How to configure pptp vpn client on ubuntu server to route specific traffic?

2

I installed and ran successfully a pptp vpn client on a ubuntu server (aws ec2).

I want to be able access certain websites through this vpn. However, still able to ssh and connect to server.

$ route -n  #after connecting to vpn

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.31.0.1      0.0.0.0         UG    100    0        0 eth0
172.31.0.0      0.0.0.0         255.255.240.0   U     0      0        0 eth0
192.168.68.35   0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
209.99.22.18    172.31.0.1      255.255.255.255 UGH   0      0        0 eth0

The routing table is as above after connection. If, I make ppp0 as default gateway, i am not able to ssh to server again.

So, I want to add some rules, so that whenever an application/script request for certain web address or HTTP/HTTPS requests, it will redirect the traffic over ppp0 or the vpn connection but not other connections.

Is it possible?

Thanks in advance!

R Simon

Posted 2014-03-27T02:09:10.220

Reputation: 21

Answers

0


You can mark packets with iptables and route marked packets via iproute2.
It is described in LARTC
In your case first you need create iptables rule:

iptables -t mangle -A OUTPUT -p tcp -m tcp -d 1.2.3.4 --dport 80 -j MARK --set-mark 0x1

Where 1.2.3.4 - ip address of target website.
Then add routing table with iprule

echo 201 crawl >> /etc/iproute2/rt_tables
ip rule add fwmark 1 table crawl

Check it

ip rule ls
0:  from all lookup local 
32765:  from all fwmark 0x1 lookup crawl 
32766:  from all lookup main 
32767:  from all lookup default

Now add default route to table crawl:

ip route add default via 192.168.68.35 dev ppp0 table crawl

That's all, packets with address destination 1.2.3.4 and destination port 80 will be routed via ppp0 interface.

chromium58

Posted 2014-03-27T02:09:10.220

Reputation: 1

Asked: 2014-03-27T02:09:10.220

Viewed: 2 468 times

Active: 2019-11-08T03:04:10.670