[ale] Iptables based routing

Michael H. Warfield mhw at WittsEnd.com
Tue Oct 7 18:02:12 EDT 2014


On Tue, 2014-10-07 at 16:40 -0400, Chris Fowler wrote:
> I'm doing an experiment where I have a Beaglebone Black running as an
> access point.   Inside of that I'm running OpenVPN.
> 
> 
> I would like to try multiple OpenVPN profiles on the BBB, but route
> specific IPs out those tunnels. 
> 
> 
> 192.168.42.100 would go down path A.
> 192.168.42.101 would go down path B.

If you are talking about the source addresses here, you are probably
going to need to resort to IP policy routing and the ip2 package and ip
command.  That's not iptables.  You'll probably have to set up some
policy routing tables and routing rules.  The "ip" command is not the
best documented command but it's really at the heart of policy routing.
> 
> The 192.168.42.0/24 segment would be any wireless device.  None would
> run OpenVPN.
> I would have a web page on the BBB that allows a user to "login" and
> then map their IP down
> a path.

> Would iptables do this?

If you are trying to route by source (local) address, you MIGHT be able
to do it using iptables but it's really not the right tool for the job.
> 
> Chris

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 465 bytes
Desc: This is a digitally signed message part
URL: <http://mail.ale.org/pipermail/ale/attachments/20141007/cb7aaa8a/attachment.sig>


More information about the Ale mailing list