Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- iptables -F OUTPUT
- iptables -I OUTPUT -m owner --uid-owner foo -j MARK --set-mark 42
- iptables -I OUTPUT -d 10.20.0.0/24 -m owner --uid-owner foo
- iptables -I OUTPUT -d VPNSERVERIP -p udp -j ACCEPT -m owner --uid-owner foo
- iptables -I OUTPUT -j DROP -m owner --uid-owner foo
- iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE
- ip rule add fwmark 42 table 42
- for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
- echo 0 > $f
- done;
- ip route add default via $(ifconfig -a tun0 | grep -o 'destination [^ ]*' | cut -d -f 2) table 42
- Chain OUTPUT (policy ACCEPT)
- target prot opt source destination
- DROP all -- anywhere anywhere owner UID match foo
- ACCEPT udp -- anywhere VPNSERVERIP owner UID match foo
- all -- anywhere 10.20.0.0/24 owner UID match foo
- MARK all -- anywhere anywhere owner UID match foo MARK set 0x2a
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement