delbonis
20cb3f17b9
added everything
|
2 年之前 | |
|---|---|---|
| README.md | 2 年之前 | |
| config.txt | 2 年之前 | |
| natfwd.sh | 2 年之前 | |
| transmissionwrap.sh | 2 年之前 | |
| vpnhook.sh | 2 年之前 | |
| vpnns-ns.service | 2 年之前 | |
| vpnns-transmission.service | 2 年之前 | |
| vpnns-vpn.service | 2 年之前 | |
| vpnwrap.sh | 2 年之前 | |
README.md
vpnwrap
scripts for doing things
it runs a thing in a separate net namespace with only a vpn’s network interface so it’s literally impossible for it to access the outside world, but it also opens a single port into the program from your local machine so that you can still talk to it for like rpcs or whatever
you’ll probably have to modify these for your own setup, but I put everything
in vars at the top of scripts so it’s not too hard, just search for CONFIG:
and then comment out the exit 1 if there is one
- mostly in config.txt
- some things in transmissionwrap.sh
- take a look at natfwd.sh in case you need to change anything there
dependencies
- iptables
- ufw
- transmission
- openvpn
- bash I guess
installation
I set most this up on /opt/vpnwrap so the systemd services are written
assuming that, but once you create the dirs for everything it’s fairly easy
make sure you download config files for your vpn, and configure it for those
the only other thing to remember is to deal with the dns resolver config, since
in a net namespace glibc doesn’t use /etc/resolv.conf
add this to /etc/netns/vpnns/resolv.conf (or whatever) to fix that
nameserver 208.67.222.222
nameserver 208.67.220.220