How to make sure all internet traffic only goes througth VPN?
I have a VPN connection and I want to make sure that all traffic use this VPN connection. I though of using iptables. ideas somebody? ten x
By running this script at startup i solved the problem explained in your post
# Delete all existing rules
iptables -F
# Allow from local network
iptables -A OUTPUT -d 192.168.2.0/24 -j ACCEPT
iptables -A OUTPUT -s 192.168.2.0/24 -j ACCEPT
# Allow OpenVPN
iptables -A OUTPUT -p udp --dport 1194 -j ACCEPT
# Deny eth0
iptables -A OUTPUT -o eth0 -j DROP
You should set up a "default route" to send your TCP/IP traffic through the VPN. man route, netstat -rn. See also To allocate data usage efficiently with two internet connections
The best method is a hardware method.
Read this article: en.wikipedia.org: Network tap.
You can plug in the second machine 2 ethernet cards.
.----.
.---------. | == |
|.-"""""-.| |----|
|| || | == |
|| || |----|
|'-.....-'| |::::|
`"")---(""` |___.|--------. /
/:::::::::::\" _ " \ /
/:::=======:::\`\`\ | /
`"""""""""""""` '-' | \ + /
Your Personal Computer / \_________+_____/
/ + /\________+____/\ \
/ +/ /\_______+___/\ \ \ +
____/ /+/+/\______+__/\ \ \ +
.----. / / / /+/\_____+_/\ \ \+\ \
| == |/ / / /+/ \ \ + \ \ \
|----| / / / / \+\_\_\_\_\_____
| == |----------------------E | InterNet |_|_|_|_|_|_______
|----| \ \ \+\ / / / / / | | |
|::::| \ \ \+\ \_______/+/ / / / / / /
|___.| \ \+\ \/+______\/ + / / / / /
" " + \ /_+_______\/ / + / / /
Your Tap Router + \ \/__+________\/ / +/ /
+ \ \/___+_________\/ / / /+
\/____+_______+__\/ / /
/ +___________\/ /
__________\/
______\
___\
\
And sniff everything what's going on.