Created
March 2, 2018 21:45
-
-
Save DeadSix27/5d4aec84a46e8fcd58eae377237ba36c to your computer and use it in GitHub Desktop.
namespace example using a noexec up down scrirpt for ovpn
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ########### netns-script | |
| #!/bin/sh | |
| case $script_type in | |
| up) | |
| echo up | |
| ip netns add vpn | |
| ip netns exec vpn ip link set dev lo up | |
| ip link set dev "$1" up netns vpn mtu "$2" | |
| ip netns exec vpn ip addr add dev "$1" \ | |
| "$4/${ifconfig_netmask:-30}" \ | |
| ${ifconfig_broadcast:+broadcast "$ifconfig_broadcast"} | |
| if [ -n "$ifconfig_ipv6_local" ]; then | |
| ip netns exec vpn ip addr add dev "$1" \ | |
| "$ifconfig_ipv6_local"/112 | |
| fi | |
| ;; | |
| route-up) | |
| echo route-up | |
| ip netns exec vpn ip route add default via "$route_vpn_gateway" | |
| if [ -n "$ifconfig_ipv6_remote" ]; then | |
| ip netns exec vpn ip route add default via \ | |
| "$ifconfig_ipv6_remote" | |
| fi | |
| ;; | |
| down) | |
| echo down | |
| ip netns delete vpn | |
| ;; | |
| esac | |
| ############# | |
| ### Simply run ovpn now. | |
| sudo openvpn --ifconfig-noexec --route-noexec --up /usr/bin/netns-script --route-up /usr/bin/netns-script --down /usr/bin/netns-script --config VPN.ovpn | |
| ## Now I got ovpn running on a namespace. but without a local address to connect to it .. only the ext-ip from the vpn |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment