-A POSTROUTING -s 10.8.0.0/8 -o venet0 -j MASQUERADE
e iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j SNAT --to-source X.Y.Z
onde X.Y.Z é o endereço IP real atribuído ao seu VPS. (Se isso não funcionar, tente
venet0: 0)
em este guia
Me pedem para editar /etc/ufw/before.rules e adicionar:
# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to eth0
-A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE
COMMIT
# END OPENVPN RULES
problema é que este vps não tem eth0
root@vps:~# ifconfig -a
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:917 errors:0 dropped:0 overruns:0 frame:0
TX packets:917 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:304657 (304.6 KB) TX bytes:304657 (304.6 KB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:1812 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:104145 (104.1 KB) TX bytes:3072 (3.0 KB)
venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:127.0.0.2 P-t-P:127.0.0.2 Bcast:0.0.0.0 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:13233 errors:0 dropped:0 overruns:0 frame:0
TX packets:13936 errors:0 dropped:1855 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2282467 (2.2 MB) TX bytes:4621340 (4.6 MB)
venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:17.14.12.9 P-t-P:17.14.12.9 Bcast:17.14.12.9 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
Eu tentei
# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to eth0
-A POSTROUTING -s 10.8.0.0/8 -o venet0 -j MASQUERADE
COMMIT
# END OPENVPN RULES
e
# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to eth0
-A POSTROUTING -s 10.8.0.0/8 -o venet0:0 -j MASQUERADE
COMMIT
# END OPENVPN RULES
mas sempre timeouts ao fazer ping a partir dos clientes depois de conectar
P.S. suponha que 17.14.12.9 é um IP público real e venet0: 0 é a interface que o possui
-A POSTROUTING -s 10.8.0.0/8 -o venet0 -j MASQUERADE
e iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j SNAT --to-source X.Y.Z
onde X.Y.Z é o endereço IP real atribuído ao seu VPS. (Se isso não funcionar, tente
venet0: 0)