From 0181bb93d6e45e17109a41a535d69fc2c070e1a8 Mon Sep 17 00:00:00 2001
From: Werner Buck <wernerbuck@gmail.com>
Date: Mon, 24 Aug 2015 17:19:40 +0200
Subject: [PATCH] Add ability to set OVPN_NATDEVICE to target specific
 interface when using net=host

---
 bin/ovpn_run | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/bin/ovpn_run b/bin/ovpn_run
index ccb0467..7f03e44 100755
--- a/bin/ovpn_run
+++ b/bin/ovpn_run
@@ -24,14 +24,17 @@ if [ -d "$OPENVPN/ccd" ]; then
     ARGS+=("--client-config-dir" "$OPENVPN/ccd")
 fi
 
+# When using --net=host, use this to specify nat device.
+[ -z "$OVPN_NATDEVICE" ] && OVPN_NATDEVICE=eth0
+
 # Setup NAT forwarding if requested
 if [ "$OVPN_DEFROUTE" != "0" ] || [ "$OVPN_NAT" == "1" ] ; then
-    iptables -t nat -C POSTROUTING -s $OVPN_SERVER -o eth0 -j MASQUERADE || {
-      iptables -t nat -A POSTROUTING -s $OVPN_SERVER -o eth0 -j MASQUERADE
+    iptables -t nat -C POSTROUTING -s $OVPN_SERVER -o $OVPN_NATDEVICE -j MASQUERADE || {
+      iptables -t nat -A POSTROUTING -s $OVPN_SERVER -o $OVPN_NATDEVICE -j MASQUERADE
     }
     for i in "${OVPN_ROUTES[@]}"; do
-        iptables -t nat -C POSTROUTING -s "$i" -o eth0 -j MASQUERADE || {
-          iptables -t nat -A POSTROUTING -s "$i" -o eth0 -j MASQUERADE
+        iptables -t nat -C POSTROUTING -s "$i" -o $OVPN_NATDEVICE -j MASQUERADE || {
+          iptables -t nat -A POSTROUTING -s "$i" -o $OVPN_NATDEVICE -j MASQUERADE
         }
     done
 fi