March 17, 2013

Creative Commons License
Setting Up a LAN With Multiple Gateway/interface With Iptables and Route Policy Under Awesome Linux by sunus Lee is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

The Script of ArchLinux in solution Two

(setArch.sh) download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

#!/bin/bash

if [ `whoami` != 'root' ]
then
    echo "need root!"
    exit 1
fi

# Change this to your interface name, could it be eth* or p*p*.
IFACE="wlp4s0"
# Change this to your route addr.
ROUTE="192.168.1.1"
# Change this to your vpn **Server addr**
VPNHOST="221.239.126.9"
VPNADDR=`ifconfig ppp0|grep -P -o '(?<=inet )[0-9.]*'`
VPNROUTE=`ifconfig ppp0|grep -P -o '(?<=destination )[0-9.]*'`
echo "VPN-ADDR:"$VPNADDR
cmd="ip route add $VPNHOST via $ROUTE dev $IFACE"
echo $cmd
$cmd
cmd="route add default gw $VPNROUTE"
echo $cmd
$cmd
cmd="route del default gw $ROUTE"
echo $cmd
$cmd
# The net is the route's subnet. be careful.
route add -net 192.168.1.0/24 gw 192.168.1.1
echo -e 'nameserver 8.8.8.8\nsearch 8.8.4.4' > /etc/resolv.conf

The Script of Route in final solution

  • see the Working iptables rules at here:
    • https://gist.github.com/sunuslee/5179422
    • you probobly need to modify this file a little bit, or just create your own with 
      1

      iptables-save > filename
    • make sure you have PPP0-IP in that file. because this script will replace PPP0-IP with the real PPP0-IP address.
    • you need to put the file working-iptables-rules along with setroute.sh, in the same directory.
    • if you are interested, those lines contain sunus-a/b/c/d are the Log, demonstration of how the packets went through all the way from one end to another.
    • this may have bugs, most likely.
Setting the route (setroute.sh) download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

#!/bin/sh


SUNUS_IP='192.168.1.169'
VPN_ROUTE=`ifconfig ppp0|grep -o 'P-t-P:[0-9.]*'|tr -d 'P-t-P:'`
VPN_IP=`ifconfig ppp0|grep -o 'addr:[0-9.]*'|tr -d 'addr:'`
TMP_RULES_FILE='/tmp/TRF'
ROUTE_TABLE='sunusroute'
if [ "$VPN_ROUTE" = "" -o "$VPN_IP" = "" ]
then
  echo -e "\n*********\n"
  echo "No VPN-Connection"
  echo "Make sure your xl2tp is working"
  echo -e "\n*********\n"
  exit 1
fi

sed "s/PPP0-IP/$VPN_IP/" working-iptables-rule > $TMP_RULES_FILE
echo -e "\n*********\n"
echo "VPN-ROUTE:"$VPN_ROUTE
echo "VPN-ADDR:"$VPN_IP

ip route add default via $VPN_ROUTE dev ppp0 table $ROUTE_TABLE
ip rule add from $SUNUS_IP table $ROUTE_TABLE
ip route flush cache

echo "setting ip rules and route-policy successfully"
echo -e "\n*********\n"

echo -e "\n*********\n"
iptables-restore < $TMP_RULES_FILE
echo "setting iptables successfully"
echo -e "\n*********\n"

echo -e "\n*********\n"
echo "NOW SUNUS CAN USING THE VPN CONNECTING!"
echo -e "\n*********\n"
Read More

Git: rebase is better than pull

why we should use rebase more often, 为什么要多使用rebase Continue reading

Mit 6828 lab2 Memory Management

Published on December 06, 2013

Mit 6828 lab1 ex12, Backtrace

Published on October 13, 2013