How to make sure all internet traffic only goes througth VPN?

Question

I have a VPN connection and I want to make sure that all traffic use this VPN connection. I though of using iptables. ideas somebody? ten x

please can you explain in your question why your question is different from this one? http://askubuntu.com/questions/26793/enforce-vpn-connection-to-access-the-internet — fossfreedom, Jun 05 '11 at 11:22
eh? The "program" in the answer is just a GUI front end to iptables. — fossfreedom, Jun 05 '11 at 11:33

score 6 · Answer 1 · edited Sep 28 '12 at 16:43

6

By running this script at startup i solved the problem explained in your post

# Delete all existing rules
iptables -F

# Allow from local network
iptables -A OUTPUT -d 192.168.2.0/24 -j ACCEPT
iptables -A OUTPUT -s 192.168.2.0/24 -j ACCEPT

# Allow OpenVPN
iptables -A OUTPUT -p udp --dport 1194 -j ACCEPT

# Deny eth0
iptables -A OUTPUT -o eth0 -j DROP

edited Sep 28 '12 at 16:43

Oyibo

1,919

answered Sep 23 '12 at 16:23

Piezo Pea

61

innocent-world · Answer 2 · 2013-08-29T21:35:24.213

The best method is a hardware method.

Read this article: en.wikipedia.org: Network tap.

You can plug in the second machine 2 ethernet cards.

                     .----.
         .---------. | == |
         |.-"""""-.| |----|
         ||       || | == |
         ||       || |----|
         |'-.....-'| |::::|
         `"")---(""` |___.|--------.                                 /
        /:::::::::::\" _  "         \                               /
       /:::=======:::\`\`\           |                             /
      `"""""""""""""`  '-'           |          \          +      /
      Your Personal Computer        /            \_________+_____/
                                   /         +   /\________+____/\ \   
                                  /            +/ /\_______+___/\ \ \  +
                             ____/             /+/+/\______+__/\ \ \ + 
                     .----. /                 / / /+/\_____+_/\ \ \+\ \ 
                     | == |/                   / / /+/       \ \ + \ \ \
                     |----|                   / / / /         \+\_\_\_\_\_____
                     | == |----------------------E | InterNet  |_|_|_|_|_|_______
                     |----|                   \ \ \+\         / / / / / | | |
                     |::::|                  \ \ \+\ \_______/+/ / / / / / /
                     |___.|                   \ \+\ \/+______\/ + / / / / /
                     "    "                    + \  /_+_______\/ / + / / /
                 Your Tap Router              + \ \/__+________\/ /  +/ / 
                                            +  \ \/___+_________\/ / / /+
                                                \/____+_______+__\/ / /
                                                /     +___________\/ /
                                                         __________\/
                                                              ______\
                                                                  ___\
                                                                      \

And sniff everything what's going on.

2

dat graphics. respect. – Tamás Barta Jul 14 '15 at 08:16

score 1 · Answer 3 · edited Apr 13 '17 at 12:24

1

You should set up a "default route" to send your TCP/IP traffic through the VPN. man route, netstat -rn. See also To allocate data usage efficiently with two internet connections

edited Apr 13 '17 at 12:24

Community

1

answered Oct 16 '11 at 02:27

waltinator

36,399

How to make sure all internet traffic only goes througth VPN?

3 Answers3

Linked