MUG :: Michigan!/usr/group

Networking

• Routing

• []$ sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
  

• Firewall

• # Only needed if have firewall. This may be to permissive YMMV
  iptables -A INPUT  -i tun+ -j ACCEPT
  iptables -A OUTPUT -o tun+ -j ACCEPT
  iptables -A FORWARD -i tun+ -j ACCEPT
  iptables -A FORWARD -o tun+ -j ACCEPT
  

• NAT

• iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
  

--redirect-gateway [local] [def1]

Automatically execute default routing over the VPN.
local flag - skip adding static route for --remote
def1 flag (0.0.0.0/1 and 128.0.0.0/1) wont wipe out the original default gateway.

--route network/IP [netmask] [gateway] [metric]