API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 20th, 2017
69
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.94 KB | None | 0 0
raw download clone embed print report
  1. iptables -F OUTPUT
  2. iptables -I OUTPUT -m owner --uid-owner foo -j MARK --set-mark 42
  3. iptables -I OUTPUT -d 10.20.0.0/24 -m owner --uid-owner foo
  4. iptables -I OUTPUT -d VPNSERVERIP -p udp -j ACCEPT -m owner --uid-owner foo
  5. iptables -I OUTPUT -j DROP -m owner --uid-owner foo
  6. iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE
  7.  
  8. ip rule add fwmark 42 table 42
  9.  
  10. for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
  11. echo 0 > $f
  12. done;
  13. ip route add default via $(ifconfig -a tun0 | grep -o 'destination [^ ]*' | cut -d -f 2) table 42
  14.  
  15. Chain OUTPUT (policy ACCEPT)
  16. target prot opt source destination
  17. DROP all -- anywhere anywhere owner UID match foo
  18. ACCEPT udp -- anywhere VPNSERVERIP owner UID match foo
  19. all -- anywhere 10.20.0.0/24 owner UID match foo
  20. MARK all -- anywhere anywhere owner UID match foo MARK set 0x2a
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!