我一直在嘲弄我的头一阵子,并放弃了试图找出答案。 我对路由和iptables的知识太有限了,看起来似乎不太明白。
我在我的openwrt路由器上configuration了一个分离的路由情况。 我的networking中有一台计算机使用VPN服务连接到互联网(192.168.10.160,tun1)。 从我的家庭networking,我可以通过正常的IP访问这台计算机。 每当我在路上,我可以通过VPN服务器(tun0)访问我的家庭networking。 我可以访问家庭networking上的所有计算机,除了configuration为分离路由的计算机之外。 无论我尝试什么,我都无法将tun0的stream量转发到tun1。
有谁知道这是如何工作的?
在openvpn中分割路由向上的脚本:
vpn_route_table=10 vpn_inside_net=192.168.10.160/32 iptables -t nat -A delegate_prerouting -i $dev -j zone_wan_prerouting iptables -t nat -A delegate_postrouting -o $dev -j zone_wan_postrouting ip route flush table $vpn_route_table ip route add default via $ifconfig_remote table $vpn_route_table ip rule add from $vpn_inside_net table $vpn_route_table 路由表:
# # reserved values # 255 local 254 main 253 default 0 unspec 10 vpn # # local # #1 inr.ruhep
iptables规则来转发lanstream量:cat /etc/firewall.user
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o br-lan -j MASQUERADE
使用ifconfig:
br-lan Link encap:Ethernet HWaddr C0:4A:00:FC:48:E9 inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0 inet6 addr: fd61:6126:284f::1/60 Scope:Global inet6 addr: fe80::c24a:ff:fefc:48e9/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:74320006 errors:0 dropped:34 overruns:0 frame:0 TX packets:97509595 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:32077369688 (29.8 GiB) TX bytes:116317974636 (108.3 GiB) eth0 Link encap:Ethernet HWaddr C0:4A:00:FC:48:E9 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:5 eth1 Link encap:Ethernet HWaddr C0:4A:00:FC:48:EC inet addr:70.36.58.57 Bcast:70.36.58.255 Mask:255.255.255.0 inet6 addr: fe80::c24a:ff:fefc:48ec/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:46202978 errors:0 dropped:1 overruns:6 frame:0 TX packets:38951997 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:375520214 (358.1 MiB) TX bytes:3975201183 (3.7 GiB) Interrupt:4 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:215 errors:0 dropped:0 overruns:0 frame:0 TX packets:215 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:29057 (28.3 KiB) TX bytes:29057 (28.3 KiB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.8.0.1 PtP:10.8.0.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:17812 errors:0 dropped:0 overruns:0 frame:0 TX packets:15889 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1335093 (1.2 MiB) TX bytes:2582247 (2.4 MiB) tun1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.162.1.6 PtP:10.162.1.5 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:4138786 errors:0 dropped:0 overruns:0 frame:0 TX packets:2441546 errors:0 dropped:89167 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1241129775 (1.1 GiB) TX bytes:411691697 (392.6 MiB) wlan0 Link encap:Ethernet HWaddr C0:4A:00:FC:48:EA inet6 addr: fe80::c24a:ff:fefc:48ea/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:21731405 errors:0 dropped:0 overruns:0 frame:0 TX packets:27355975 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1631361559 (1.5 GiB) TX bytes:921843710 (879.1 MiB) wlan1 Link encap:Ethernet HWaddr C0:4A:00:FC:48:EB inet6 addr: fe80::c24a:ff:fefc:48eb/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:57896641 errors:0 dropped:0 overruns:0 frame:0 TX packets:75812276 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:503025926 (479.7 MiB) TX bytes:666046315 (635.1 MiB)