看了一下 Brazilfw 似乎也是 linux ... 也是 iptables
還要在 Brazilfw 多設
-i tun? -o internet -j nat
或用
-s 10.8.0.2
但問題是怎麼每次取得同介面或同 IP , 不然要動態改 iptables
網路上找到這篇,先試試看。
Here you should can connect with OpenVPN server thru VPN. However general web browsing will be accomplished with direct connections that bypass the VPN.
If you want to browse web thru VPN , please continue to follow the steps below.
1. Add the following directive to the server configuration file 'server.conf'
push "redirect-gateway def1"
push "dhcp-option DNS 168.95.1.1"
2. Setting NAT routing for VPN client on server
#vi /etc/openvpn/start-nat.sh
#!/bin/bash
ipt="/sbin/iptables"
# Clean the all rules
$ipt -F
$ipt -X
$ipt -t nat -F
$ipt -t nat -X
# Enable ip_forward
echo "1" > /proc/sys/net/ipv4/ip_forward
# For NAT routing
$ipt -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
$ipt -t nat -L
#cd /etc/openvpn
#./start-nat.sh
==============================================================================
還是不行,我對 iptables 看來要加強了,還是另外架一台 proxy server 讓openvpn 連回時透過proxy server 出去?這方式可行嗎?
