Add ability to set OVPN_NATDEVICE to target specific interface when using net=host
This commit is contained in:
parent
e557222753
commit
0181bb93d6
11
bin/ovpn_run
11
bin/ovpn_run
@ -24,14 +24,17 @@ if [ -d "$OPENVPN/ccd" ]; then
|
|||||||
ARGS+=("--client-config-dir" "$OPENVPN/ccd")
|
ARGS+=("--client-config-dir" "$OPENVPN/ccd")
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# When using --net=host, use this to specify nat device.
|
||||||
|
[ -z "$OVPN_NATDEVICE" ] && OVPN_NATDEVICE=eth0
|
||||||
|
|
||||||
# Setup NAT forwarding if requested
|
# Setup NAT forwarding if requested
|
||||||
if [ "$OVPN_DEFROUTE" != "0" ] || [ "$OVPN_NAT" == "1" ] ; then
|
if [ "$OVPN_DEFROUTE" != "0" ] || [ "$OVPN_NAT" == "1" ] ; then
|
||||||
iptables -t nat -C POSTROUTING -s $OVPN_SERVER -o eth0 -j MASQUERADE || {
|
iptables -t nat -C POSTROUTING -s $OVPN_SERVER -o $OVPN_NATDEVICE -j MASQUERADE || {
|
||||||
iptables -t nat -A POSTROUTING -s $OVPN_SERVER -o eth0 -j MASQUERADE
|
iptables -t nat -A POSTROUTING -s $OVPN_SERVER -o $OVPN_NATDEVICE -j MASQUERADE
|
||||||
}
|
}
|
||||||
for i in "${OVPN_ROUTES[@]}"; do
|
for i in "${OVPN_ROUTES[@]}"; do
|
||||||
iptables -t nat -C POSTROUTING -s "$i" -o eth0 -j MASQUERADE || {
|
iptables -t nat -C POSTROUTING -s "$i" -o $OVPN_NATDEVICE -j MASQUERADE || {
|
||||||
iptables -t nat -A POSTROUTING -s "$i" -o eth0 -j MASQUERADE
|
iptables -t nat -A POSTROUTING -s "$i" -o $OVPN_NATDEVICE -j MASQUERADE
|
||||||
}
|
}
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
|
Loading…
Reference in New Issue
Block a user