktop.
Download ZIP
vpnroute.sh
Raw
vpnroute.sh
#!/bin/sh
GW_IFACE="mun0"
GW_IP="172.16.37.1"
LOCAL_IP="172.16.37.2"
ROUTE_PORTS="80 443 25 110 143 993"
MARK=2
TABLE=2
case "$1" in
start)
ip rule add fwmark $MARK table $TABLE
ip route add default via $GW_IP table $TABLE
ip route flush cache
for i in $ROUTE_PORTS; do
iptables -t mangle -A OUTPUT -p tcp --dport $i -j MARK --set-mark $MARK
done
iptables -t nat -A POSTROUTING -o $GW_IFACE -j SNAT --to-source $LOCAL_IP
sysctl -w net.ipv4.conf.${GW_IFACE}.rp_filter=2
;;
stop)
ip rule del fwmark $MARK table $TABLE
ip route del default via $GW_IP table $TABLE
ip route flush cache
for i in $ROUTE_PORTS; do
iptables -t mangle -D OUTPUT -p tcp --dport $i -j MARK --set-mark $MARK
done
iptables -t nat -D POSTROUTING -o $GW_IFACE -j SNAT --to-source $LOCAL_IP
;;
*) echo "start/stop"
;;
esac
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment