我为此绞尽脑汁了一段时间,但最终还是放弃了。我对路由和 iptables 的了解似乎太有限了,无法理解这一点。
我已经在我的 openwrt 路由器上配置了拆分路由情况。我的网络中的一台计算机正在使用 vpn 服务连接到互联网(192.168.10.160,tun1)。从我的家庭网络,我可以通过它的正常 ip 访问这台计算机。每当我在路上时,我都可以通过 vpn 服务器(tun0)访问我的家庭网络。我可以访问我家庭网络上的所有计算机,除了配置为拆分路由的计算机。无论我怎么尝试,我都无法将流量从 tun0 转发到 tun1。
有人知道这是如何运作的吗?
openvpn中分割路由脚本:
vpn_route_table=10
vpn_inside_net=192.168.10.160/32
iptables -t nat -A delegate_prerouting -i $dev -j zone_wan_prerouting
iptables -t nat -A delegate_postrouting -o $dev -j zone_wan_postrouting
ip route flush table $vpn_route_table
ip route add default via $ifconfig_remote table $vpn_route_table
ip rule add from $vpn_inside_net table $vpn_route_table
路由表:
#
# reserved values
#
255 local
254 main
253 default
0 unspec
10 vpn
#
# local
#
#1 inr.ruhep
转发局域网流量的 Iptables 规则:cat /etc/firewall.user
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o br-lan -j MASQUERADE
ifconfig:
br-lan Link encap:Ethernet HWaddr C0:4A:00:FC:48:E9
inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fd61:6126:284f::1/60 Scope:Global
inet6 addr: fe80::c24a:ff:fefc:48e9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:74320006 errors:0 dropped:34 overruns:0 frame:0
TX packets:97509595 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:32077369688 (29.8 GiB) TX bytes:116317974636 (108.3 GiB)
eth0 Link encap:Ethernet HWaddr C0:4A:00:FC:48:E9
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:5
eth1 Link encap:Ethernet HWaddr C0:4A:00:FC:48:EC
inet addr:70.36.58.57 Bcast:70.36.58.255 Mask:255.255.255.0
inet6 addr: fe80::c24a:ff:fefc:48ec/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:46202978 errors:0 dropped:1 overruns:6 frame:0
TX packets:38951997 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:375520214 (358.1 MiB) TX bytes:3975201183 (3.7 GiB)
Interrupt:4
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:215 errors:0 dropped:0 overruns:0 frame:0
TX packets:215 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:29057 (28.3 KiB) TX bytes:29057 (28.3 KiB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:17812 errors:0 dropped:0 overruns:0 frame:0
TX packets:15889 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1335093 (1.2 MiB) TX bytes:2582247 (2.4 MiB)
tun1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.162.1.6 P-t-P:10.162.1.5 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:4138786 errors:0 dropped:0 overruns:0 frame:0
TX packets:2441546 errors:0 dropped:89167 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1241129775 (1.1 GiB) TX bytes:411691697 (392.6 MiB)
wlan0 Link encap:Ethernet HWaddr C0:4A:00:FC:48:EA
inet6 addr: fe80::c24a:ff:fefc:48ea/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:21731405 errors:0 dropped:0 overruns:0 frame:0
TX packets:27355975 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1631361559 (1.5 GiB) TX bytes:921843710 (879.1 MiB)
wlan1 Link encap:Ethernet HWaddr C0:4A:00:FC:48:EB
inet6 addr: fe80::c24a:ff:fefc:48eb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:57896641 errors:0 dropped:0 overruns:0 frame:0
TX packets:75812276 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:503025926 (479.7 MiB) TX bytes:666046315 (635.1 MiB)