Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
delbonis 20cb3f17b9 added everything 1 рік тому
README.md added everything 1 рік тому
config.txt added everything 1 рік тому
natfwd.sh added everything 1 рік тому
transmissionwrap.sh added everything 1 рік тому
vpnhook.sh added everything 1 рік тому
vpnns-ns.service added everything 1 рік тому
vpnns-transmission.service added everything 1 рік тому
vpnns-vpn.service added everything 1 рік тому
vpnwrap.sh added everything 1 рік тому

README.md

vpnwrap

scripts for doing things

it runs a thing in a separate net namespace with only a vpn’s network interface so it’s literally impossible for it to access the outside world, but it also opens a single port into the program from your local machine so that you can still talk to it for like rpcs or whatever

you’ll probably have to modify these for your own setup, but I put everything in vars at the top of scripts so it’s not too hard, just search for CONFIG: and then comment out the exit 1 if there is one

  • mostly in config.txt
  • some things in transmissionwrap.sh
  • take a look at natfwd.sh in case you need to change anything there

dependencies

  • iptables
  • ufw
  • transmission
  • openvpn
  • bash I guess

installation

I set most this up on /opt/vpnwrap so the systemd services are written assuming that, but once you create the dirs for everything it’s fairly easy

make sure you download config files for your vpn, and configure it for those

the only other thing to remember is to deal with the dns resolver config, since in a net namespace glibc doesn’t use /etc/resolv.conf

add this to /etc/netns/vpnns/resolv.conf (or whatever) to fix that

nameserver 208.67.222.222
nameserver 208.67.220.220