我想通过 VPN 路由所有流量,除了实际的 VPN 连接本身。我试图弄清楚当建立连接(全隧道,而不是分割隧道)时,某些 VPN 客户端执行的底层命令是什么。
我了解他们使用 0.0.0.0/1 和 128.0.0.0/1 - 实现的底层技巧:https://www.tinc-vpn.org/examples/redirect-gateway/
我不明白我应该运行什么实际命令。我试过:
route add 0.0.0.0 mask 128.0.0.0 if 60
route add 128.0.0.0 mask 128.0.0.0 if 60
route add 52.59.92.187 mask 255.255.255.0 192.168.1.1
在接口列中,我确实注意到它有“3c”而不是接口的 IP 地址,但我不知道为什么它在那里......
我应该运行什么命令?
λ route print
===========================================================================
Interface List
16...00 ff 54 f0 df db ......TAP-Windows Adapter V9 #2
3...d4 81 d7 2d d7 68 ......Realtek USB GbE Family Controller
26...0a 00 27 00 00 1a ......VirtualBox Host-Only Ethernet Adapter #3
22...f8 63 3f 12 6e da ......Microsoft Wi-Fi Direct Virtual Adapter
6...fa 63 3f 12 6e d9 ......Microsoft Wi-Fi Direct Virtual Adapter #3
60...00 ff 5a ea 2f 77 ......TAP-Windows Adapter V9
20...f8 63 3f 12 6e d9 ......Intel(R) Dual Band Wireless-AC 8265
24...f8 63 3f 12 6e dd ......Bluetooth Device (Personal Area Network) #2
1...........................Software Loopback Interface 1
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.16 25
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.109 50
0.0.0.0 128.0.0.0 10.0.54.1 3c 38
52.59.92.187 255.255.255.255 192.168.1.1 192.168.1.109 51
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
128.0.0.0 128.0.0.0 10.0.54.1 3c 38
192.168.0.0 255.255.255.0 On-link 192.168.0.16 281
192.168.0.16 255.255.255.255 On-link 192.168.0.16 281
192.168.0.255 255.255.255.255 On-link 192.168.0.16 281
192.168.1.0 255.255.255.0 On-link 192.168.1.109 306
192.168.1.109 255.255.255.255 On-link 192.168.1.109 306
192.168.1.255 255.255.255.255 On-link 192.168.1.109 306
192.168.56.0 255.255.255.0 On-link 192.168.56.1 281
192.168.56.1 255.255.255.255 On-link 192.168.56.1 281
192.168.56.255 255.255.255.255 On-link 192.168.56.1 281
192.168.137.0 255.255.255.0 On-link 192.168.137.1 281
192.168.137.1 255.255.255.255 On-link 192.168.137.1 281
192.168.137.255 255.255.255.255 On-link 192.168.137.1 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.56.1 281
224.0.0.0 240.0.0.0 On-link 192.168.1.109 306
224.0.0.0 240.0.0.0 On-link 3c 291
224.0.0.0 240.0.0.0 On-link 192.168.137.1 281
224.0.0.0 240.0.0.0 On-link 192.168.0.16 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.56.1 281
255.255.255.255 255.255.255.255 On-link 192.168.1.109 306
255.255.255.255 255.255.255.255 On-link 3c 291
255.255.255.255 255.255.255.255 On-link 192.168.137.1 281
255.255.255.255 255.255.255.255 On-link 192.168.0.16 281
===========================================================================
Persistent Routes:
None
答案1
不完全确定原因,但是当我将 tinc 从路由器模式更改为交换机模式时,我能够设置网关,并且一切都按我预期的方式工作。
可能与 TAP 设备有关。